1. Home
  2. Linux systems
  3. Secure Linux-based Servers

Section 7.6. Resources

The following sources of information address not only security but also many other important aspects of SMTP and MTA configuration.

7.6.1 SMTP Information

  1. ftp://ftp.isi.edu/in-notes/rfc2821.txt. RFC 2821, "Simple Mail Transfer Protocol." (Useful for making sense of mail logs, SMTP headers, etc.)

  2. http://www.sendmail.org/~ca/email/other/cagreg.html. Shapiro, Gregory Neil. "Very brief introduction to create a CA and a CERT.". (A bare-bones procedure for generating a Certificate Authority certificate, generating server/client certificates, and using the CA certificate to sign server and client certificates. Handy for people who want to use X.509 mechanisms such as STARTTLS without becoming X.509 gurus.)

7.6.2 Sendmail Information

  1. Costales, Bryan, with Eric Allman. sendmail, Sebastopol, CA: O'Reilly & Associates, 1997. (The definitive guide to Sendmail. Chapters 19 and 34 are of particular interest, as they concern use of the m4 macros ? most of the rest of this weighty tome covers the ugly insides of sendmail.cf).

  2. http://www.itworld.com/Net/3314/swol-0699-security/. Fennelly, Carole. "Setting up Sendmail on a Firewall, Part III." Unix Insider 06/01/1999. (Excellent article on running Sendmail 8.9 and later in a chroot environment.)

  3. http://www.sendmail.net/000705securitygeneral.shtml. Allman, Eric and Greg Shapiro. "Securing Sendmail." (Describes many built-in security features in Sendmail and offers security tips applicable to most Sendmail installations.)

  4. http://www.sendmail.net/000710securitytaxonomy.shtml. Durham, Mark. "Securing Sendmail on Four Types of Systems."

  5. http://www.sendmail.net/usingsmtpauth.shtml. Durham, Mark. "Using SMTP AUTH in Sendmail 8.10."

  6. http://www.sendmail.net/810usingantispam.shtml. "Using New AntiSpam Features in Sendmail 8.10."

  7. http://www.sendmail.org/~ca/email/starttls.html. "SMTP STARTTLS in sendmail/Secure Switch."

  8. http://mail-abuse.org/rbl. Home of the Realtime Blackhole List, which is a list of known sources of UCE.

7.6.3 Postfix Information

  1. http://www.postfix.org. (The definitive source for Postfix and its documentation.)

  2. http://msgs.securepoint.com/postfix/. (Archive site for the Postfix mailing list.)



    		Building Secure Servers with Linux
    		Preface
    		Chapter 1. Threat Modeling and Risk Management
    		Chapter 2. Designing Perimeter Networks
    		Chapter 3. Hardening Linux
    		Chapter 4. Secure Remote Administration
    		Chapter 5. Tunneling
    		Chapter 6. Securing Domain Name Services (DNS)
    		Chapter 7. Securing Internet Email
    		Section 7.1. Background: MTA and SMTP Security
    		Section 7.2. Using SMTP Commands to Troubleshoot and Test SMTP Servers
    		Section 7.3. Securing Your MTA
    		Section 7.4. Sendmail
    		Section 7.5. Postfix
    		Section 7.6. Resources
    		Chapter 8. Securing Web Services
    		Chapter 9. Securing File Services
    		Chapter 10. System Log Management and Monitoring
    		Chapter 11. Simple Intrusion Detection Techniques
    		Appendix A. Two Complete Iptables Startup Scripts
    		Colophon