Skip to Main Content
Network Security Hacks
book

Network Security Hacks

by Andrew Lockhart
April 2004
Intermediate to advanced content levelIntermediate to advanced
320 pages
9h 10m
English
O'Reilly Media, Inc.
Content preview from Network Security Hacks

Set Up TLS-Enabled SMTP

Protect your users’ in-transit email from eavesdroppers.

If you have set up encrypted POP and IMAP services [Hack #47] , your users’ incoming email is protected from others once it reaches your servers, but what about their outgoing email? You can protect outgoing email quickly and easily by setting up your MTA to use Transport Layer Security (TLS) encryption. Virtually all modern email clients support TLS—enable it by simply checking a box in the email account preferences.

If you’re using Sendmail, you can check to see if it has TLS support compiled-in by running this command:

$ sendmail -bt -d0.1

This will print out the options that your sendmail binary was compiled with. If you see a line that says STARTTLS, then all you need to do is supply some additional configuration information to get TLS support working. However, if you don’t see this line, you’ll need to recompile sendmail.

Before recompiling sendmail, you will need to go into the directory containing sendmail’s source code and add the following lines to devtools/Site/site.config.m4:

APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS') 
APPENDDEF(`conf_sendmail_LIBS', `-lssl -lcrypto')

If this file doesn’t exist, simply create it. The build process will automatically include the file once you create it. The first line in the example will cause TLS support to be compiled into the sendmail binary, and the second line will link the binary with libssl.so and libcrypto.so.

After adding these lines, you can recompile ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Linux: Powerful Server Administration

Linux: Powerful Server Administration

Uday Sawant, Oliver Pelz, Jonathan Hobson, William Leemans

Publisher Resources

ISBN: 0596006438Catalog PageErrata