Re: Nice to See an Article About This
Personally, I do have IMAP over SSL available from everywhere, and also authenticated submission on port 587.
Generally, that doesn't seem to have caused any problems; looking at the number of failed SASL attempts in the logs, most days there are fewer than ten; a busy day still comes up with fewer than 50.
I have the remote submission port because I have SPF set up fairly strictly on some of my domains, and I still want to be able to send messages from anywhere, so my phone (using Maildroid) sends everything that way.
I could use a VPN instead, and I do have one of the other systems on the network set up to allow access that way, but it's fiddly to have to use all the time, and of course some networks I might connect to block VPNs.
I wouldn't say I've ever noticed any significant attempts to connect to the IMAP server over the years; certainly, you get nowhere near the hammering on your hardware that you do when you have a SIP server!
Biting the hand that feeds IT
