|
|
|
|
|
|
|
Security Strategies
This section provides an overview of the options you can use to protect your system against "spamming" and "spoofing" and other types of abuse. See the following sections for a description of all the options and the procedures that describe how to implement them.
Mail Relay
Mail relay occurs when IMail Server (or any SMTP server) accepts mail destined for another host and redelivers it to that host. A message that originates on a computer other than the IMail Server host and destined for another host must pass through the IMail Server (i.e., IMail Server must relay the message). If your users use a POP3 or IMAP mail client to send mail, then IMail Server needs to relay mail for them. IMail Server allows for the following mail relay options:
- No Mail Relay
- Relay for (Addresses)
- Relay mail for local hosts
- Relay mail for local users
- Relay for anyone
Local mail (destined for the IMail Server host or originating from the IMail Server host) does not use the relay function.
For information about relay options, see "Setting Mail Relay Options".
Validating Incoming Mail
There are a number of ways that you can check the header and body information of incoming mail to try to filter out unwanted messages.
- Enter known spam mail addresses or a domain name (for
example, @domain.com) in the Kill file.- Use delivery rules to search incoming mail for specific information in the header or body of a message. For example, you can search a header or body for "$$$ GET RICH QUICK" and if found, route the mail to a particular mailbox for the user. Delivery rules support powerful search expressions. You can combine rules with the Info Manager to route spam mail to an administrator's mailbox so that the user never receives it.
- For information on using delivery rules, see "User Mail Accounts".
- Select Disable SMTP "VRFY" command. The SMTP VRFY command is used to verify a user ID on a host and as such can be used to test for valid user IDs. Disabling the command helps prevent "spoofing" by not allowing someone outside your network to check if a user ID is valid. If you select this option, when IMail Server receives an SMTP VRFY request, it will return the message: 502 Command not implemented
- Select one of the options that attempts to identify improper use or the mail header:
- Auto deny possible hack attempts
Check valid senderFor information about setting these options, see "Validating Incoming Mail".
You can also use the connection filtering component of the antispam features to validate incoming mail. For more information, see "Validation Tests".
Access Control Options
If there is a known IP address from which you want to block all mail, use the Control Access feature to deny that address access to your server. For information about setting access, see "Setting Access to the SMTP Server".
Changing the SMTP Hello Message
When you log on to SMTP, the service responds with a "welcome message" that identifies the mail server version, vendor and operating system. You can change the welcome message to hide this information. Changing the message may help protect your server from spammer or hacker attacks. For more information see "Advanced Options".
 Ipswitch, Inc. http://www.ipswitch.com |
| |
|
|
|
| ©Ipswitch 2005 | |||