A single dedicated server can play the role of a mail server to handle mails for all web sites or domains. Since it is convenient to send email messages from your administrative desktop computer to the server to be relayed to the correct recipient, you need to make sure that whoever asks the server to relay email messages are authorized. If you deploy email service on your dedicated server, additional measures need to be considered to protect the server from spam and unauthorized email forwarding, also known as email relaying.

An email server sends mails via SMTP (Simple Mail Transfer Protocol). SMTP uses TCP port 25. Anyone can determine the SMTP server for your domain name, by looking at the MX (Mail eXchange) DNS record of your domain. To eliminate email security risks, all relaying activities (sending out mail) must originate from specific user id on the server or from specific remote IP addresses such as your administrative desktop computer. This restriction will eliminate unauthorized relaying activities from other computers to send spam emails using your server as the relaying machine while allowing legitimate senders such as your web server to send mail.

Disabling unauthorized relaying prevents your server from sending spam email originated from unauthorized sources. However, this would not stop your email server from receiving spam emails once the email server is associated with your registered domain name. A simple greylisting mail filter can effectively remove most, if not all spam emails. You can set up the mail server to delete automatically all emails sent to unknown recipients.

Sendmail can be set up to handle auto-forwarding or to send auto-respond replies. All emails received for unknown recipients should be deleted or rejected before they get to clutter the server's mailboxes. It is a good idea to implement a simple but effective greylisting filter for sendmail. Greylisting introduces a short delay (typically 2 minutes) to your legitimate senders and ask the sender to resend the mail after this delay period.

The advantage of greylisting is that it is not an intrusive mechanism and does not generate false alarms. It is very effective to prevent almost 90 percent of the illegitimate mails before they get to you server. If a spammer manages to bypass the server's greylisting filter with a consistent email address or IP location (by resending the rejected mail), information recorded in the auto whitelist may be used to reject the spammer.

It is an important part of your daily server administration task to look at the email server log at /var/log/maillog to see if there are unauthorized activities or repeated attempts to access your email server from a specific IP address. Those undesirable IP addresses can be added to your email server's or firewall's banned IP list.

The email messages originated and received by each email user are stored in a single file at /var/mail/user_name for each user. If you use a remote mail client such as Microsoft Outlook to access your email messages, this file will be modified when the email server receives new messages or when the remote client deletes old messages.

It is recommended that the remote client keeps the messages on the server for at least several days before deleting so that the server can properly back up these email message files. It is tedious and error prone to perform this administrative task manually. Linux provides an excellent environment to automate this task transparently.

This section discusses in detais the following topics.

  • Automatic rejection of email sender based upon IP address, domain name, subject, and recipient.

  • Verify email relaying is disabled to prevent anonymous email relaying via telnet.

  • Sendmail configuration to reach an email relaying server in case your hosting provider blocks SMTP port 25.

  • Advanced configurations for a greylisting filter to reduce spam.