What do I need to do to prevent exploitation of my postfix server?
I have a a web server that needs to send emails, but not recieve them. I have installed postfix (it came with nagios, also installed on this server) and now I need to make sure that my server does not get used as a spam server.
What steps do I need to take to ensure that this does not happen?
What additional security measures do I need to put in place?
Server is Ubuntu 10.4
When you install postfix on Ubuntu it should prompt you with a couple of options for how you wish to setup the server.
If the only goal is to send email then as long as you picked satellite system or localhost only then it's not setup to receive any email from an external source. If you didn't pick one of these options or aren't sure run sudo dpkg-reconfigure postfix
.
But in general the setup should be secure by default. Only hosts or networks listed in the 'mynetworks' parameter will be able to send email. So you can double check you '/etc/postfix/main.cf'
You can also check to see if you're an open relay from this site.