What Is SPF? Introduction

Total Page:16

File Type:pdf, Size:1020Kb

What Is SPF? Introduction Valimail White Paper February 2018 What is SPF? Introduction Sender Policy Framework (SPF) is a Work on SPF started in 2003, and domains cornerstone of email authentication, and is the have been deploying it increasingly widely first of several standards established for that since then. SPF was published as RFC 4408 purpose. in 2006, and became an officially proposed Internet standard via RFC 7208 in 2014. In a simplistic sense, SPF lets you create a whitelist for IP addresses. If a mail server SPF is widely used by major and minor with an IP address that’s not on your list tries receivers of email (Google, Microsoft, Yahoo, to send email using your domain, it won’t etc.) as well as all Secure Email Gateways pass the SPF authentication test. (SEGs). How It Works The way SPF works is quite simple in principle: For instance, we examined the SPF records for all 62 sponsors of the 2017 1. Domain owners publish SPF records to RSA Conference. We found 58 who had the Domain Name System (DNS) that spell published SPF records, but 17 of those out the rule sets for their domains. An had records with errors in them. That’s SPF record is plain text, and it can be a nearly 30 percent failure rate — and as simple as a single line listing the IP that’s among security companies. addresses that are allowed to send email on the domain’s behalf. Companies that don’t have a lot of expertise in cybersecurity in general (and email 2. When an email server receives an incoming security in particular) often find SPF email, it examines the domain shown in even more tricky. Even some companies the message’s Return-Path header. that provide email security systems 3. Using DNS, it checks to see if there have issues with their SPF records! is an SPF record for that domain. Second, the rules (“directives” in the 4. If there is a record, the receiving server language of SPF) can be quite a bit more then checks the IP address of the mail complicated than lists of IP addresses. For server that sent the message to figure example, an SPF record can include: out if it matches the SPF rules. • A list of specific permitted IP addresses or 5. If there’s a match, the email passes the net blocks (ranges of IPs) test and, in most cases, is delivered to • Rules that point to other types of DNS the user’s inbox; if not, the receiving records. For instance, “if the MX record or server will typically reject the message the A record for the sending server con- or add a flag to it mark it as suspicious. tains a specific IP address, let the mes- While simple in theory, SPF can be complex to sage pass.” implement in practice. One potential gotcha • “Include” directives that reference SPF is that SPF records are text, but the syntax is a little tricky and it can be easy to make rules controlled by another entity. typos or other errors that are hard to spot For example, if you are using Google’s G Suite and which render the SPF record useless. and you want to enable SPF for the mail sent What is SPF? February 2018 2 by Gmail (as well as email notifications sent by com to find additional SPF rules listed there. Google Docs, Google Calendar, and so on) you Many other cloud services that send email would add “include:_spf.google.com” on their customers’ behalf — and there are to your SPF record. This tells mail servers to thousands of them — use a similar approach. do an additional DNS lookup for _spf.google. Return-Path vs. From Addresses The first big issue with SPF is that it uses MailChimp, while the human-readable From the domain shown in a message’s Return- field shows your company’s address. Path field for authentication, not the From address that humans can actually read. If the domain shown in the Return-Path for (To be fair, humans can read the Return- your messages doesn’t authenticate properly, Path address too, but usually only by then your messages may get rejected. selecting an option to view a message’s Worse, phishers can use the general full headers or the raw text of the full invisibility of Return-Path to set up their own message. It’s not usually shown by default.) domains with their own SPF records. Then The Return-Path is used to indicate where they can send out phish emails that appear bounce messages (such as non-delivery to come from a trusted company or brand, reports) should go. In some cases, that with that company’s domain showing in the address will have the same domain as From field but the phisher’s own domain what’s shown in the From field, but the in Return-Path. Such messages are fake, domains may differ in other cases. For but they will pass SPF authentication. example, if you’re sending mail through This is one reason why SPF is not a complete a mailing list, the From field might show email authentication solution on its own. An your address, while the Return-Path field additional standard (DMARC) addresses this shows the address of the email list. Or if issue by enabling the domain owner to require you’re using a bulk mailing service like “alignment,” which means that a message MailChimp, the Return-Path address might must pass SPF and its Return-Path and be an address that directs bounces to From addresses must be the same. The 10-Domain Lookup Limit The second big issue is that SPF contains can use them up fast, particularly because a limit on the number of DNS lookups that one lookup might contain other lookups of its mail servers will do when evaluating an SPF own. For instance, “include _spf.google.com” record. That limit is 10, and it