Open Source E-mail Security

Richard Blum

Publisher: SAMS, 2001, 504 pages

ISBN: 0-672-32237-4

Keywords: IT Security, Networks

Last modified: Nov. 15, 2008, 2:07 a.m.

In this book you'll learn the technology underlying secure e-mail systems, from the protocols involved to the open source software packages used to implement e-mail security. This book explains the secure MIME (S/MIME) protocol and how it is used to protect data transmitted across the Internet. It also explains the concepts crucial to stopping spam messages using the three most popular open source mail packages—sendmail, qmail, and postfix. It presents detailed configurations showing how to avoid accepting messages from known open relays and how to filter known spam messages. Advanced security topics are also covered, such as how to install and implement virus scanning software on the mail server, how to use SMTP authentication software, and how to use the SSL protocol to secure POP, IMAP, and WebMail servers.

  1. E-MAIL PRINCIPLES.
    1. E-mail Basics.
      • Unix E-mail Systems.
      • E-mail Protocols.
      • E-mail Security.
      • Summary.
    2. SMTP.
      • SMTP Description.
      • Extended SMTP.
      • Message Formats.
      • Summary.
    3. POP3.
      • Description of the Post Office Protocol.
      • POP3 Authentication Methods.
      • POP3 Client Commands.
      • Open Source POP3 Implementations.
      • Summary.
    4. IMAP.
      • Description of the Interactive Message Access Protocol.
      • IMAP Authentication Methods.
      • IMAP Client Protocol.
      • Open Source IMAP Implementations.
      • Summary.
    5. MIME.
      • The Uuencode Program.
      • MIME and Binary Data.
      • S/MIME.
      • Open Source MIME Packages.
      • MIME with PGP.
      • Summary.
    6. Reading E-mail Headers.
      • Decoding Forged E-mail Headers.
      • Using DNS Programs to Track E-mail Hosts.
      • Using External Spam Services.
      • Summary.
  2. SERVER SECURITY.
    1. Securing the UNIX Server.
      • Monitoring Log Files.
      • Preventing Network Attacks.
      • Blocking Network Access to the Server.
      • Detecting Break-ins.
      • Summary.
    2. The sendmail E-mail Package.
      • What Is sendmail?
      • Configuring sendmail.
      • Using the m4 Preprocessor.
      • The sendmail Command Line.
      • Installing sendmail.
      • Securing sendmail.
      • Summary.
    3. The qmail E-mail Package.
      • What Is qmail?
      • Control Files.
      • Downloading and Compiling the qmail Source Code.
      • Configuring qmail.
      • Using the qmail sendmail Wrapper.
      • Receiving SMTP Messages.
      • qmail and Security.
      • Summary.
    4. The Postfix E-mail Package.
      • What Is Postfix?
      • Downloading and Compiling Postfix.
      • Configuring Postfix.
      • Starting Postfix.
      • Postfix and Security.
      • Summary.
    5. Preventing Open Relays.
      • Open and Selective Relaying.
      • Configuring Selective Relaying.
      • Avoiding Open Relays.
      • Summary.
    6. Blocking Spam.
      • Methods Used to Block Spam.
      • Implementing Spam Blocking.
      • Summary.
    7. Filtering Viruses.
      • Methods Used to Block Viruses.
      • Implementing Virus Filtering.
      • Implementing Virus Scanning.
      • Summary.
  3. E-MAIL SERVICE SECURITY.
    1. Using E-mail Firewalls.
      • The SMTP VRFY and EXPN Commands.
      • Disabling the VRFY and EXPN Commands.
      • Using an E-mail Firewall.
      • Creating an E-mail Firewall.
      • Summary.
    2. Using SASL.
      • What Is SASL?
      • The Cyrus-SASL Library.
      • Implementing SASL.
      • Testing the SASL Server.
      • Summary.
    3. Secure POP3 and IMAP Servers.
      • The SSL Family of Protocols.
      • The OpenSSL Package.
      • Using UW IMAP with SSL.
      • Summary.
    4. Secure Webmail Servers.
      • What Is Webmail?
      • The TWIG Webmail Server.
      • The MySQL Database.
      • The Apache Web Server with PHP Support.
      • Installing the TWIG Webmail Server.
      • Summary.

Reviews

Open Source E-mail Security

Reviewed by Roland Buresund

Very Good ******** (8 out of 10)

Last modified: May 21, 2007, 3:16 a.m.

This is a real technical, hands-on book about e-mail security, as implemented by open-source components. Screw policies, this is the techie side of security. A very good read though.

Comments

There are currently no comments

New Comment

required

required (not published)

optional

required

captcha

required