Page 874 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 874

Manage Email Security


               Email is one of the most widely and commonly used internet services.
               The email infrastructure employed on the internet primarily consists
               of email servers using Simple Mail Transfer Protocol (SMTP) to

               accept messages from clients, transport those messages to other
               servers, and deposit them into a user’s server-based inbox. In addition
               to email servers, the infrastructure includes email clients. Clients
               retrieve email from their server-based inboxes using Post Office
               Protocol version 3 (POP3) or Internet Message Access Protocol

               (IMAP). Clients communicate with email servers using SMTP. Many
               internet-compatible email systems rely on the X.400 standard for
               addressing and message handling.

               Sendmail is the most common SMTP server for Unix systems, and
               Exchange is the most common SMTP server for Microsoft systems. In
               addition to these three popular products, numerous alternatives exist,
               but they all share the same basic functionality and compliance with

               internet email standards.

               If you deploy an SMTP server, it is imperative that you properly
               configure authentication for both inbound and outbound mail. SMTP
               is designed to be a mail relay system. This means it relays mail from
               sender to intended recipient. However, you want to avoid turning your
               SMTP server into an open relay (also known as an open relay agent or
               relay agent), which is an SMTP server that does not authenticate

               senders before accepting and relaying mail. Open relays are prime
               targets for spammers because they allow spammers to send out floods
               of emails by piggybacking on an insecure email infrastructure. As open
               relays are locked down, becoming closed or authentication relays, a
               growing number of SMTP attacks are occurring through hijacked
               authenticated user accounts.

               Another option to consider for corporate email is a SaaS email

               solution. Examples of cloud or hosted email include Gmail (Google
               Apps for Business) and Outlook/Exchange Online. SaaS email enables
               you to leverage the security experience and management expertise of
               some of the largest internet-focused organizations to support your
   869   870   871   872   873   874   875   876   877   878   879