Securing Postfix
Postfix is a replacement for Sendmail which has several security advantages over Sendmail. Postfix consists of several small programs that perform their own small task. And almost all programs run in a chroot jail. These are just a few examples why Postfix is recommended over Sendmail.
Linux servers that are not dedicated mail or relay servers should not accept external emails. However, it is important for production servers to send local emails to a relay server.
Before you continue on a Red Hat system, make sure Postfix is activated using the following command:
The following parameters in /etc/postfix/main.cf should be set to ensure that Postfix accepts only local emails for delivery:
inet_interfaces = localhost
The parameter mydestination lists all domains to receive emails for. The parameter inet_interfaces specifies the network to liston on.
Once you’ve configured Postfix, restart the mail system with the following command:
To verify whether Postfix is still listening for incoming network request, you can run one of the following commands from another node:
# telnet [ip address] 25
Don’t run these commands on the local host since Postfix is supposed to accept connections from the local node.
Leave a Reply
You must be logged in to post a comment.