DOCSLIB.ORG

Mechanisms of Processing E-Mail on Linux Mail Servers: Reducing Security Risks of Using Html Code in E-Mail

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Mechanisms of processing e-mail on Linux mail servers: reducing security risks of using html code in e-mail T. Vrbanec, B.S. D. Radošević, Ph.D. Professor Ž. Hutinski, Ph.D. Teachers College in Čakovec Faculty of Organization and Informatics Faculty of Organization and Informatics Ante Starčevića 55, Čakovec, Croatia University of Zagreb University of Zagreb Phone: +385 (0)40 370 030 Pavlinska 2, Varaždin, Croatia Pavlinska 2, Varaždin, Croatia Fax: +385 (0)40 370 025 Phone: +385 (0)42 213 777 Phone: +385 (0)42 213 777 E-mail: [email protected] E-mail: [email protected] E-mail: [email protected] Abstract - The widespread and rapidly growing use of html According to the Yeenky Group web surwey [1], Microsoft format of e-mail is accompanied with the presence of the assesses it has an 85% market share of servers of the so- malicious code (viruses, worms, active scripts, trojans, redi- called small and medium business subjects, with projected rection to malicious web contents, and other similar things), 65% increase of sale of Windows servers in 2005. On the especially in the light of the widespread illegal advertising. other hand, according to the same source, rate of growth of Apart from the antivirus tools and the tools used to remove new Linux servers on the market is constantly increasing, spam, on Linux mail servers there are other tools like from 15% in 2001 to 40% of total number of new servers Procmail, Maildrop, CSMail and MIMEdefang, which can also in the world in 2004. Today, the number of new Linux and be used to filter e-mail. In this paper the authors have shown Windows servers is almost equal. Nevertheless, [2] Linux a method for the development of the programme solution is gaining advantage in multiprocessor servers and in or- which can be added to the above mentioned tools. By using ganizations with the need for cluster operations of the the suggested method the html contents is sorted out from the servers. messages by putting it into the compressed attachment and Based on the research made between December 2002 thus leaves the pure text in the message. The user has thus and April 2003 [3], we can make synthesis of tendencies of been secured from the above mentioned threats and can de- usage of individual operational systems for mail servers cide for himself whether he wants to open the attachment or (Figure 1). We should emphasize the fact that the sample not. of mail servers included in the research in December 2002 is not representative, although in the case of mail servers it is hard to say how extensive the sample would have to be I. INTRODUCTION to be called representative, i.e. what is the total number of mail servers in the world. Transference of electronic messages requires (mail) According to the study of Radicati Grupe [4], 651 mil- servers which complete their tasks through SMTP, POP3 lions of people in the world use e-mail regularly, and this and IMAP protocols. The majority of mail servers in use number will, according to the same source, increase to today can be placed under one of two categories: Linux or 850 millions by 2008 Windows. It is hard to asses their percentage of the market. Dec-02 Jan-03 Feb-03 Mar-03 Apr-03 60% 25000 Others: 52,39% 50% 20000 Linux: 43,51% Others: 41,47% 40% Linux: 38,74% 15000 30% MS Windows: 28,69% Share [%] Others: 27,80% Linux: 28,04% Sample Size 10000 20% MS Windows: 19,79% MS Windows: 19,57% 5000 10% 0% 0 Dec-02 Jan-03 Feb-03 Mar-03 Apr-03 Time SAMPLE SIZE: 2841 SAMPLE SIZE: 22046 SAMPLE SIZE: 21258 Figure 1 MAIL Servers Operating Systems According to [5], the traffic of digital data doubles every ers. It is possible [9, 10] that the future will bring some year, while according to Moore’s law, the power of proces- change, since Microsoft itself, as the world’s largest manu- sors doubles “only” every 18 months. This lag is being facturer of operational systems and office packages, seems compensated mostly by increase of the number of servers. to be aware of the dangers related to it, and proposes to its Unfortunately, the researches like [1] show that the per- users the change of settings which transforms html parts of centage of unwanted e-mail in total number of e-mails in e-mails into pure text. 2004 was, according to different sources, between 38% Many users do not have rights for change of the settings and 88% of all e-mails, while 7% of e-mails are infected. of applications they start. Some use clients for e-mail read- According to [6, 7], the so-called "phishing" of user’s ing and sending which cannot turn off sending of html accounts and financial data through e-mail during first half forms of e-mails [11]. of 2004 increased by monthly rate of 50%. Some 70% of There are many dangers for e-mail recipient: users received phishing e-mails, and some 5-15% was • Viruses successfully deceived, i.e. they disclosed their confidential • Worms user and/or financial data. According to the same source, company MessageLabs argues that the number of variants • Trojans of such e-mails increased in just six months from 279 to • Malicious code (active scripts, program accessories 215643. According to [8], the defense consists of powerful – parasite code) web and mail authentication and of digital signature of e- • Redirection to malicious Internet contents mails. We should also mention that FBI [8] considers • “Phishing" of confidential user data, mostly finan- phishing to be the most important new threat on the Inter- cial net (July 2003.). • Web bugs Mail servers can successfully function with installed OS • Programs which change user’s dial up settings. and Mail Transport Agent like Sendmail. Many of them have other useful functions, like filtering of unwanted All threats stemming from html form of e-mail can be emails or checking emails for some kind of infection. It divided into two groups of reasons: depends upon the number of users of that server, and upon 1. html code can be executed, i.e. html code is, in limitations of time, equipment, finances and educated sys- broader sense, executive code (it can contain code tem administrators. in java script, VBscript, etc.) Although the two main contestants in “market race” 2. html code can endanger the user’s privacy. have different characteristics of safety of operative systems There are no definite methods of user’s self-defense, ex- and applications, as well as different time of response to cept that he/she defines sending and reading of messages in omissions in their codes, in this paper we will not address form of pure text in e-mail settings [12]. this issue. Nevertheless, we have noticed the three main On various web sites with very different informative reasons the users increasingly rely on Linux mail servers. functions, it could happen that the data we received from In this, we consider the objectivity or subjectivity of these them are not the data which that web site should have sent. reasons perceived in the moment of decision about plat- Namely, if we follow the specially shaped link which form for mail server to be irrelevant: could also be present in html part of e-mail, this web site, • Perception of lower total costs i.e. server can send wrong data, unwanted images and • Confidence that the program support of open code programs, as well as the malicious scripts whose effect is is manufactured with fewer security omissions compromise of users' data [13]. • Shorter time needed for solving possible security Some of the ways in which the user can be exposed to omissions. the influence of malicious scripts are: • Following of the links to the web sites to which we do not have full confidence, e-mails or posts on II. E-MAIL THREATS news groups. • Usage of interactive forms on web sites which we do not trust completely. In the beginning of the development of the Internet, while the interchange of e-mail was in its early stages, the • Review of dynamically generated sites whose con- one and only form it used was pure text. Attachment and tent or author is unknown. html forms appeared later. Many users from this age, as In case of malicious script usage, the attacker may get well as their students, shrink from the use of html form of the users password or some other relevant information. e-mail. Some are so extreme in this that they do not use e- Besides, malicious script can be used for endangering the mail clients that support html form of e-mail. On the other local network, i.e. shared resources, or attacks on other hand, users who write e-mails exclusively in html form are computers or servers. mostly unaware of the fact that they received message in Some web browsers have vulnerable security system, the form of pure text. To be compatible with the whole which means that they decide which rights a script should Internet community in relation to e-mail means to write it have for it to be executed on the client computer. In such in form of pure text. Unfortunately, most of today’s clients way, the scripts can be used to load and install various for sending and receiving e-mail have related settings on program packages, even to read or modify data on other html, and it is possible to put malicious code within any web sites/servers.
Recommended publications
  • Unit 13 E-Mail and E-Messaging

