I think Kevin Spacey may be one of the best (most skilled) actors of his generation, and among the best across several generations. A true peer of Dustin Hoffman.
I was shocked by the allegations, and crushed when it became evident (to me) that it wasn’t a smear campaign.
In a way it’s crazy that I can be so emotionally engaged with someone I’ve never met, likely never will, and who has no idea I exist. OTOH, it’s not surprising when people we respect, or even idolize, turn out to be not only merely human, but morally flawed in particularly inexcusable ways.
I still feel sad and betrayed by Spacey, and it’ll forever taint my ability to enjoy his incredible performances.
That’s not an easy question to answer, since it depends on your use case. Of you’re running a mail server, you need SMTP; if you aren’t, you don’t. There is no one-size-fits-all.
However, I will suggest an approach that can guide you:
In the end, you may have only 3 ports open: https, SMTP, and IMAP. Assuming you’ve secured the web, smtp, and imap servers, this is about as secure as you’re going to get with a single server.
If you are able to, run each service on it’s own VPS: web server on one, IMAP and SMTP on another, and any web applications on their own servers. Connect them only via your VPN, and only through necessary ports, and close everything else. Shut down ssh between the servers, only allowing ssh connections from your laptop. Personally, I think it’s not too bad to run web apps in podman containers and expose those ports to the proxy server over there VPN, but ideally there’d be one VPS poet app, with servers not being able to talk to each other through the firewall.
TL;DR: secure your network before focusing on shutting down and removing programs. Lock down your firewall. Set up a private VPN, and restrict as much internal traffic to it as possible.