Recommended way to secure email server?
bsder at allcaps.org
Sun Jul 3 12:38:36 PDT 2005
What's the best way to secure an email server?
What I would like to do is ban the use of passwords altogether. I would
like to exchange public keys for authentication.
Currently, I use IMAP with SSL to retreive email (this requires a
password that I would like to get rid of).
For sending, I currently use SSH to forward a local port to port 25 on
the mail server. The SSH client logs on using public keys. Then, I use
TLS to communicate to the local port which is forwarded to the mail
server port. This is too many steps, in my opinion.
The fact that the CEO will actually *do* all this because I told him to
is a testament to his trust that I try not to have security get in the
way (he actually uses Thunderbird, Firefox, and OpenOffice because I
recommended that he do so).
Consequently, I would really like to be able to install one or two keys
in Thunderbird and have everything "just work".
Any suggestions as to how I do this?
More information about the KPLUG-List