| Providing security against email related threats has | | | | configure it too. NOTE: If the relay is not set properly, |
| become a burden for most IT professionals in 2006. | | | | spammers will be able to send email from your mail |
| According to a recent study by Postini, spam and | | | | server. This exploit is commonly known as an "Open |
| email viruses now make up to 80% of all emails sent | | | | Relay" or a "Spam Relay." Use the Open Relay test at |
| out as compared to 50% in 2000. As a result, IT | | | | to check if spammers can relay mail from your server. |
| professionals now face a tougher challenge in | | | | 5. |
| providing network security for this amount of spam. IT | | | | Black Lists: Setup your mail server(s) with a black list. |
| professionals also have the disadvantage of defending | | | | A black list (black hole list) is a database or listing of |
| against new forms of email threats such as spam | | | | known spam sources. Most modern email servers can |
| zombies, directory harvest attacks, mass mailing | | | | be configured to query inbound email against online |
| trojans, as well as the latest email virus. | | | | blacklists. Messages originating from these sources |
| In this article, I have listed the seven most effective | | | | can then be blocked. I recommend configuring your |
| spam fighting tips for organizations with in-house mail | | | | email server with SpamHaus blacklist. Spamhaus.org is |
| servers. These seven tips are proven techniques I | | | | an excellent free service to use. Some other good |
| have used for my customers, partners and associates | | | | blacklists are DBSL and SpamCop. |
| who wish to tighten their perimeter (network) security. | | | | 6. |
| 1. | | | | Reverse DNS: Reverse DNS (rDNS) associates an IP |
| Firewall: A firewall is your first line of defense against | | | | Address with a Domain Name. Most mail servers, as |
| hackers, crackers, and spammers. Without a firewall, | | | | an anti-spam feature, often use a reverse DNS lookup |
| your network is a disaster waiting to happen and could | | | | to compare an email address domain name with its IP |
| give any novice hacker free reign over your network. | | | | address. If the IP address found from the rDNS lookup |
| If your organization has multiple Internet users, this tool | | | | does not match the domain name, it is probably spam. |
| is essential for securing your network. | | | | If you haven't done so, setup and configure reverse |
| 2. | | | | DNS records on your DNS server. |
| Block Port 25: On your firewall, allow outbound traffic | | | | 7. |
| on TCP port 25 for all mail servers. Block traffic on | | | | Anti-Virus Scan: There are many tools that provide |
| outbound TCP port 25 for all other computers and | | | | adequate anti-virus protection for desktops at the |
| servers. On the Internet, TCP port 25 is used for email | | | | workplace. Most anti-virus software is good at |
| traffic through SMTP (Simple Mail Transport Protocol). | | | | detecting viral threats that proliferate email spam such |
| Blocking this port is a good security practice and | | | | as mass mailing worms, trojans, and directory |
| prevents mass mailing worms and spam zombies | | | | harvesters. Large organizations might want to use |
| from sending mail from your users' computers. | | | | enterprise anti-spam software with management and |
| 3. | | | | monitoring tools that will allow tracking of network virus |
| Managed Email Filtering: Consider using a managed | | | | outbreaks. |
| filtering solution such as Postini, Brightmail, or | | | | Recommended Links: - [Postini service - managed |
| SpamSoap. Managed Email Filtering services | | | | filtering, 1 to 500 users] - [Postini service - managed |
| quarantine spam, viruses, and email threats before | | | | filtering, 500+ users] - [Blacklist] - [Blacklist] - [Blacklist] - |
| reaching the email servers on your network. In | | | | [Open relay test] - [DNS report/open relay test] - |
| comparison to desktop filters and server appliances, | | | | [Spam database lookup and open relay test] - [Spam |
| managed filtering services provide superior perimeter | | | | Zombie Article] |
| (network) protection by preventing delivery of spam | | | | Email viruses and related threats delivered through |
| and viruses to your network and servers. | | | | spam have cost businesses billions of dollars in |
| 4. | | | | expenses and lost productivity. Each spam email sent |
| Check Relay Setting: A mail server's relay setting | | | | or received from your domain costs your organization |
| controls which computers and servers are able to | | | | money and bandwidth. By implementing these seven |
| send SMTP email on your organization's behalf. Check | | | | tips, your organization can reduce spam and recover |
| your settings and limit the IP address range to email | | | | costs. |
| users on your local network. Some mail servers have | | | | This article: © Copyright 2006 Todd Green and |
| settings to limit email relay through authentication. If | | | | free for republishing. |
| authentication-based relay is available, setup and | | | | |