Yes and no. You want to leave ftp open, too, just in case for port upgrading/downloading, plus you would want to do monitoring across the wire (Nagios or something, maybe?). You could, though, do a dual-NIC setup and have one be a private network LAN for the servers if you aren't already considering it.
On Jan 5, 2011, at 1:48 PM, Mark Moellering wrote: > Since I am going to be setting up a mail server sometime next week and have > to keep things like this in mind; > would it make sense to run pf and block all outbound traffic that isn't on > port 25 ( port 995 , etc) and force any web administration programs onto a > port other than 80 to help with this sort of thing? Any other thoughts on > how to make sure future installations can be kept secure? > > As always, thanks in advance to everyone, > > Mark Moellering > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[email protected]" _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
