Please enable JavaScript.
Coggle requires JavaScript to display documents.
3 - Manage Email Security - Coggle Diagram
3 - Manage Email Security
Open relay
SMTP server that does not authenticate senders before accepting and relaying mail.
Prime targets for spammers because they allow them to send out floods of emails by piggybacking on an insecure email infrastructure
Email attacks
Mail bombing
Inundate a system with messages leading to DoS
Mail storm
When someone responds with a "reply all" to a message with a lot of other recipients
Email Security Solutions
Secure Multipurpose Internet Mail Extensions (S/MIME)
Signed messages
Sender authentication
Integrity
Nonrepudiationg
Secured enveloped messages
Authentication
Confidentiality
Pretty Good Privacy (PGP)
P2P public-private key-based email system
Domain-Based Message Authentication Reporting and Conformance (DMARC)
Should receivers trust emails that fail SPF or DKIM?
DNS-based email authentication system
DomainKeys Identified Mail (DKIM)
Was the email altered?
Allow the recipient's mail server to check that an email claiming to come from a specific domain was indeed authorized by the owner of that domain
Email authentication method designed to verify the authenticity of the sender of an email
Adds a digital signature to each email.
Sender Policy Framework (SPF)
Who is allowed to send mail for this domain?
Check that inbound messages originate from a host authorized to send messages by the owners of the SMTP origin domain
Checks the sender’s IP address.
Policy options
None
Quarantine
Reject
STARTTLS
To add TLS to services