was put in place actually comprises four different lookups, because the creators of SPF were concerned because the SPF record at _spf.google.com about preventing denial-of-service attacks. contains three more lookups of its own. For instance, when an SPF record has an It gets worse, because many companies are “include” directive that specifies a domain, now using a wide variety of cloud services, the authenticating server needs to do a DNS similar to G Suite, that send emails on their lookup for that domain, in order to retrieve behalf (for notifications, customer emails, its SPF record, containing additional rules. etc.). Every one of these, from Salesforce. While 10 lookups might sound like a lot, you com to Sendgrid, needs to be spelled out in What is SPF? February 2018 3 an SPF record “include” directive if you want 10th lookup they just stop, even if there their messages to authenticate as legitimate are more “includes” to evaluate. As a emails from your company. Any of their result, emails that the domain owner includes may include multiple DNS lookups. intends to authenticate may fail SPF, since the server may never get to the rule Even if you take care to count the total that would have authenticated them. number of lookups, one of the vendors you use might change their own SPF record, There’s no limit on the number of IP changing the number of lookups they addresses you can include in an SPF do, which then affects your total — and record, so some organizations try to get you’ll get no notification about that. around the 10-domain lookup limit by listing authorized servers by IP address Receiving email servers don’t tell you instead of domain name. This is called if they exceed the 10-lookup limit when “flattening,” but it has problems of its own. trying to authenticate an email. After the Forwarding Limitations A third issue with SPF is that it doesn’t support Any SPF records from senders trying to email forwarding. For instance, if you’re reach you through that address won’t an alumnus of a college that offers you a validate, because to the Gmail server, it lifetime email address (@alumni.college. looks like the message is coming from the edu or something similar), that probably college’s email server, not the source. The forwards email to your actual address same problem applies to e-mail lists. (gmail.com or your company address). Automation Addresses SPF Limitations SPF is an essential part of email or that it gets quarantined/rejected (if it authentication, but it wasn’t designed for fails). In the absence of a DMARC record, the cloud era and is unwieldy if you use how receiving servers handle a message more than two or three cloud services that fails SPF is entirely up to them. that send email on your behalf. Hand- crafting SPF records and maintaining them Valimail has automated the key aspects in conventional DNS doesn’t work for most of email authentication, including SPF. organizations. What’s more, SPF doesn’t Valimail’s platform includes a DNS responder ensure that mail gets delivered (if it passes) that, via a one-time delegation, responds to queries for a domain’s SPF record. About Valimail Valimail provides the first and only truly protect organizations’ reputations. Valimail automated email authentication solution for authenticates billions of messages a month brand protection and anti-fraud defense. for some of the world's biggest companies, in Valimail's patented, standards-compliant finance, government, transportation, health technology provides an unrivaled one-click care, manufacturing, media, technology, and solution for DMARC enforcement to stop more.
Recommended publications
  • Electronic Mail
    CSECSE 265:265: SystemSystem andand NetworkNetwork AdministrationAdministration ● Electronic Mail – Mail systems – Addressing, mail headers – Client/server philosophy, mail homes – Aliases, mail routing, mailing list software – sendmail – Security – Performance Spring 2016 CSE 265: System and Network Administration ©2004-2016 Brian D. Davison MailMail systemssystems ● Four components – Mail user agent (MUA) to read and compose mail – Mail transport agent (MTA) route messages – Delivery agent that stores messages for later retrieval by users – Optional access agent to connect user agent to message store Spring 2016 CSE 265: System and Network Administration ©2004-2016 Brian D. Davison TheThe bigbig picturepicture Spring 2016 CSE 265: System and Network Administration ©2004-2016 Brian D. Davison UserUser agentsagents ● Provide means to read and compose email – Outlook, Thunderbird, Eudora, pine, elm, IMP, /bin/mail, emacs, web-based gmail, and more ● Often have system-wide and personal configuration files ● Multipurpose Internet Mail Extensions (MIME) encoding for different text formats and attachments Spring 2016 CSE 265: System and Network Administration ©2004-2016 Brian D. Davison TransportTransport agentsagents ● Transport agents accept mail from a user agent, and deliver mail to the correct hosts – PMDF, postfix, smail, Exim, sendmail ● Speak the Simple Mail Transport Protocol (SMTP) or Extended SMTP (ESMTP) ● Run on port 25 (unencrypted) Spring 2016 CSE 265: System and Network Administration ©2004-2016 Brian D. Davison DeliveryDelivery agentsagents – Accepts mail from a transport agent, and delivers to the local recipient – Delivery can be to ● a person's mailbox ● a mailing list ● a file ● a program – Agents include ● /bin/mail for local users ● /bin/sh for programs ● /usr/bin/procmail for user-configurable delivery Spring 2016 CSE 265: System and Network Administration ©2004-2016 Brian D.
