[ale] Secure e-mail server

Michael Trausch mike at trausch.us
Tue Feb 21 19:40:31 EST 2012


Depends on how you are defining "secure", here. I run Postfix and Dovecot
and find that they work well together. If I had centralized authentication
and Dovecot 2.0, I think I would be very happy, but right now I have
neither.

The big thing you want after checking that you're not spammer-friendly is
to ensure that you do not generate backscatter. Backscatter is a form of
spamming which relies on an MX to be unaware of all valid recipients.
Without that, the MX will store and forward literally everything, which
will generate bounces when the primary MX received and rejects mail sent to
an invalid user.

In short: make sure the mail systems are all using the same database and
rejecting mail for non-existent users in the SMTP conversation, instead of
later when a bounce is required.

--
Sent from my Ice Cream Sandwich powered Kindle Fire!
Pardon any typos...
On Feb 21, 2012 4:11 PM, "Stephen Haywood" <stephen at averagesecurityguy.info>
wrote:

> I want to move my domain from google apps to a personal server. Are there
> any good guides for setting up a secure smtp server?
>
> --
> Stephen Haywood
> Information Security Consultant
> CISSP, GPEN, OSCP
> T: @averagesecguy
> W: averagesecurityguy.info
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20120221/2044a785/attachment.html 


More information about the Ale mailing list