Skip to Main Content
Linux Server Security, Second Edition
book

Linux Server Security, Second Edition

by Michael D. Bauer
January 2005
Intermediate to advanced content levelIntermediate to advanced
544 pages
23h 44m
English
O'Reilly Media, Inc.
Content preview from Linux Server Security, Second Edition
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
Background: MTA and SMTP Security
|
253
into a DMZ network. Now your gateway can be isolated from both the Internet and
the internal network by a firewall (see Chapter 2).
Therefore, I recommend, even to organizations with only one email server, the addi-
tion of an SMTP gateway, even if their server already has SMTP functionality.
But what if your firewall is your FTP server, email server, etc.? Although the use of
firewalls for any service hosting is scowled upon by the truly paranoid, this is com-
mon practice for very small networks (e.g., home users with broadband Internet con-
nections). In this particular paranoiac’s opinion, DNS and SMTP can, if properly
configured, offer less exposure for a firewall than services such as HTTP.
For starters, DNS and SMTP potentially involve only indirect contact between
untrusted users and the server’s filesystem. (I say “potentially” because it’s certainly
possible, with badly written or poorly configured software, to run extremely inse-
cure DNS and SMTP services.) In addition, many DNS and SMTP servers (e.g.,
BIND and Postfix) have chroot options and run as unprivileged users. These two fea-
tures reduce the risk of either service being used to gain root access to the rest of the
system if they’re compromised in some way.
SMTP Security
There
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Linux: Powerful Server Administration

Linux: Powerful Server Administration

Uday Sawant, Oliver Pelz, Jonathan Hobson, William Leemans
Linux Server Hacks

Linux Server Hacks

Rob Flickenger
Linux Server Hacks, Volume Two

Linux Server Hacks, Volume Two

William von Hagen, Brian K. Jones

Publisher Resources

ISBN: 0596006705Supplemental ContentCatalog PageErrata