Setting Up a Web Server

E-mail message security

There have been a number of scares over the past few years with some of the messaging standards that have provided scant security. The worst offenders have been the SMTP message transfer protocol that transfers the message text in plain text form over an open link and MIME attachments that transfer file attachments without encryption.

These two loopholes have now been closed by most of the new mail server applications. When choosing your mail server, ensure that it supports most of the following security features that will provide a combination of encryption, authentication and validation. These are vital if you want to transfer sensitive messages and attachments over an open link (i.e. the Internet).


Figure 7.3: Secure e-mail using the S/MIME protocol

S/MIME secure/MIME

The main standard for mail attachments; this is a variation on the MIME attachment protocol that provides encryption of files. The message headers (to, subject, from and so on) remain un-encrypted.

SSL secure sockets layer

Transparent security layer supported by an SSL sever application on your Web server to provide an encrypted channel for communications between the client and server. SSL security will work with any client-to-server protocol including IMAP4.

Authenticated SMTP

This protocol requires that any user who wants to send e-mail must first be correctly authenticated by the server (this is normally carried out by asking the user to enter a name and password that are then checked against a security file or directory service, such as LDAP).

S/KEY

Simpler alternative security system...

UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Category: E-Mail Software
Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.