Securing Submisssion on Exim

I noticed a significant increase in the number of hosts attempting to authenticate to my Exim submission ports (465 and 587). As a result, I have implemented a number of security measures. These measures have effectively blocked the attempts. This post outlines the main measures that I have implemented. This includes ACLs and fail2ban blacklisting.

DNS for Email Servers

This article provides a quick overview of the DNS records required for an email server and presents a minimal sample configuration. The example assumes that you are running servers for both email and the web. Comments indicating the changes if you are using a third-party provider are provided.

MX on a Dynamic IP Address

I often see posts asking about running a mail server on a Dynamic IP address. Twenty years ago I started running my server on a dynamic IP address. However, times have changed, and it is more difficult to do so. Stil, there are mail server roles that work reasonably well on a dynamic IP address.