To secure Postfix, there are a number of functions you can add the configuration file /etc/mail/main.cf. Edit the file and add the following lines:

smtpd_helo_required = yes
smtpd_delay_reject = no
disable_vrfy_command = yes

smtpd_helo_restrictions = permit_mynetworks,
reject_invalid_hostname,
reject_unknown_hostname,
reject_non_fqdn_hostname

This will force incoming requests to pause and identify themselves before proceeding, and will allow properly authenticated users to pass through and send mail. To finish, save the file and restart Postfix:

/etc/init.d/postfix restart

Answer: If your mail server is sucking up valuable CPU power, there are a couple of possibilities, none of which are pleasant.

1. You or users on your server are getting a lot of emails, more than usual. Although it is possible that it is just a temporary thing, it could be a deliberate attack on your server.

2. Someone is sending spam from your server, using an open relay in your SMTP settings or exploiting a user’s account.

3. Your server is receiving a ridiculous amount of spam (i.e. spam attack). This could be an intentional attack or just a particularly bad day.

Usually, if the CPU upswing is substantial, you should be really concerned about your server’s security. Take a look at the mail server logs and see where the emails are originating and where they are being sent. Take note of IP addresses, user names, and any other useful information. If you cannot figure it out, you can take the data to a security expert who can help you solve the problem.

Many content management systems, such as Joomla, have mass email features built-in that allow you to easily send mail to your users. Usually, they will present you with two options: PHP Mail or SMTP. PHP Mail essentially calls a particular PHP function that will contact your mail server (such as Sendmail or Postfix) to send the email. SMTP functions just like a regular email client and will login to an email account.

From personal observation and the advice of people who have tried it, unless you have some pressing reason to avoid SMTP, you should prefer it over PHP Mail. Although you may not notice the difference for small mailing lists, something larger can bog down your server when using PHP Mail. It works fine for occasional contact forms, but for mass emailing, you should just go directly to the source: your mail server.

Answer: Usually, you will only be accused of spamming in one of three situations: (1) you actually are a spammer, (2) your account is hosted on an unsecured mail server, or (3) You have a dedicated server or VPS, and you have left your mail server unsecured.

In the case of the first situation, I cannot help you. If you are in situation number 2, then you are truly one of the victims, and whoever is running the server needs to fix the problem. Usually this will happen if the server admin is someone different than the web host. Contact the web host and let them know that you are not in charge of the server but have been blacklisted.

In the third situation, you need to find the security hole in your server and fix it. You could have an open relay in your SMTP system. Another possibility is that a user account has been comprised. And the third unfortunate possibility is that one of your users may knowingly be a spammer. In any case, get the problem fixed first and then tell your web host. You should then automatically start dropping off of DNS blacklists, and everything will go back to normal.

Image: Wikimedia Commons

If this is the case for you and you have root access on your VPS or dedicated server, you might consider changing your SMTP port to something you know you will be able to access. To change the port in Postfix, edit your /etc/postfix/master.cf file as root, commenting out the following line:

smtp innet n - n - - smtpd

Then, add the this line:

2900 inet n - n - - smtpd

Replace “2900” with whatever port you prefer for your mail server. Next, restart Postfix:

service postfix restart

Finally, assuming you have a firewall installed, which any security-minded server administrator should, you will need to tell it to allow traffic through the new mail server port.

Answer: This is a trick that many spammers and malicious hackers will use to flood your server with their nonsense. Although a spam blocker will certainly help, it still has to process each email. If thousands of emails are sent an hour, that takes up valuable CPU power, memory, disk space, and time.

Postfix mail server allows you to limit the rate of incoming emails, keeping the spam messages from flooding your server. To configure it, edit /etc/mail/main.cf:

# nano main.cf (or vi main.cf)

Add the following directives:

smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20

With these settings, after a client has made 10 connections, Postfix will pause and delay the next connection. If the connection is made 20 times without delivering mail, Postfix will disconnect.

Source: nixCraft

Many of us in the IT industry, particularly server administrators, have experienced a scenario like this one. It could be something small. Maybe Apache just needs a restart, but instead of it being a small issue, your stakeholders blow it out of proportion. Rather than getting upset with them and possibly losing your job, why not put your iPhone to use?

Root Internet, an Internet service company, offers an iPhone server monitoring tool. It pings HTTP, HTTPS, FTP, SSH, SMTP, DNS, POP3, IMAP, MySQL, and custom TCP/IP services that you specify. When your server experiences trouble, you will receive a notification on your iPhone, through email, and even a text message. Now you can rest easy and enjoy your vacation time – that is until the next disaster strikes.

Source: Apple.com
Photo: Flickr

Free SMTP Server is a Windows program that satisfies that need, and it is very easy to use. Furthermore, it is particularly useful for laptop users who travel frequently and connect to Internet service providers from various countries. Using your own SMTP server gives you much more security.

Richard Stallman, founder of GNU (component of GNU/Linux) and the Free Software Foundation explained that the only way to be certain of the privacy and security of your email accounts is to host them yourself. This is probably not practical for the average person, but for a few individuals and certainly companies with security concerns, this is a real option. Free SMTP works with Outlook Express and Eudora. If you are interested, you can download directly from the project’s website and give it a try for free.