Email Server Hardening
NightShade03
Member Posts: 1,383 ■■■■■■■□□□
in Off-Topic
Was wondering if anyone can help add to this list. I'm trying to come up with some points to check for when hardening mail servers. I'm trying to remain vendor neutral, however I know that there are little quirks about all vendors that need to be checked. So far I have:
1 - Secure communication between client and server (TLS or SSL)
2 - Authentication of clients (to prevent address spoofing)
3 - Make sure mail relay is disabled (unless completely necessary)
4 - Listen on multiple interfaces for connections to provide redudency
5 - Disable VRFY
I'm sure that there are plenty of things I'm missing that a more experienced person will pick up on. Any advice welcome
1 - Secure communication between client and server (TLS or SSL)
2 - Authentication of clients (to prevent address spoofing)
3 - Make sure mail relay is disabled (unless completely necessary)
4 - Listen on multiple interfaces for connections to provide redudency
5 - Disable VRFY
I'm sure that there are plenty of things I'm missing that a more experienced person will pick up on. Any advice welcome