
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
252
|
Chapter 9: Securing Internet Email
web interface that interacts with an MDA). Therefore we’ll also cover MDA security
basics, how to secure the popular Cyrus IMAP MDA with both SSL and LDAP, and
then end with a brief discussion of email encryption.
Background: MTA and SMTP Security
MTAs move email from one host or network to another. This task contrasts with
that of Mail Delivery Agents (MDAs), which move mail within a system (i.e., from an
MTA to a local user’s mailbox, or from a mailbox to a file or directory). In other
words, MTAs are like the mail trucks (and airplanes, trains, etc.) that move mail
between post offices; MDAs are like the letter carriers who distribute the mail to
their destination mailboxes. Procmail is one popular MDA on Linux systems.
In addition to MTAs and MDAs, there are various kinds of email readers, including
POP3 and IMAP clients, for retrieving email from remote mailboxes. These clients
are also known as Mail User Agents (MUAs), of which Mutt, MS-Outlook, Pine, and
Evolution are popular examples. There is no real-world analogue of these, unless
your letters are handed to you each day by a servant whose sole duty is to check your
mailbox now and then. But we’re not concerned with MUAs or MDAs, except to
mention how they relate to MTAs.
Most MTAs support ...