On Fri, Oct 16, 2009 at 03:38:26PM -0400, Brian Evans - Postfix List wrote:
> > What would happen if I didn't use TLS? Would I be inviting spammers
> > and hackers to take over my postfix installation? Are there
> > alternative security measures that are as secure or better?
> >
>
> TLS is to email as HTTPS is to web browsing.
> They provide no protection for programs themselves.
It protects traffic, and in most cases (for better or mostly worse),
just authentication traffic. So you need TLS with email when:
- You allow plaintext authantication for mobile users using
a submission (typically port 587) service where you host is
the outbound SMTP server for the roaming users.
- You receive sensitive data via email, and would like to keep
it safe(r). This is mostly a business-to-business feature.
> Security of your system is only as tight as your firewall.
No, it is only as good as the software running on the host behind the
firewall.
> > Another question. If I have example.com setup to point to the IP
> > address 70.222.222.23 can I have u...@example.com go to another IP?
>
> Do you mean message routing?
> If so, use transport_maps.
I think the question is about incoming email from outside, i.e. the OP
is not familiar with MX records, (but is familiar with "example.com",
which is promising). Any decent book on DNS and email should cover
setting up MX records for the "example.com" domain.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
