Secure mail server checklist


Setup of email server in Linux is simple, but your job does not end there. Customer had experiences where mail gateway has been misconfigured and has caused open relay for a spammer attack. Always pay extra careful attention when you deal with related internet services such as web and email.

1. MX record
The Mail Exchanger (MX) is critical to email related information in your DNS. The MX record tells the internet email servers how to handle the your email routing. If you host your own DNS server, please remember to add a MX record. You can perform a simple MX record test. Please change your internal dns server to an external dns server.

2. IP address
Use the mail security tool below to check your IP status:

http://www.mxtoolbox.com/SuperTool.aspx 

3. Open Relay
Open relay is a very serious email server configuration flaw. Open relay means you are trusting all people over the world to send/relay email from your server using your IP address. Open relay check tools are as below:

http://www.abuse.net/relay.html

4. Reverse DNS
Usually anti-spam applications check if you have a valid reverse DNS IP. If you are sending mail from a non reverse DNS IP mail server, your 'mail reputation' will be lower than those who have a valid reserve IP. You might not see the impact instantly, however, since it might have a consequence in the long run such as sending valid bulk emails that might get your IP blacklisted or dropped.

5. SPF DNS Record
Most anti-spam application / gateway applies a Sender Policy Framework (SPF) checking. This is an additonal layer of spam filtering, where it checks if the mail is genuinely from a domain. It is advised to include SPF record in your DNS. 

Was this answer helpful?

 Print this Article

Also Read

Install ClamAV antivirus

Install ClamAV antivirus softwareInstall EPEL repo:For CentOS 6 32-bit execute command:rpm -Uvh...

Install ConfigServer firewall application

ConfigServer firewall is a popular Linux firewall security suite. It is easy to install, flexible...

Installing Rkhunter (Rootkit Hunter)

First download the latest stable version of Rkhunter tool:wget...

Quickly allowing/denying IP’s using iptables

How do you block an IP using iptables?iptables -A INPUT -s xx.xx.xx.xx -j DROPHow do you block an...

Create an SPF record for domain

The Sender Policy Framework (SPF) is a method of fighting spam. As more time passes, this...