    Unit 13 E-Mail and E-Messaging

    UNIT 13 E-MAIL AND E-MESSAGING Structure 13.0 Objectives 13.1 Introduction 13.2 E-mail 13.2.1 Defining Email 13.2.2 Need of Email 13.2.3 Email Address 13.3 Types of Email Services 13.3.1 Free Web-based Email Services 13.3.2 Priced Web-based Email Services 13.3.3 Private Email Services 13.4 Types of Email Account 13.4.1 POP/IMAP Account 13.4.2 Email Forwarder 13.4.3 Mailing List 13.4.4 Auto Responder 13.4.5 Email Bouncer 13.4.6 Email Blackhole 13.5 Structure and Features of Email 13.5.1 Header 13.5.2 Body 13.5.3 Features 13.6 Functioning of Email Systems 13.6.1 Protocols 13.6.2 Delivery Agent 13.6.3 Access Client 13.6.4 Setting up Account 13.6.5 Folder Management 13.7 Messaging 13.7.1 Instant Messaging 13.7.2 Unified Messaging 13.8 Issues with Messaging 13.8.1 Spamming 13.8.2 Privacy 13.8.3 Security 13.9 Widgets and Utilities 13.10 Summary 13.11 Answers to Self Check Exercises 13.12 Keywords 13.13 References and Further Reading 5 Internet Tools and Services 13.0 OBJECTIVES After reading this Unit, you will be able to: provide a detailed account about Email and Email service Providers; explain in detail various Protocols used in Email service; and discuss about Web 2.0 tools in Email. 13.1 INTRODUCTION Electronic Mail is one of the most prominent uses of networked communication technology.
  • Combatting Spam Using Mimedefang, Spamassassin and Perl

