Linux Journal: Securing Sendmail with TLS
Aug 18, 2001, 22:04 (0 Talkback[s])
(Other stories by Jose Nazario)
"One of the most common uses of network systems is for
e-mail-based communications. As such, a great deal of attention has
been given to securing e-mail systems. However, most of this focus
has been in two areas: security at the message level, using PGP or
S/MIME, and confidentiality in the authentication process for mail
retrieval, i.e., using APOP or SSL-based IMAP. This still leaves
mail server-to-server traversal vulnerable to several attacks.
The introduction of basic cryptography into a mail
server-to-server session alleviates most of these risks. Mail
transport agents (MTA) and software such as Sendmail or Postfix can
be augmented to handle their communications over transaction layer
security (TLS) channels. This provides for a number of services,
including confidentiality, integrity protection and strong
authentication.
This article will introduce the features and use of SMTP over
TLS as defined in RFC 2487, as well as illustrate their setup in
the Sendmail package. We will cover cryptography basics, though not
delve into the mathematics of cryptosystems and simple mail
transfer protocol (SMTP) and extended simple mail transfer protocol
(ESMTP) basics."
Complete
Story
Related Stories:
- Linux Journal: Sendmail Setup for Your Home Network(Apr 19, 2001)
- Unix Insider: Setting up sendmail on a firewall, Part 1(Mar 11, 2001)
- osOpinion: UNIX Sendmail vs. Exchange 2000(Dec 05, 2000)
- TheLinuxGurus.org: Sendmail for Linux [Book Review](Nov 05, 2000)
- Inter@ctive Week: Sendmail Offers Secure Business E-Mail(Oct 10, 2000)
- ZDNet: Forget About Exchange 2000!; Use Sendmail for your enterprise mail system(Oct 09, 2000)
- Enterprise Linux Today: Sendmail Provides Enterprise Market with Secure Internet Messaging Solutions(Oct 02, 2000)
- LinuxWorld: Configuring Red Hat's Sendmail daemon(Sep 14, 2000)
- LinuxWorld: Sendmail comes of age(Aug 29, 2000)
