0

For a while now I've been getting logwatch reports that indicate bots/scripts are trying to login with POP3 on my server. However I have not set this up, and am not using it as far as I'm aware (using Gmail MX).

Is it save to stop running the courier-service, or are other services (perhaps postfix, logwatch or sendmail) dependend on this?

Björn
  • 131
  • 4

1 Answers1

0

If you are not using a service like courier-pop or any other service, it will be always a good idea to disable it especially for publicly-accessible machines. This provides more security (less running services/opened ports) and less resources usage.

Khaled
  • 36,533
  • 8
  • 72
  • 99
  • Indeed, I was thinking the same. I do know non the domains on the server have MX records configured to this server (they do elsewhere). Can I safely disable courier-pop in that case? Or might sendmail or PHP be relient on this for some reason? – Björn Aug 13 '12 at 09:52
  • @Björn: sendmail is related to SMTP and it is not related to POP. If you are not using this machine for accessing your email inbox, then you can safely disable it. – Khaled Aug 13 '12 at 11:21
  • Okay thanks, great to hear I don't need it :) – Björn Aug 13 '12 at 11:43
  • You need local mail delivery - just disabling Courier compromises the functionality / security your system - you need to replace it with a local MDA such as deliver / procmail – symcbean Aug 13 '12 at 12:43
  • @symcbean: Hmm okay.. so it's a bit more complicated.. when Googling I found this: http://www.bloovis.com/wordpress/?p=176 is that a good replacement? – Björn Aug 13 '12 at 13:58
  • No - I didn't say replace the MTA - just change the MDA – symcbean Aug 13 '12 at 22:01
  • @symcbean: Ah okay, could you perhaps write your solution as an answer and explain how to do this? I'm not that savvy with this.. – Björn Aug 14 '12 at 06:14