How safe is exposing login page to internet

ricksanches

Hi,
My current setup of Mailcow allows all of the login pages to be accessed over the internet. Is this something I should be concerned about. Can my server get compromised?

esackbauer

No, Mailcow was designed to be safe. it brings its own firewall rules in the docker networks, and also has Netfilter/fail2ban to prevent brute force attacks.
And its not only the login page open for everyone on the internet, its also port 25 SMTP to be able to receive mails…

RobertVanWeersch

I’ve been running MailCow on my home-hosted server for many years, with the login pages (both admin and Sogo) exposed to the web. Those pages are meant to be used like that. What use is webmail if you can’t access it or have to use a VPN to access them?