
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
Postfix
|
285
Example 9-19 lists these directives on our sample Sendmail server dmzmail.polkatistas.
org, which is set up to be both a TLS server and a client.
After you set these directives, regenerate sendmail.cf, and restart sendmail, your
server will accept encrypted SMTP sessions via the STARTTLS command.
Postfix
Wietse Venema’s program, Postfix, provides an alternative to Sendmail that is sim-
pler in design, more modular, and easier to configure and administer. Equally impor-
tant, it’s designed with scalability, reliability, and security as fundamental
requirements.
This part of the chapter brings you up to speed quickly on how to use Postfix as a
secure means of exchanging your network’s email with Internet hosts. In particular,
I’ll focus on deploying Postfix on firewalls, in DMZs, and in other settings in which
your SMTP server will have contact with untrusted systems.
I won’t go into nearly as much depth with Postfix as I just did with Sendmail. The
whole point of Postfix is ease of use: you’ll have no problem figuring out how to use
Postfix given little more than the documentation and example configurations
included with Postfix itself.
Postfix Architecture
On the one hand, since Postfix can do most of what Sendmail can, its architecture is
arguably as complex or even a little