|
|
|
|
|
|
|
Security Strategies
This section provides an overview of the options you can use to protect your system against "spamming" and "spoofing" and other types of abuse. See the following sections for a description of all the options and the procedures that describe how to implement them.
Mail Relay Options
IMail Server (or any SMTP server) accepts mail destined for another host and redelivers it to that host - this is the mail relay function.
A message that originates on a computer other than the IMail Server host and destined for another host must pass through the IMail Server (i.e., IMail Server must relay the message). If your mail users use a POP3 or IMAP mail client to send mail, then IMail Server needs to relay mail for them.
Local mail is processed without requiring relay. That is, a message destined for the IMail Server host or a message originating from the IMail Server host does not use the relay function. Thus, if all of your mail users send and receive mail from the same host that IMail Server is on, or if they all use Web Messaging to access mail, you can select the No Mail Relay option.
If you are concerned about bulk mailers using the relay function to send mail through your server, you can restrict the addresses for which IMail Server relays mail by using the following options.
- Use the Relay mail for option and specify the IP address or range of addresses that you want to give access to your mail server. You need to include the IP addresses for all of your users, because when they send a mail message, the message is relayed through the SMTP server to its destination.
- Use the Relay mail for local hosts only option to limit
relay access to mail hosts on your IMail Server and the
Relay mail for local users only option to limit relay access
to users on those hosts.- When you use one of the "Relay for" options, you may have users who need to send mail from an IP address not listed. You can do this with IMail Server's support for the SMTP AUTH command. Make sure the remote user selects the "user authorization" option in their mail client. (Note that this feature will be named differently on different clients.) SMTP AUTH authenticates the user ID and password of a user sending mail. This is handled transparently by the mail server and client.
For information about setting up relay options, see "Setting Mail Relay Options".
Validating Incoming Mail
There are a number of ways that you can check the header and body information of incoming mail to try to filter out unwanted messages.
- Enter known spam mail addresses or a domain name (for
example, @domain.com) in the Kill file.- Use delivery rules to search incoming mail for specific information in the header or body of a message. For example, you can search a header or body for "$$$ GET RICH QUICK" and if found, route the mail to a particular mailbox for the user. Delivery rules support powerful search expressions. You can combine rules with the Info Manager to route spam mail to an administrator's mailbox so that the user never receives it.
For information on using delivery rules, see Chapter 4, "User Mail Accounts."
- Select the option to Disable SMTP "VRFY" command. The SMTP VRFY command is used to verify a user ID on a host and as such can be used to test for valid user IDs. Disabling the command helps prevent "spoofing" by not allowing someone outside your network to check if a user ID is valid. If you select this option, when IMail Server receives an SMTP VRFY request, it will return the message: 252 Cannot VRFY user
- Select one of the options that attempts to identify improper use or the mail header:
Auto deny possible hack attempts
Refuse NULL <> Senders
Check valid senderFor information about setting these options, see "Validating Incoming Mail".
Access Control Options
If there is a known IP address from which you want to block all mail, use the Control Access feature to deny that address access to your server. For information about setting access, see "Setting Access to the SMTP Server".
Changing the SMTP Welcome Message
When you log on to SMTP, the service responds with a "welcome message" that identifies the mail server version, vendor and operating system. You can change the welcome message to hide this information. Changing the message may help protect your server from spammer or hacker attacks. For more information see "Advanced Options"..
 Ipswitch, Inc. http://www.ipswitch.com |
| |
|
|
|
| ©Ipswitch 2002 | |||