What do you think about installing NC and a mail server (postfix+dovecot+spamd) on the same VPS?
I’m not worried about performances since it will be only used by 2/3 people on this VPS, I’m wondering about possible security breach.
Would you do that?
That is the setup that I am using at the moment. There is no noticeable interaction or collision between the mail server and NC. I don’t offer POP3 or IMAP access, only IMAPS and (S)SMTP. There are also no overlapping accounts on the mail server and the NC installation, so if an account should be compromised on either, it won’t be possible to use that account to log in to the other. NC is only available over HTTPS so no plaintext passwords go over the wire/over the air.
I use Fail2ban to protect the available services against brute force attempts and have a fairly strict iptables setup, including some automated blocklists.
I feel the VPS is adequately protected but of course the more services you offer, the larger the attack surface.