O'Reilly logo

Building Secure Servers with Linux by Michael D. Bauer

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 7. Securing Internet Email

Like DNS, email’s importance and ubiquity make it a prime target for vandals, thieves, and pranksters. Common types of email abuse include the following:

  • Eavesdropping confidential data sent via email

  • “Mail-bombing” people with bogus messages that fill up their mailbox or crash their email server

  • Sending messages with forged sender addresses to impersonate someone else

  • Propagating viruses

  • Starting chain-letters (hoaxes)

  • Hijacking the email server itself to launch other types of attacks

The scope and severity of these threats are not helped by the complication inherent in running an Internet email server, specifically a Mail Transfer Agent (MTA). It requires a working understanding of the Simple Mail Transfer Protocol (SMTP), as well as a mastery of your MTA application of choice. There really aren’t any shortcuts around either requirement (although some MTAs are easier to master than others).

There are a number of MTAs in common use. Sendmail is the oldest and traditionally the most popular. Postfix is a more modular, simpler, and more secure alternative by Wietse Venema. Qmail is another modular and secure alternative by Daniel J. Bernstein. Exim is the default MTA in Debian GNU/Linux. And those are just a few!

In this chapter we’ll cover some general email security concepts, and then we’ll explore specific techniques for securing two different MTAs: Sendmail, because of its popularity, and Postfix, because it’s my preferred MTA.

Background: MTA and ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required