This chapter will examine security issues inherent in Simple Mail Transfer Protocol (SMTP) and in
sendmail, the world's most popular mail transport agent. It will also look at Qmail, a
sendmail replacement that offers substantial security advantages over the traditional
sendmail configuration supplied with most Linux installations.
The most widely used email transport protocol today is the Simple Mail Transfer Protocol (SMTP). Each day, SMTP is used to transfer millions of email messages to destinations around the globe.
SMTP servers work with a limited ruleset:
Accept an incoming message.
Check the message's addresses.
If they're local addresses, store the message for retrieval.
If they're remote addresses, ...