TIP: Click on subject to list as thread! ANSI
echo: rberrypi
to: KIWI USER
from: THE NATURAL PHILOSOPHER
date: 2018-01-04 22:28:00
subject: Re: screen resolution as
On 04/01/18 20:41, Kiwi User wrote:
> On Thu, 04 Jan 2018 19:45:44 +0000, The Natural Philosopher wrote:
>
>> Basically I have unlimited access from my (fixed) home address - I had
>> opened ssh up so I could access it from  abroad, but I am back home now,
>> so I have shut the lot down.
>>
> Fair comment
>
>> Now the only globally open ports are smtp, ssmtp, pop3, http and https.
>> And one other I won't mention.
>>
>> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www
>> ACCEPT     tcp  --  anywhere             anywhere            tcp
>> dpt:ssmtp ACCEPT     tcp  --  anywhere             anywhere
>> tcp dpt:smtp ACCEPT     tcp  --  anywhere             anywhere
>>   tcp dpt:pop3 ACCEPT     tcp  --  anywhere             anywhere
>>    tcp dpt:https ACCEPT     tcp  --  anywhere             anywhere
>>      tcp dpt:xxxxx REJECT     all  --  anywhere             anywhere
>>        reject-with icmp-port-unreachable
>>
>> On the internet the default should always be 'only let in what you
>> absolutely need, and then only once you have worked out how to hack it,
>> and blocked that too'
>>
> Most of these are obvious and sensible given that you're running a
> webserver and, presumably, a mainserver that accepts SMTP connections.
>
> Indeed, but one has me curious: why is pop3 open?
>
> I assume you're running a public or semi-public POP3 server, since using
> it to collect mail from an ISP doesn't require an externally accessible
> POP3 port.
>

Correct. A friend is also using it, from a BT dynamic IP setup.

I dont understand what you mean by 'using it to collect mail from an ISP'.

Why on earth would I want to be 'collecting mail from an ISP'?

Since ISPS don't have mail to collect. They are merely connectivity devices.

I mean what is the POINT of having your own domains and server, if you
then 'use it to collect mail from somewhere else?

Mail comes on and out via SMTP and SSMTP

POP3 is how it gets to me inside my network, as I don't want to open an
SMTP port into my home network



--
"I am inclined to tell the truth and dislike people who lie consistently.
This makes me unfit for the company of people of a Left persuasion, and
all women"

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | FidoUsenet Gateway (3:770/3)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.