Chapter 6. Building Secure Mail Servers

Previous page
Table of content
Next page
 < Day Day Up > 

Laugh-a while you can, monkey-boy.

Lord John Whorfin
The Adventures of Buckaroo
Banzai Across the 8th Dimension

Providing mail service can mean several things. When a user clicks Send, the message must be transported from their system through intervening mail servers to the destination machine. Mail Transport Agents, or MTAs, are responsible for getting mail from point A to point B. Mail transport is the backbone of mail service.

Of course, mail transport is not the whole story. Once on the destination system, the Mail Delivery Agent, or MDA, is responsible for placing the mail message into a user's inbox. No discussion of providing mail service can be complete without covering mail delivery.

Mail delivery is often taken for granted by users. From their perspective, mail consists of messages sitting in their inbox accessed through webmail or a mail client. We refer to such programs as Mail User Agents, or MUAs. These programs utilize mail access protocols like the Post Office Protocol (POP), the Internet Message Access Protocol (IMAP), and the Messaging Application Programming Interface (MAPI). Mail access is the third key component of mail service.

The single function of providing mail service is complex, but can be done in a secure fashion with a little planning and diligence. We begin by looking at risks associated with providing mail services. This motivates our discussion of mail architecture and subsequent software configuration as mitigation techniques. As mail service is an expansive topic, we focus on securing the MTA.

Email has become central to our online lives. For most people, it's the primary means of electronic communication. While those clever little email forwards used to make [some of] us chuckle, they're now just meaningless messages in a pile of ever-increasing virus-laden junk mail.

Despite this increase in unsolicited commercial email (UCE or spam) and inherent problems in the design of the Simple Mail Transfer Protocol (SMTP), few people relish the thought of giving up email altogether. Delays, corruptions, or interruptions can have major detrimental effects. The fact that people have come to rely on it so much makes them very sensitive to failures in email delivery. It's this dependence on the service in the face of adversity that makes email critical.

As security-minded system administrators, we must guarantee both the security and availability of the services required for mail access, transport, and delivery while at the same time mitigating the risks. By looking at the kinds of attacks levied against mail servers in general, we can begin to think about how to ensure that these attacks against our servers fail.

     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Mastering FreeBSD and OpenBSD Security
    Practical Guide to Software Quality Management (Artech House Computing Library)
    ISBN: 596006268
    EAN: 2147483647
    Year: 2003
    Pages: 142
    Authors: John W. Horch
    BUY ON AMAZON
    A Practitioners Guide to Software Test Design
    C++ GUI Programming with Qt 3
    Visual C# 2005 How to Program (2nd Edition)
    AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
    Web Systems Design and Online Consumer Behavior
    Java All-In-One Desk Reference For Dummies
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy