• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Postfix: The Definitive Guide

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles

View previous topic :: View next topic  
Author Message
Stormhawk
Trusted SF Member
Trusted SF Member


Joined: 26 Aug 2003
Posts: 31
Location: Warwickshire, England, UK

Offline

PostPosted: Fri Apr 22, 2005 5:26 pm    Post subject: Postfix: The Definitive Guide Reply with quote

Postfix: The Definitive Guide

Author: Kyle D. Dent
Publisher: O'Reilly
Date Published: December 2003
Book Specifications: Softcover, 260 pages
Category: Networking / Internet Mail
Publisher's Suggested User Level: None
Reviewer's Suggested User Level: System Administrators
Suggested Publisher Price: US$34.95 / CAN$50.95
ISBN: 0-596-00212-2
Amazon.com: http://www.amazon.com/exec/obidos/tg/detail/-/0596002122/102-5576949-6037748
Amazon.co.uk: http://www.amazon.co.uk/exec/obidos/tg/detail/-/0596002122/102-5576949-6037748



Info from back cover:
Postfix is a Mail Transfer Agent (MTA) - that is, software that mail servers use to route email. Postfix is highly respected by experts for its secure design and tremendous reliability. And new users like it because it's so simpe to configure. In fact, Postfix has been adopted as the default MTA on Mac OSX. It is also compatible with sendmail, so that existing scripts and programs continue to work seamlessly after it is installed.

Postfix was written by well-known security expert Wietse Venema, who reviewed this book intensively during its entire development. Author Kyle D. Dent covers a wide range of Postfix tasks, from virtual hosting to controls for unsolicited commercial email.

While basic configuration of Postfix is easy, every site has unique needs that call for a certain amount of study. This book, with careful background explanations and generous examples, eases readers from basic configuration to the full power of Postfix. It discusses the Postfix interfaces to various tools that round out a fully scalable and highly secure email system. These tools include POP, IMAP, LDAP, MySQL, Simple Authentication and Security Layer (SASL) and Transport Layer Security (TLS, an upgrade of SSL). A reference section for Postfix configuration parameters and an installation guide are included.

Introduction
Postfix is a widely used mail transfer agent. It offers an alternative to the infamous sendmail, well known for its security problems. Postfix is both secure and reliable, and it is designed to do the right thing and not to overload the server on which it is running, or servers with which it makes contact. This book describes the Postfix system, its configuration and its use as part of an email solution.

Content & Overview
The book opens with an introduction to Postfix in Chapter 1. It goes through the philosophy of Postfix, e-mail itself, where Postfix fits into the mail transport system, and, of course, the topic of security.

Chapter 2 introduces some prerequisites, for those who are not fully comfortable with certain UNIX or email topics. The UNIX section here is probably not very relevant, as most administrators looking to install Postfix will already be competent UNIX administrators, and those that are not will not gain the information they need here! The section on email does, however, have its uses, as it explains the various RFCs as they relate to internet mail.

Chapter 3 describes the Postfix architecture; how the postfix system is composed of small, modular pieces, each of which has a well-defined task.

In Chapter 4, general configuration and administration are introduced. The chapter contains information on starting Postfix, the various configuration files used by Postfix, some considerations to take into account when configuring, and administration details. It also looks at setting limits on receiving mail, and at rewriting addresses. The chapter finally turns to chroot, a method of further securing Postfix, and ends with a look at the documentation available for Postfix.

Chapter 5 looks at mail queue management, and, in particular, the Postfix qmgr.

Chapter 6 describes how DNS is used in conjunction with email. In particular it looks at MX records (mail exchanger) in the DNS system, and how they're used when sending and receiving email.

Chapter 7 covers local delivery of e-mail, and the POP and IMAP mail retrieval protocols.

Chapter 8 gives information for hosting multiple domains and using Postfix as the MTA for them all. It looks at the different ways in which Postfix can accomplish this task.

Chapter 9 takes the discussion into mail relaying. It covers backup MX servers, transport maps, mail gateways and relays and other delivery methods.

In Chapter 10, the author explains how Postfix can be used to set up mailing lists.

Chapter 11 covers the (unfortunately) essential topic of blocking unsolicited bulk email. It looks at the nature of spam, open relays, spam detection, anti-spam mechanisms, and how Postfix can be configured to prevent and reduce spam.

Chapter 12 covers SASL (Simple Authentication and Security Layer) Authentication, and how to configure Postfix for SASL. In Chapter 13, we see a discussion of TLS.

Chapter 14 looks at content-filtering, both command-based and daemon-based.

Chapter 15 explains how external databases such as MySQL and LDAP can be used with Postfix.

The book provides four appendices. Appendix A covers configuration parameters in a "quick reference" style, while Appendix B details the Postfix commands. Appendix C looks at compiling and installing Postfix, and Appendix D presents an FAQ.

Style & Detail
This book is slimmer than many, but it manages to more than adequately cover the topics it sets out to. As is usual for an O'Reilly book, it is a polished and flowing read, with information provided in a compact, yet easy-to-follow format.

As with many books about software, the software changes over time and the book doesn't, but this book was written in such a way that most of the information presented is still relevant to the near-future. The book was published in December 2003, and is still almost 100% correct and relevant, which is no easy task, considering the speed of development of Postfix.

The text is fast-paced, yet it doesn't leave anyone behind. I was amazed at how quickly I read this book; it isn't a long book, and it doesn't need to be. Everything is covered sufficiently that the average system administrator should be able to migrate to Postfix, or begin a new life as a mail server administrator, having read this book.

Conclusion
This book is, without doubt, one of the few books worthy of the highest possible review score.

This book receives an honoured SFDC rating of 10/10



Keywords: Postfix, mail transfer agent, mta, mail server, sendmail, secure, reliable

This review is copyright 2005 by the author, Andrew J. Bennieston, and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register