1. Exim.
Enable extended logging :
Add the following line in exim, below the first line recommended
log_selector = +address_rewrite +all_parents +arguments
+connection_reject +delay_delivery +delivery_size +dnslist_defer
+incoming_interface +incoming_port +lost_incoming_connection +queue_run
+received_sender +received_recipients +retry_defer +sender_on_delivery
+size_reject +skip_delivery +smtp_confirmation +smtp_connection
+smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn
+\

Fommail Trap
http://void.thunderteam.org/fm-trap.html

For Securing Exim i found this a Good resource
http://www.rvskin.com/index.php?page=public/antispam

2. Httpd :

install mod_security
install mod_dosevasive (causes problem with FP sometimes though)

3. PHP

disable_functions = “system,exec”

eAccelerator for PHP acceleration
http://sourceforge.net/projects/eaccelerator

4. Some small recommended apps

Install BFD from rfxnetworks.net
Install LSM from rfxnetworks.net
APF from rfxnetworks.net ( since we have portsentry not really required )
rkhunter can be found on www.rootkit.nl

5. cpanel script to disable compilers incase we have not done this yet
/scripts/compilers off

6. MYSQL

mysql query cache
vi /etc/my.cnf
query-cache-type = 1
query-cache-size = 100M
100M can be changed according to how busy the server is

7. Securing some binaries

chmod 750 /usr/bin/rcp
chmod 750 /usr/bin/wget
chmod 750 /usr/bin/lynx
chmod 750 /usr/bin/links
chmod 750 /usr/bin/scp
chmod 000 /etc/httpd/proxy/