Thanks 
I think I use some other polling mode, via Direct-delivery incoming email for self-hosted sites
Another setting that probably should be disabled is allow index in robots txt
And also added Restrict access to your Discourse site with HTTP Basic Authentication.