2.2.11 Ensure IMAP and POP3 server is not enabled (Scored)
Profile Applicability
Level 1 - Server Level 1 - Workstation
Description
dovecot
is an open source IMAP and POP3 server for Linux based systems.
Rationale
Unless POP3 and/or IMAP servers are to be provided by this system, it is recommended that the service be deleted to reduce the potential attack surface.
Audit
Run the following commands to verify dovecot
is not enabled:
# systemctl is-enabled dovecot disabled
Verify result is not “enabled”.
Remediation
Run the following command to disable dovecot
:
# systemctl disable dovecot
Notes
Several IMAP/POP3 servers exist and can use other service names. exim
and cyrus-imap
are example services that provide an HTTP server. These and other services should also be audited.