    Combatting Spam Using Mimedefang, Spamassassin and Perl

    Combating Spam Using SpamAssassin, MIMEDefang and Perl Copyright 2003 David F. Skoll Roaring Penguin Software Inc. (Booth #23) Administrivia Please turn off or silence cell phones, pagers, Blackberry devices, etc... After the tutorial, please be sure to fill out an evaluation form and return it to the USENIX folks. 2 Overview After this tutorial, you will: Understand how central mail filtering works. Know how to use MIMEDefang to filter mail. Be able to integrate SpamAssassin into your mail filter. Know how to implement mail filtering policies with MIMEDefang and Perl. Know how to fight common spammer tactics. 3 Outline Introduction to Mail Filtering Sendmail's Milter API MIMEDefang Introduction, Architecture Writing MIMEDefang Filters SpamAssassin Integration Advanced Filter Writing Fighting Common Spammer Tactics Advanced Topics Policy Suggestions 4 Assumptions I assume that you: Are familiar with Sendmail configuration. You don't need to be a sendmail.cf guru, but should know the basics. Are familiar with Perl. Again, you don't need to be able to write an AI program in a Perl one- liner, but should be able to read simple Perl scripts. Are running the latest version of Sendmail 8.12 on a modern UNIX or UNIX-like system. 5 Why Filter Mail? The old reason: to stop viruses. The new reason: to stop spam and inappropriate content. Blocking viruses is easy. Block .exe and similar files, and test against signature databases. Blocking spam is hard, but becoming increasingly important. Organizations can even face lawsuits over inappropriate content. 6 Mail filtering is required for many reasons. In addition to the reasons given on the slide, you might need to filter outgoing mail as well to prevent virus propagation, dissemination of sensitive information, etc.
  • Set up Mail Server Documentation 1.0

    Set up Mail Server Documentation 1.0

    Set Up Mail Server Documentation 1.0 Nosy 2014 01 23 Contents 1 1 1.1......................................................1 1.2......................................................2 2 11 3 13 3.1...................................................... 13 3.2...................................................... 13 3.3...................................................... 13 4 15 5 17 5.1...................................................... 17 5.2...................................................... 17 5.3...................................................... 17 5.4...................................................... 18 6 19 6.1...................................................... 19 6.2...................................................... 28 6.3...................................................... 32 6.4 Webmail................................................. 36 6.5...................................................... 37 6.6...................................................... 38 7 39 7.1...................................................... 39 7.2 SQL.................................................... 41 8 43 8.1...................................................... 43 8.2 strategy.................................................. 43 8.3...................................................... 44 8.4...................................................... 45 8.5...................................................... 45 8.6 Telnet................................................... 46 8.7 Can postfix receive?..........................................
  • Linux E-Mail Set Up, Maintain, and Secure a Small Office E-Mail Server

    Linux E-Mail Set Up, Maintain, and Secure a Small Office E-Mail Server

    Linux E-mail Set up, maintain, and secure a small office e-mail server Ian Haycox Alistair McDonald Magnus Bäck Ralf Hildebrandt Patrick Ben Koetter David Rusenko Carl Taylor BIRMINGHAM - MUMBAI This material is copyright and is licensed for the sole use by Jillian Fraser on 20th November 2009 111 Sutter Street, Suite 1800, San Francisco, , 94104 Linux E-mail Set up, maintain, and secure a small office e-mail server Copyright © 2009 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: June 2005 Second edition: November 2009 Production Reference: 1051109 Published by Packt Publishing Ltd. 32 Lincoln Road Olton Birmingham, B27 6PA, UK. ISBN 978-1-847198-64-8 www.packtpub.com
  • Groupware Enterprise Collaboration Suite

