Security Considerations

Bruno Melloni x.mailscanner.mail at MELLONI.COM
Thu Jul 18 13:52:28 IST 2002


Hello,

The server running Mailscanner will normally be the first point of contact
for the SMTP protocol after crossing a site's firewall.  Also, by blocking
spam it will likely attract unwanted attention from less than honorable
spammers, who may decide this is a desirable target for hacking and
relaying.  Therefore, the server must be made as secure as possible.  With
that in mind I have 2 questions/concerns:

1) When using Mailscanner in a proxy configuration (i.e.: when your real
mail server is a Windows mail server, or in a different firewalled zone),
one of the requirements is to go to the access file and enable relaying for
the local domain (i.e.: mydomain.com).  Is this safe?  Or in other words, do
sendmail/mailscanner/spamassassin already have sufficient built-in
protections to prevent a hacker from passing itself as being in the domain
mydomain.com?  It is a logical thing for a hacker to try, and if successful
he'd be able to use my mail proxy as a relay agent for his spam to other sites.

2) If a true spam is received, it is desirable to delete it with no reply so
that no hints are given to the spammers that they should try to camouflage
their spam better.  On the other hand when a good email is received it
should be delivered.  Nothing special so far.  But what about when a spam is
questionable?  Should the message be dropped silently, dropped with a
notification to the sender, delivered to the recipient with a "possible
spam" indication,...?  I am sure a lot of thinking and discussion has been
done in this arena.  Could you share what today's "common wisdom" is in
handling this issue?  And perhaps some pointers as to which configuration
files/items to modify to accomplish it?

3) Although it is best to have a separate outbound SMTP server, I am
considering using the  same box that has mailscanner for outbound SMTP as
well, to avoid having to install yet another box.  I am aware that this will
probably cause mailscanner to scan outgoing as well as inbound email but my
mail load is low.  Is there any reason other than processor load why I
should not do this?

4) Once I finish setting up my mail proxy I intend to secure it quite
tightly and test it for vulnerabilities before opening the inbound SMTP
firewall port to it.  I have collected a list of vulnerability-testing
tools, but I was wondering if there is one that is particularly good at
testing for SMTP vulnerabilities.  Can you recommend one?  If you are
uncomfortable posting this kind of information to a mailing list, feel free
to email it directly to me.

Thanks.

Bruno
x.mailscanner.mail at melloni.com



More information about the MailScanner mailing list