The first backup is to create a copy of the /etc/postfix directory. If you do system hardening, make a backup first. It goes without saying, but too often this step is skipped. If you get any output, then it is wise to solve these first and restart your Postfix service to see if the error or warning is gone. This was discovered when we implemented a related test in our own auditing tool Lynis. Guess what, one of our systems had actually a warning. If your configuration has any errors or warnings, they will show up. In this case, we redirect all normal output (stdout) to the digital trash bin (/dev/null).
![linux mac os x postfix send test email linux mac os x postfix send test email](https://images.prismic.io/pepipost/062384ce-3147-47eb-b153-b1c82b68c84c_debain-smtp-postfix-5+(1).png)
The postconf command can be used to display the Postfix configuration, or make changes. Your current configuration may have errors without you even knowing. So let’s start with that, before making any changes.
![linux mac os x postfix send test email linux mac os x postfix send test email](https://imgs.developpaper.com/imgs/20191128111912706.png)
Many hardening guides and blogs forget an important part of system hardening: the preparation. Time to get technical and get the configuration tested. This may result in unauthorized people snooping on data, from your local IT administrator to possibly the CIA or NSA. These protocols may share data with other systems without any form of protection. Most of the legacy protocols, SMTP included, did not have security or privacy high on the priority list. If your customers are depending on it, then you have something to explain.Īnother reason for Postfix hardening is the increasing need for privacy.
![linux mac os x postfix send test email linux mac os x postfix send test email](https://www.journaldev.com/wp-content/uploads/2019/02/postfix-configuration.png)
If it is just a test system, then you are lucky. It will get your system ending up on multiple blacklists. This type of configuration is called an open relay. For example, an incorrectly Postfix might send messages to everyone, instead of just your network systems. Configure authenticated relaying with a smarthostĮvery service that is connected to the internet is sooner or later to be abused by automated scripts.Test the existing Postfix configuration.