masqmail security
=================

masqmail is not intended to listen on a port open to the internet. Its normal
operation is on workstations and listening only on localhost.
Generally masqmail should only listen on a port accessable by only trusted
users. Therefor a firewall should be set up to protect against attacks.

Security is not a primary goal of masqmail, because its jobs is normally not in
dangerous areas. But secrurity should always be a secondary goal, especially for
everything that communicates with/via the internet. (And also for programs that
run suid-root, like all mail transfer agents.)

masqmail should be hardened in future! A common and good way to do that is to
split it up in several programs, each doing one particular job with only the
needed rights. This approach is taken by qmail for example.
postfix took qmail as inspiration and is nearly as secure as it---in contrast to
sendmail which implements a monolitic architecture.
But monolitic architectures must not be bad in general. exim for example shows
that a monolitic MTA can be secure---if it one cared about it.