I use a tinc vpn mesh between the nodes. iptables only allows the nodes
to talk to each on port 655, all else is dropped. Works well. I also
have a setup using zerotier for the same thing - my ansible deployment
playbook will use either one.
DC.
On 2023-05-14 11:29 am, Daniel Miller via dove
On 14/5/23 23:29, Daniel Miller via dovecot wrote:
I only allow explicit service traffic through. IMAPS, SMTPS, etc. If
doveadm is communicating via the IMAP(S) ports then all I can do via
firewall is block countries. Which of course I can but I'm asking
about any additional hardening for Dove
On Sun, 14 May 2023, Daniel Miller via dovecot wrote:
I only allow explicit service traffic through. IMAPS, SMTPS, etc. If doveadm
is communicating via the IMAP(S) ports then all I can do via firewall is
block countries. Which of course I can but I'm asking about any additional
hardening for D
I only allow explicit service traffic through. IMAPS, SMTPS, etc. If
doveadm is communicating via the IMAP(S) ports then all I can do via
firewall is block countries. Which of course I can but I'm asking about any
additional hardening for Dovecot itself.
--
Daniel
On May 13, 2023 6:25:06 PM je
On 14/5/23 09:14, Daniel L. Miller via dovecot wrote:
May 12 15:45:58 cloud1 dovecot: doveadm(194.165.16.78): Error: doveadm
client not compatible with this server (mixed old and new binaries?)
May 13 03:44:31 cloud1 dovecot: doveadm(45.227.254.48): Error: doveadm
client not compatible with
