Things to check for an internet-facing email server.
Posted
by Shtééf
on Server Fault
See other posts from Server Fault
or by Shtééf
Published on 2010-05-17T11:55:24Z
Indexed on
2010/05/17
12:01 UTC
Read the original article
Hit count: 268
I'm faced with the task of setting up a public-internet-facing email server, that will be relaying mail for all of our other servers in the network.
While the software in itself is set up in few keystrokes, what little experience I have with managing an email server has thought me that there are tons of awkward filtering techniques employed by other email systems. Systems that my own server will inevitably interact with a some point.
Hence, my questions:
- What things should be kept in mind and double checked when setting up an email server?
- What resources are available for checking if my email server is set-up correctly?
I'm specifically NOT looking for instructions for any given mail server, such as Exchange or Postfix. But it's okay to say: “you should have X and Y in your set-up, because when talking to server software Z, it typically tries to weed out open relays by checking for these.”
Some things I've discovered myself:
Make sure forward and reverse DNS are set up.
Mail servers tend to do a reverse lookup for the peer IP-address when receiving. Matching a reverse look up with a follow-up forward lookup is probably employed to weed out open relays run through malware on home networks.
Make sure the user in the
From
-address exists.The
From
-address is easily spoofed. A receiving mail server may try to contact the mail server in theFrom
-domain, and see if theFrom
-user actually exists.
© Server Fault or respective owner