Is PostConf secure enough to use across the Internet?

    Yes.  PostConf was designed from the beginning with 
    the highest security standards:

      * The Postfix MTA has the best security track record 
      of any SMTP server software.  It is sponsored by IBM 
      and engineered by Wietse Venema of satan and tcp_wrapper 
      fame.

      * The Java programming language is far and away the 
      most secure available with built-in memory management, 
      type-checking and access controls.

    However:

      * It is not best practice to run Apache's Tomcat
      web server on it's own.  For this reason we recommend
      proxying through an Apache httpd where Internet
      accessibility is required.

    We still recommend, of course:

      * Defining strong passwords.

      * Using only the https protocol with a strong
      TLS cipher suite.


Return to Documentation Home