Le 10/05/2012 19:09, john a écrit :
> Off topic, but related to this thread.
>
> I/we use Squirrelmail and while we have not had any problems with it I
> wonder (and as this is this list seems to be the home of email gurus) if
> there are any recommendations as to a better solution, particularly one
> that would work in a postfix/dovecote environment.
>
(please don't top post. put your replies after the text you reply too.
google for "top posting" if this isn't clear).
- enforce ssl (https). don't allow plain http:// urls.
=> don't configre automated redirects.
your real users must know where it is
(rationale: given the number of sites available via plain http,
miscreantes don't seem to have enoug incentives to attack ssl based ones).
- you can use geo controls: in general, posts from Nigeria or the like
are suspicious and can be "quarantined" or passed to a strict filter...
here, you can have a whitelist, a blacklist, a greylist, etc... (for
travelling users, you can setup special procedures...).
- ensure traceability: you should be able to find which account was used
to post which message.
- if using passwords, establish a password policy. (I am not
recommending anything here: just define what you accept and know it! the
idea is that your password policy will indicate what you should check etc).
=> with phishing, password strength isn't enough...
- at MTA level, detect "anomalies" (too much mail from an account, too
much reected mail, ...) and block webmail if bad things happen (ie fail
on the safe side).
- don't use "common" urls such as
http[s]://vhost/squirrelmail/
http[s]://vhost/roundcube/
http[s]://vhost/rc/
...
(rationale: avoid noise and get rid of blind robots)
... etc.
