Changing Exim to use another port is a trivial and quick task in SSH, and takes just a minute or two.
This will work with or without any panel, in any version of Linux, but know that this is being done in CentOS 5.6 32-bit with DirectAdmin, Exim 4, Dovecot, Roundcube and SquirrelMail. This is a typical managed Linux VPS from
JaguarPC (an excellent host that's ranked highly on
our suggested hosts list).
Why change ports? I was tired of the brute force attack emails being generated by DirectAdmin, so I disabled unnecessary mail services (POP3, SSL connections). At the same time, I wanted to keep webmail available, so I changed the SMTP port in Exim. ---- Note that we're not using POP3 on this VPS, just webmail and outgoing mail as generated by WordPress and
vBulletin.
Brute force? There's always somebody that wants to hack your server. Common failed email login/username attempts include: sales, info, admin, administrator, help, webmaster, contact, john, james, sally, david, chris ... and lots of other common names. So if you're using a generic email account, or have a generic first name, you may want to change it to something else slightly more unique.
Anyway, this is how you change the port:
Step 1: Log in as root in SSH -- or su to root, if root logins have been disabled as a good admin should -- and use a text editor (like nano or vi) to edit the Exim config file. In this example, I'm using nano.
Code:
[root@vps]# nano /etc/exim.conf
The Exim conf file has probably 100 lines of "stuff" at the beginning of the file before it gets into the actual configuration options.
Tip: Make your Putty/SSH window full-screen, to see more. The default window is ridiculously tiny.
Step 2: Scroll down until you find this line with the port settings:
Code:
daemon_smtp_ports = 25 : 587
In the CSF (via the DirectAdmin plugin for CSF), I've already disallowed incoming requests to 25 and 587, so neither ports do anything anymore. I've opted to just change one of the ports (25). The other one (587) was left alone. I may add SSL later, and can change the port for it at that time, as well as open a hole in the firewall.
Step 3: Change "25" to your new port. Or change "587" to your new port, if you're using an alternate port (SSL). For example:
Code:
daemon_smtp_ports = 2525 : 587
Note: Because 2525 is a commonly scanned port, you'll want another number. Pick something unused and 4-digit.
^X (CTRL+X) to exit nano, Y to save, pick the same filename (exim.conf), and you'll be thrown back out to SSH.
Step 4: Restart Exim.
Code:
[root@vps]# service exim restart
Step 5: Don't forget to add the new port in CSF.
You should now be able to log into webmail (like Roundcube or SquirrelMail), yet have a port that is obscured enough to not be an easy target. Security by obscurity does work to some degree, and it should curtail the inbox filling warning messages from the brute force detection.
If you have any questions, or need any help, just post a reply here.
Hope this has helped.
__________________
Need a good host?
Find one here -->
List of the Best Web Hosts in 2012 - Shared, reseller and VPS hosting
