> > It is an *ANCIENT* reference, but the but the O'Reilly book "Building > Internet > Firewalls" describes a simple program called smap.
It runs without root privileges and ONLY accepts incoming SMTP connections, > dropping messages into a queue for processing by another program. > (Could this be the MAILDROP queue perhaps?) Postfix smtpd is pretty powerful, see "STANDARDS" section: http://www.postfix.org/smtpd.8.html I am not sure if "smap" supports all of that (STARTTLS is very important IMHO) I am not a security expert, but I believe it should be possible to create a virtual machine dedicated to email processing. If an attacker breaks it and gets root privileges on this machine it still wouldn't do much harm to the other services.
