Security for e-mail gateways falls into four general areas: protecting the server itself, protecting the inside network, dealing with unsolicited commercial e-mail (commonly called "spam") and remote access to e-mail. These are the same whether you are working with a Microsoft Exchange server, a Lotus Domino server, or Sendmail Switch. We'll look at each of these areas.
Protecting the server
There is no magic here. There are several general steps to secure a server, any server.
* Keep all security patches up to date.
* Remove any interactive user accounts. While you are at it, do not allow any file-sharing services.
* If the system itself cannot detect a denial-of-service attack, put it behind a firewall that can, or have it monitored by intrusion detection software that is able to detect and deal with such an attack.
* Turn off all services except for those required and limit these. So, if you are running a Web server, it should only have a Web server running on it. Not a name server -- let it get its DNS information from another server. Not file-sharing services. Not e-mail. I know, "but that's why I bought this system." A system that is an e-mail server, Web server and a name server is too complex to be safe. Security bug reports on Web servers seem to be a monthly occurrence. An exploit of your Web server can lead to exposing your e-mail on a shared system. Then, with a firewall, limit the protocols that are allowed to get to that server. For an e-mail server, all you'd need is SMTP in and SMTP out and perhaps POP3 or IMAP inbound.
* If the server cannot be hardened in these ways, put it behind a firewall and tightly control services.
Protecting inside machines from e-mail borne attacks is fairly simple. E-mail gateways and servers should be configured with content screening systems. Most of the major antivirus vendors have systems that will run in conjunction with Exchange, Notes and Sendmail. We want to filter out viruses -- an obvious step. We also want to strip dangerous e-mail attachments. As Peter Tippett, CTO of TruSecure Corporation recommends in the January 2001 Information Security Magazine, "Filter out e-mail attachments -- including .exe, .scr, .pif and .vbs -- and you'll have no problem from these 'surprise' viruses (such as the Happy 99 virus)... In rare cases, users have a legitimate business need for receiving such attachments; but in most cases, they do not. Users who actually need these file types can get the sender to zip them or ask their e-mail administrator to manually forward them." Antispam
There are really two concerns with unsolicited commercial e-mail, one more annoying than the other, but the other potentially more devastating than the one. The first is to cut down on incoming spam (which is an annoyance and not a security issue). The second is to stop spammers from using our e-mail gateway as a relay point. "Antispam" is what the users ask for because it directly affects them. Antispam measures are satisfying if your users are spammed from the same address. They also are used to confirm that the sender address information on the e-mail -- the domain and the name and IP address of the connecting system, for example -- is valid and consistent. E-mail relay control is a requirement for e-mail from outside your company to get to users inside and vice versa. We want to relay to and from user e-mail addresses we support. We do not want to relay from strangers to strangers. The trick of the spammer is to use someone else's e-mail gateway as a bulk-mailer. Some e-mail systems crash under the load. Others result in justifiably nasty messages complaining about your "open e-mail relay." Domino, Exchange and Sendmail all provide antispam and relaying controls. Remote access
From home or a hotel, our users want to get at their e-mail. An encrypted connection is a "must," not only to protect the traffic, but also to limit who can connect to the POP or IMAP service from the outside. Connection encryption can be accomplished by receiving e-mail over a Virtual Private Network (VPN) or over an SSL-encrypted web connection. Sendmail e-mail servers support using TLS (an Internet standard based on SSL) between the e-mail client and the server. From both sides now
E-mail is the #1 used service on the Internet. It is also the easiest to misuse. In addition to securing the messages themselves, securing the e-mail server is equally important. Just as with the individual messages, encryption technology can help. Good system administration policies and procedures, combined with other well-tested mechanisms such as antivirus software, complete the picture. Other Resources
Lotus Domino R5 on IBM RS/6000 (security, antispam, antirelay)
"Enhancing Microsoft Exchange Server's Security," Brien M. Posey
SSL and TLS
Spam filtering About the author
Fred Avolio is the president and founder of Avolio Consulting, Inc., a Maryland-based corporation specializing in computer and network security and dedicated to improving the state of corporate and Internet security through education and testing.