    Groupware Enterprise Collaboration Suite

    Groupware Enterprise Collaboration Suite Horde Groupware ± the free, enterprise ready, browser based collaboration suite. Manage and share calendars, contacts, tasks and notes with the standards compliant components from the Horde Project. Horde Groupware Webmail Edition ± the complete, stable communication solution. Combine the successful Horde Groupware with one of the most popular webmail applications available and trust in ten years experience in open source software development. Extend the Horde Groupware suites with any of the Horde modules, like file manager, bookmark manager, photo gallery, wiki, and many more. Core features of Horde Groupware Public and shared resources (calendars, address books, task lists etc.) Unlimited resources per user 40 translations, right-to-left languages, unicode support Global categories (tags) Customizable portal screen with applets for weather, quotes, etc. 27 different color themes Online help system Import and export of external groupware data Synchronization with PDAs, mobile phones, groupware clients Integrated user management, group support and permissions system User preferences with configurable default values WCAG 1.0 Priority 2/Section 508 accessibility Webmail AJAX, mobile and traditional browser interfaces IMAP and POP3 support Message filtering Message searching HTML message composition with WYSIWIG editor Spell checking Built in attachment viewers Encrypting and signing of messages (S/MIME and PGP) Quota support AJAX Webmail Application-like user interface Classical
  • Canit-PRO User's Guide

    Canit-PRO User's Guide

    CanIt-PRO User’s Guide for Version 10.2.5 AppRiver, LLC 13 September 2018 2 CanIt-PRO — AppRiver, LLC Contents 1 Introduction 13 1.1 Organization of this Manual.............................. 13 1.2 Definitions........................................ 14 2 The Simplified Interface 19 3 The My Filter Page 21 3.1 Sender Rules...................................... 21 3.2 The Quarantine..................................... 22 3.3 Online Documentation................................. 22 4 The CanIt-PRO Quarantine 23 4.1 Viewing the Quarantine................................. 23 4.1.1 Message Summary Display........................... 23 4.1.2 Sort Order.................................... 24 4.1.3 Message Body Display............................. 25 4.1.4 Summary of Links............................... 25 4.2 Message Disposition.................................. 25 4.2.1 Quick Spam Disposal.............................. 26 4.3 Reporting Phishing URLs................................ 27 4.4 Viewing Incident Details................................ 27 4.4.1 Basic Details.................................. 28 4.4.2 Address Information.............................. 29 4.4.3 History..................................... 29 4.4.4 Spam Analysis Report............................. 29 4.5 Viewing Other Messages................................ 30 4.6 Viewing Specific Incidents............................... 30 CanIt-PRO — AppRiver, LLC 3 4 CONTENTS 4.7 Searching the Quarantine................................ 30 4.8 Closed Incidents....................................
  • Subnet Routing Replace Logo

    Subnet Routing Replace Logo

    Outline INFOTECH Lecture IP Based Networks and Applications Manuscript: Edition Summer 2004 Additional material and information on the course is available at http://www.jcho.de/jc/IPNA/ Dr.-Ing. Joachim Charzinski [email protected] © Joachim Charzinski This slide set is distributed to support students of the University of Stuttgart who attend the IPNA lecture http://www.jcho.de/IPNA/ during summer term 2004. All other use requires written permission by Joachim Charzinski. IPNA – IP based Networks and Applications IPNA – IP based Networks and Applications Table of Contents (2) 2004 Edition Table of Contents 2004 Edition 4. Applications and Application Layer Protocols 4-1 4.1 Introduction 4-5 4.1.1 Design Principles 4-5 1. Introduction 1-1 4.1.2 Contents Delineation 4-6 1.1 Overview of the lecture 1-6 4.1.3 Client-Server Paradigm 4-9 4.1.4 Reply Codes 4-11 1.2 Internet History 1-26 4.1.5 Socket Concept 4-15 1.3 IP Standardisation 1-46 4.2 DNS 4-20 1.4 Networking Basics Refresher 1-55 4.3 E-Mail 4-28 1.4.1 Reference Model 1-56 4.3.1 SMTP 4-32 1.4.2 Circuit Switching and Packet Switching 1-59 4.3.2 MIME 4-37 1.4.3 Local Area Networks 1-65 4.3.3 POP3 4-39 1.4.4 Network Elements 1-76 4.3.4 IMAP 4-42 Questions 1-94 4.4 HTTP 4-43 4.5 Telnet 4-55 2. Network Layer et.
  • Canit-Domain-PRO Administration Guide for Version 10.2.9 Appriver, LLC 11 December 2020 2

