Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ======2.2.11 Ensure IMAP and POP3 server is not enabled (Scored)====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== ''dovecot'' is an open source IMAP and POP3 server for Linux based systems. =====Rationale===== Unless POP3 and/or IMAP servers are to be provided by this system, it is recommended that the service be deleted to reduce the potential attack surface. =====Audit===== Run the following commands to verify ''dovecot'' is not enabled: <Code:bash> # systemctl is-enabled dovecot disabled </Code> Verify result is not "enabled". =====Remediation===== Run the following command to disable ''dovecot'': <Code:bash> # systemctl disable dovecot </Code> =====Notes===== Several IMAP/POP3 servers exist and can use other service names. ''exim'' and ''cyrus-imap'' are example services that provide an HTTP server. These and other services should also be audited. centos7/2/2/11.txt Last modified: 2017/05/04 16:48by Piotr Kłoczewski