On Tue, Sep 03, 2002 at 08:47:02PM -0400, Stephen Gran wrote: > Hello all, > > I'm getting ready to set up a mail server, and I have a few questions > that I was hoping people would have opinions on. Right now I have a box > that collects my mail with fetchmail, and then allows other boxes on the > LAN to collect from it via qpopper. All direct outside access is > blocked, first with iptables, and then with both tcpwrap and qpopper > itself. (...) That's a common question, how about reading (first): http://www.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.en.html#s5.6 ?
In any case, as other's suggested, the most sensible thing to do is to *not* create accounts and configure PAM to use an external database. This can be just a separate user/password list, an LDAP or a full-blown database. Your option. For a (brief) overview see http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html#s4.10 Best regards Javier
