Linux Journal: Using Postfix for Secure SMTP Gateways

“E-mail is easily the most popular and important Internet
service today, which has made it a popular target of
cyber-criminals and spam-happy miscreants. Adding to the problem is
the inescapable reality that configuring sendmail, the most
commonly used Mail Transfer Agent (MTA), is complicated,
nonintuitive and easy to get wrong.”

“Wietse Venema, intrepid developer of TCP wrappers and
co-creator of SATAN, has come through for us again: his program,
postfix, provides an alternative to sendmail that is simpler in
design, more modular, easier to configure and less work to
administer. Equally important, it’s been designed with scalability,
reliability and sound security as fundamental requirements.”

This article is intended to bring you up to speed quickly
on how to use postfix on your network as a secure means of
receiving e-mail from and delivering it to Internet hosts. In
particular we’ll focus on deploying postfix on firewalls, in DMZs
and in other settings in which it will be exposed to contact with
untrusted systems.

“Is sendmail really that bad? That depends on what you need it
to do–the learning curve may not be justified if your e-mail
architecture is simple. But sendmail is unquestionably an extremely
powerful, stable and widely deployed application that isn’t going
away anytime soon, nor should it. In fact, The Paranoid Penguin
will probably feature a sendmail article some time in the next few