Conclusion
Email systems that provide email-relaying services to end users can be secured in a number of ways. Among the methods are POP before SMTP, tunneling SMTP via a TLS channel, and SMTP AUTH/STARTTLS. We chose to cover SMTP AUTH/STARTTLS because it has wide support among email clients and servers and is relatively easy to implement on the covered MTAs.
The basis for implementing SMTP AUTH/STARTLS for Sendmail and Postfix is the Cyrus SASL library. Although there are a number of front-end mechanisms, we decided to cover only the LOGIN and PLAIN front-end mechanisms because they are supported in the most modern email clients. In order to get full end-to-end encryption, TLS must be used. qmail support for SMTP AUTH/STARTTLS is provided by ...
Get Slamming Spam: A Guide for System Administrators now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