    Canit-Domain-PRO Administration Guide for Version 10.2.9 Appriver, LLC 11 December 2020 2

    CanIt-Domain-PRO Administration Guide for Version 10.2.9 AppRiver, LLC 11 December 2020 2 CanIt-Domain-PRO — AppRiver, LLC Contents 1 Introduction 19 1.1 Principles of Operation................................. 19 1.2 Handling False-Positives................................ 19 1.2.1 Spam-Control Delegation........................... 20 1.3 Organization of this Manual.............................. 20 1.4 Definitions........................................ 21 2 Operation 27 2.1 Principles of Operation................................. 27 2.2 Interaction between Allow Rules and Block Rules................... 28 2.2.1 RCPT TO: Actions............................... 28 2.2.2 Post-DATA Actions............................... 30 2.3 Streaming........................................ 32 2.4 How Addresses are Streamed.............................. 32 2.5 How Streaming Methods are Chosen.......................... 33 2.6 Status of Messages................................... 35 2.6.1 Secondary MX Relays............................. 36 2.7 The Database...................................... 36 2.8 Remailing Messages.................................. 37 3 Realms 39 3.1 Introduction to Realms................................. 39 3.2 Realm Names...................................... 40 3.2.1 The base Realm................................ 40 3.3 Creating Realms..................................... 40 3.4 Realm Mappings.................................... 41 3.5 Determining the Realm................................. 42 CanIt-Domain-PRO — AppRiver, LLC 3 4 CONTENTS
  • Clam Antivirus 0.88.2 User Manual Contents 1

    Clam Antivirus 0.88.2 User Manual Contents 1

    Clam AntiVirus 0.88.2 User Manual Contents 1 Contents 1 Introduction 6 1.1 Features.................................. 6 1.2 Mailinglists................................ 7 1.3 Virussubmitting.............................. 7 2 Base package 7 2.1 Supportedplatforms............................ 7 2.2 Binarypackages.............................. 8 2.3 Dailybuiltsnapshots ........................... 10 3 Installation 11 3.1 Requirements ............................... 11 3.2 Installingonashellaccount . 11 3.3 Addingnewsystemuserandgroup. 12 3.4 Compilationofbasepackage . 12 3.5 Compilationwithclamav-milterenabled . .... 12 4 Configuration 13 4.1 clamd ................................... 13 4.1.1 On-accessscanning. 13 4.2 clamav-milter ............................... 14 4.3 Testing................................... 14 4.4 Settingupauto-updating . 15 4.5 Closestmirrors .............................. 16 5 Usage 16 5.1 Clamdaemon ............................... 16 5.2 Clamdscan ................................ 17 5.3 Clamuko.................................. 17 5.4 Outputformat............................... 18 5.4.1 clamscan ............................. 18 5.4.2 clamd............................... 19 6 LibClamAV 20 6.1 Licence .................................. 20 6.2 Features.................................. 20 6.2.1 Archivesandcompressedfiles . 20 6.2.2 Mailfiles ............................. 21 Contents 2 6.3 API .................................... 21 6.3.1 Headerfile ............................ 21 6.3.2 Databaseloading . .. .. .. .. .. .
  • Computer System Administration. Topic 11. Secure E-Mail Service

    Computer System Administration. Topic 11. Secure E-Mail Service

    Computer System Design and Administration Topic 11. Secure e-Mail service: SMTP Postfix, IMAP Dovecot (over SSL) José Ángel Herrero Velasco Department of Computer and Electrical Engineering This work is published under a License: Creative Commons BY-NC-SA 4.0 Computer System Design and Administration Topic 11. Secure e-Mail service: SMTP Postfix, IMAP Dovecot (over SSL) Puzzle Secure Information Server Clients Active ISC Directory DHCP Open ISC client SSL SSL LDAP DNS OpenLDAP DB LDAP ISC SSL NTP SSH IMAP (mail client) NFSv4 CIFS Secure MAIL Server Network file server/ MS Windows-Linux/UNIX interoperability SMTP IMAP (Postfix) (Dovecot) RAID/LVM SAMBA NFSv4 SSL Secure Web Server Ganglia Apache2 Hosts Core (web data) User (web data) Virtual MailLISTs Webmail pool pool (MailMan) (squirrelmail) (public_html) SSL Webmin Nagios 2 (.html, php …) WordPress José Ángel Herrero Velasco Computer System Design and Administration Topic 11. Secure e-Mail service: SMTP Postfix, IMAP Dovecot (over SSL) Target: e-Mail services • Deployment and development of an INTERNET secure e-MAIL service based on SMTP/IMAP protocols: – Sending mail using SMTP protocol: Pos(ix. – Receiving mail using IMAP protocol: Dovecot. – Management of Maildrop: Maildirs. – MUA-MTA secure communicaon (encrypted): TLS/SSL. • Installaon, configuraon and start up of a Webmail client: – Roundcube. – Mailmain. José Ángel Herrero Velasco Computer System Design and Administration Topic 11. Secure e-Mail service: SMTP Postfix, IMAP Dovecot (over SSL) The e-Mail system HTTP SMTP IMAP • Definions and basics: TCP TCP UDP – E-Mail: the electronic mail system: • Network service that enables 2 users from different computers IP to send and receive (exchange) digital messages.
  • Spamassassin

