Thanks Brian, Sorry if my questions are a bit inane. Feel free to point me at reading material if I'm being too much of a noob.
Ok, so based on what you are saying postfix can be made sufficiently secure without TLS or and SSL certificate. I'm thinking about when users login to fetch their email. How is that auth procedure made secure? In terms of the IP addresses, I wasn't all that clear. I meant what happens when your webserver is at one IP but your email server is at a different IP. Can you set it up this way so that DNS points to the right place based on whether the user is trying to go to the website or trying to send email. Thanks, matt 2009/10/16 Brian Evans - Postfix List <grkni...@scent-team.com>: > Matt Friedman wrote: >> Hi, >> >> For an internet facing postfix server, is TLS strictly required? Do I >> need to obtain an SSL certificate for this? >> > > No and No. > >> What would happen if I didn't use TLS? Would I be inviting spammers >> and hackers to take over my postfix installation? Are there >> alternative security measures that are as secure or better? >> > > TLS is to email as HTTPS is to web browsing. > They provide no protection for programs themselves. > Security of your system is only as tight as your firewall. >> Another question. If I have example.com setup to point to the IP >> address 70.222.222.23 can I have u...@example.com go to another IP? >> > > Do you mean message routing? > If so, use transport_maps. >
