Email Server and Dm.

• Previous message (by thread): Cogent IPV6 connectivity to fireball.acr.fi
• Next message (by thread): abha ahuja
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

     KNow
On Nov 3, 2013 1:10 PM, "TR Shaw" <tshaw at oitc.com> wrote:

> In addition to all the other reco's below,
>
> 1) only allow sending by your users from the submit port and only with
> authentication. There should be no client sending through the SMTP port.
>
> 2) Implement SSL on POP & IMAP if at all possible Otherwise enforce
> CRAM-MD5
>
> 3) Review logs esp pop and imap login failures.
>
> 4) Turn off VRFY.
>
> On Nov 3, 2013, at 11:49 AM, Private Sender wrote:
>
> > Signed PGP part
> > On 11/3/2013 8:39 AM, rwebb at ropeguru.com wrote:
> > > So I figured a little break from the NSA was in order.
> > >
> > > I am looking for some info on current practice for an email server
> > > and SMTP delivery. It has been a while since I have had to setup an
> > > email server and I have been tasked with setting up a small one for
> > > a friend. My question centers around the server sending outgoing
> > > email and the current practices requirements for other servers to
> > > accept email Things like rDNS, SPF records, etc...
> > >
> > > I am pretty much set on the issue of incoming spam and virus.
> > > Probably overkill but it is checked at the Sophos UTM firewall and
> > > at the email server itself.
> > >
> > > Thanks,
> > >
> > > Robert
> > >
> >
> > MX, PTR, and SPF are really all you need. I would recommend you go a
> > step further and use DKIM, ADSP, and DMARC. It will help keep asshat
> > spammers from flaming your domain all over the internet.
> >
> > I use http://www.unlocktheinbox.com/ to verify my configuration.
> >
> > - --
> > - -Bret Taylor
> >
> >
>
>

• Previous message (by thread): Cogent IPV6 connectivity to fireball.acr.fi
• Next message (by thread): abha ahuja
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]