Mercurial > docs > diploma
annotate docs/masqmail-security.txt @ 389:f94b01639e2a
added acknowledgments
author | meillo@marmaro.de |
---|---|
date | Fri, 06 Feb 2009 15:59:33 +0100 |
parents | 33149fbcac81 |
children |
rev | line source |
---|---|
25
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
1 masqmail security |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
2 ================= |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
3 |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
4 masqmail is not intended to listen on a port open to the internet. Its normal |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
5 operation is on workstations and listening only on localhost. |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
6 Generally masqmail should only listen on a port accessable by only trusted |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
7 users. Therefor a firewall should be set up to protect against attacks. |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
8 |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
9 Security is not a primary goal of masqmail, because its jobs is normally not in |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
10 dangerous areas. But secrurity should always be a secondary goal, especially for |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
11 everything that communicates with/via the internet. (And also for programs that |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
12 run suid-root, like all mail transfer agents.) |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
13 |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
14 masqmail should be hardened in future! A common and good way to do that is to |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
15 split it up in several programs, each doing one particular job with only the |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
16 needed rights. This approach is taken by qmail for example. |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
17 postfix took qmail as inspiration and is nearly as secure as it---in contrast to |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
18 sendmail which implements a monolitic architecture. |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
19 But monolitic architectures must not be bad in general. exim for example shows |
33149fbcac81
added mta-comparision and texts about masqmail
meillo@marmaro.de
parents:
diff
changeset
|
20 that a monolitic MTA can be secure---if it one cared about it. |