    Spamassassin

    < Day Day Up > • Table of Contents • Index • Reviews • Reader Reviews • Errata • Academic SpamAssassin By Alan Schwartz Publisher: O'Reilly Pub Date: July 2004 ISBN: 0-596-00707-8 Pages: 256 Sys admins can field scores of complaints and spend months testing software suites that turn out to be too aggressive, too passive, or too complicated to setup only to discover that SpamAssassin (SA), the leading open source spam-fighting tool, is free, flexible, powerful, highly-regarded, and remarkably effective. The drawback? Until now, it was SpamAssassin's lack of published documentation. This clear, concise new guide provides the expertise you need to take back your inbox. "Detailed, accurate and informative--recommended for spam-filtering beginners and experts alike." -- Justin Mason, SpamAssassin development team < Day Day Up > < Day Day Up > • Table of Contents • Index • Reviews • Reader Reviews • Errata • Academic SpamAssassin By Alan Schwartz Publisher: O'Reilly Pub Date: July 2004 ISBN: 0-596-00707-8 Pages: 256 Copyright Preface Scope of This Book Versions Covered in This Book Conventions Used in This Book Using Code Examples Comments and Questions Acknowledgments Chapter 1. Introducing SpamAssassin Section 1.1. How SpamAssassin Works Section 1.2. Organization of SpamAssassin Section 1.3. Mailers and SpamAssassin Section 1.4. The Politics of Scanning Chapter 2. SpamAssassin Basics Section 2.1. Prerequisites Section 2.2. Building SpamAssassin Section 2.3. Invoking SpamAssassin with procmail Section 2.4. Using spamc/spamd Section 2.5. Invoking SpamAssassin in a Perl Script Section 2.6. SpamAssassin and the End User Chapter 3. SpamAssassin Rules Section 3.1. The Anatomy of a Test Section 3.2.
  • Secure Your E-Mail Server on IBM Eserver I5 with Linux

    Secure Your E-Mail Server on IBM Eserver I5 with Linux

    IBM Front cover Secure Your E-mail Server on IBM Eserver i5 with Linux Understanding security issues for network and e-mail server Linux open source solutions to secure your e-mail server Linux-based ISV solutions to secure your e-mail server Yessong Johng Alex Robar Colin McNaught Senthil Kumar ibm.com/redbooks Redpaper International Technical Support Organization Secure Your E-mail Server on IBM Eserver i5 with Linux October 2005 Note: Before using this information and the product it supports, read the information in “Notices” on page vii. First Edition (October 2005) This edition applies to IBM i5/OS V5R3, SUSE LINUX Enterprise Server 9, and Red Hat Enterprise Linux AS Version 4. © Copyright International Business Machines Corporation 2005. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . vii Trademarks . viii Preface . ix The team that wrote this Redpaper . ix Become a published author . xi Comments welcome. xi Part 1. Open Source Solutions for Network Security . 1 Chapter 1. Understanding and planning e-mail server security. 3 1.1 Concepts: Securing e-mail servers . 4 1.1.1 Linux-based firewall . 6 1.1.2 E-mail security . 7 1.2 Scenarios: Securing e-mail server . 8 1.2.1 Open source protection and open source mail delivery . 8 1.2.2 Open source protection and Domino . 9 1.2.3 ISV protection, open source filtering, and open source mail delivery . 10 1.3 Planning: Securing e-mail server . 11 1.3.1 OSS versus ISV solutions for network security mechanisms .