E-Mail Virus Protection Handbook

In the previous chapter, we discussed how to secure your Windows 2000 server and make it a safe, secure e-mail server now we will take the security lesson a few steps further. This chapter covers Microsoft Exchange Server 5.5, the e-mail server of choice for most enterprises. Its wide use should prompt concern about ensuring that mail on a Microsoft Exchange Server is secure, and that communications between clients on the server and clients on other servers in other enterprises are as secure as possible.
Securing Exchange Server involves ensuring that only those authorized to use the server have access to it. Exchange Server security is based on a hierarchy of objects in the directory database, and on the access that each object has to other objects in the directory. Also, Exchange Server grants access to users in an Exchange organization, site, or server by assigning them roles. Some of these roles are assigned by default; for example, the service account is assigned the Service Account Admin role, and the administrator account is assigned the Permissions Admin role.
The key to accessing e-mail and attachments is having access to the Information Store (see Figure 9.1). User access to the Information Store should be restricted to just what the user needs in order to function. Unrestricted access to the Information Store or the Directory Service databases could result in users tampering with files, resulting in loss of e-mail...