<p>Depends on how you are defining "secure", here. I run Postfix and Dovecot and find that they work well together. If I had centralized authentication and Dovecot 2.0, I think I would be very happy, but right now I have neither.</p>
<p>The big thing you want after checking that you're not spammer-friendly is to ensure that you do not generate backscatter. Backscatter is a form of spamming which relies on an MX to be unaware of all valid recipients. Without that, the MX will store and forward literally everything, which will generate bounces when the primary MX received and rejects mail sent to an invalid user.</p>
<p>In short: make sure the mail systems are all using the same database and rejecting mail for non-existent users in the SMTP conversation, instead of later when a bounce is required.</p>
<p>--<br>
Sent from my Ice Cream Sandwich powered Kindle Fire!<br>
Pardon any typos...</p>
<div class="gmail_quote">On Feb 21, 2012 4:11 PM, "Stephen Haywood" <<a href="mailto:stephen@averagesecurityguy.info">stephen@averagesecurityguy.info</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I want to move my domain from google apps to a personal server. Are there any good guides for setting up a secure smtp server?<br clear="all"><br>-- <br>Stephen Haywood<br>Information Security Consultant<br>CISSP, GPEN, OSCP<br>
T: @averagesecguy<br>W: <a href="http://averagesecurityguy.info" target="_blank">averagesecurityguy.info</a><br><br>
<br>_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
<br></blockquote></div>