¶
Security Checklist
¶
Initial Setup
Change default admin password
Enable TFA for all admins
Configure firewall rules
Set up SSL certificates
Configure SPF/DKIM/DMARC
¶
Ongoing Maintenance
Apply security updates monthly
Review authentication logs weekly
Monitor spam quarantine daily
Test backup restoration quarterly
Review user access permissions monthly
¶
Advanced Hardening
Enable read-only containers (where feasible)
Set resource limits
Drop container capabilities
Configure rate limiting
Enable MTA-STS
Implement DANE TLSA records (optional)
¶
Back Link
mailcow Security