Resources

The following sources of information address not only security but also many other important aspects of SMTP and MTA configuration.

SMTP Information

  1. ftp://ftp.isi.edu/in-notes/rfc2821.txt. RFC 2821, “Simple Mail Transfer Protocol.” (Useful for making sense of mail logs, SMTP headers, etc.)

  2. http://www.sendmail.org/~ca/email/other/cagreg.html. Shapiro, Gregory Neil. “Very brief introduction to create a CA and a CERT.”. (A bare-bones procedure for generating a Certificate Authority certificate, generating server/client certificates, and using the CA certificate to sign server and client certificates. Handy for people who want to use X.509 mechanisms such as STARTTLS without becoming X.509 gurus.)

Sendmail Information

  1. Costales, Bryan, with Eric Allman. sendmail, Sebastopol, CA: O’Reilly & Associates, 1997. (The definitive guide to Sendmail. Chapters 19 and 34 are of particular interest, as they concern use of the m4 macros — most of the rest of this weighty tome covers the ugly insides of sendmail.cf ).

  2. http://www.itworld.com/Net/3314/swol-0699-security/. Fennelly, Carole. “Setting up Sendmail on a Firewall, Part III.” Unix Insider 06/01/1999. (Excellent article on running Sendmail 8.9 and later in a chroot environment.)

  3. http://www.sendmail.net/000705securitygeneral.shtml. Allman, Eric and Greg Shapiro. “Securing Sendmail.” (Describes many built-in security features in Sendmail and offers security tips applicable to most Sendmail installations.)

  4. http://www.sendmail.net/000710securitytaxonomy.shtml ...

Get Building Secure Servers with Linux now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.