Security Portal: Postfix - The Sendmail Replacement, Part IINov 22, 2000, 09:01 (0 Talkback[s])
(Other stories by Kurt Seifried)
"I've written about Postfix before, over a year ago, and since then it has gotten even better. I must confess that I've been using the 31 Dec. 1999 release on my servers until last week, which, while extremely stable, lacks a lot of the features now available in current snapshots of Postfix. Postfix is now more useful than ever as a gateway mail server. I'll cover some of the more interesting available features and how you can use them to secure and protect your email infrastructure. Most of these features are actually quite old, but are probably news to most users."
"This is probably the best way of restricting incoming email to valid email accounts only. Let's assume you have a decent-sized corporate LAN based on Windows and are using Exchange server for email. Exchange can only validate incoming email based on the domain, not the user, and since it will attempt to deliver the email for 48 hours, your system can get quickly clogged up - with no easy way to clean it out. Place your Exchange server behind a firewall so no one on the Internet can connect to it directly, and then place a Postfix server on the public side."