reading my dovecot.conf/main.cf,
do you think that this is a secure configuration?

do you think that my VPS can be attaked to serve spam?
I'm really afraid about that, can I do more to improve my security?

I closed all the unused port, configured iptables with enforcing security...

thanks

I have one more question if possible...
Why thunderbird make me check email using SSL,
but I can't use "encrypted connection" option?
If I enable this option in thunderbird I've got, APOP not enable message.

I read tons of guide but I haven't solved this problem yet.


/var/log/maillog
told this when the error occur:
May 21 13:53:55 li62-51 dovecot: pop3-login: Disconnected: rip=::ffff:[my_client_ip], lip=::ffff:[my_vps_ip], TLS

this is the complete maillog
when trying to send email from phone:

May 21 18:04:23 li62-51 dovecot: auth(default): new auth connection: pid=4319
May 21 18:04:25 li62-51 dovecot: pop3-login: SSL_accept() failed: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure [::ffff:151.81.4.71]
May 21 18:04:25 li62-51 dovecot: pop3-login: Disconnected: rip=::ffff:my_client_ip, lip=::ffff:my_server_ip, TLS handshake

I solved by add a comment on
smtpd_tls_auth_only = yes
in the main.cf file...

Do you think that this is terrible for security?

Did you bother to read the documentation for that parameter?

I know what this parameter means,
I'm only asking if commenting this parameter may create some security issue.

bump.