    [Show full text]
  • Presentations Made by Senders
    SES ���� ��� � �� � � � � � � � ������������� DomainKeys ��������� SPF ��������������������� ���������� ����������������� ������������������������������������������������ Contents Introduction 3 Deployment: For Email Receivers 6 Audience 3 Two Sides of the Coin 6 How to Read this White Paper 3 Recording Trusted Senders Who Passed Authentication 6 A Vision for Spam-Free Email 4 Whitelisting Incoming Forwarders 6 The Problem of Abuse 4 What To Do About Forgeries 6 The Underlying Concept 4 Deployment: For ISPs and Enterprises 7 Drivers; or, Who’s Buying It 4 Complementary considerations for ISPs 7 Vision Walkthrough 5 Deployment: For MTA vendors 8 About Sender Authentication 8 Which specification? 8 An Example 8 Conformance testing 8 History 8 Perform SRS and prepend headers when forwarding 8 How IP-based Authentication Works 9 Add ESMTP support for Submitter 8 The SPF record 9 Record authentication and policy results in the headers 8 How SPF Classic Works 9 Join the developers mailing list 8 How Sender ID works 9 Deployment: For MUA vendors 9 How Cryptographic Techniques Work 0 Displaying Authentication-Results 9 Using Multiple Approaches Automatic switching to port 587 9 Reputation Systems Deployment: For ESPs 20 Deployment: For Email Senders 2 Don’t look like a phisher! 20 First, prepare. 2 Delegation 20 Audit Your Outbound Mailstreams 2 Publish Appropriately 20 Construct the record 2 Deployment: For Spammers 2 Think briefly about PRA and Mail-From contexts. 3 Two Types of Spammers 2 Test the record, part 3 Publish SPF and sign with DomainKeys. 2 Put the record in DNS 3 Stop forging random domains. 2 Test the record, part 2 4 Buy your own domains. 2 Keep Track of Violations 4 Reuse an expired domain.
    [Show full text]
  • DMARC: Monitor & Secure Your Email Delivery
    Guide DMARC: Monitor & secure your email delivery Chris Nagele Founder of Wildbit postmarkapp.com Read the web version. Do you know every source of email for your domain? Are spammers trying to spoof your email domain for hacking or fraud opportunities? Are you complying with the best email practices to ensure inbox delivery? These are the questions that DMARC answers, giving you full control of email delivery for your company’s domain. At Postmark, email authentication has been extremely important to us from day one. We believe that anyone should be able to easily send emails with proper infrastructure, tools, and email standards without having to pay enterprise prices. DMARC, and our support of it, is a big part of this mission. 2 What is DMARC? DMARC (Domain-based Message Authentication, Reporting & Conformance) is a standard that prevents spammers from using your domain to send email without your permission — also known as spoofing. Spammers can forge the “From” address on messages so the spam appears to come from a user in your domain. A good example of this is PayPal spoofing, where a spammer sends an email to you pretending to be PayPal in an effort to obtain your account information. DMARC ensures these emails get blocked before you even see them in your inbox. In addition, DMARC gives you great visibility and reports into who is sending email on behalf of your domain, ensuring only legitimate email is received. The good news is that DMARC is open and free for anyone to use, allowing you to secure your domain’s emails and gain control of your email delivery.
    [Show full text]
  • Messagelabs Email Security Services Administrator Guide
    Email Security Services Administrator Guide For Microsoft Exchange® Environments Licensed Customer Confidential Licensed Customer Confidential Legal Notices Copyright© 1998-2009 Dell MessageOne, Inc. All Rights Reserved. Information in this document is subject to change without notice. All names of companies, organizations, persons, or other entities, and all sample data used in content and examples is fictitious and not meant to represent any real company, organization, person, or actual data. No part of this publication may be reproduced, modified, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise without the prior written permission of Dell MessageOne, Inc. Reproduction prohibitions do not extend to distribution among the employees of licensed customers or for use in activities conducted by Dell MessageOne partners in the course of sales, marketing, training, or support. MessageOne is a registered trademark and “Business Continuity that makes Business Sense,” EMS, SyncManager, RedirectorSink, RedirectorController, RecoveryManager, and OneSwitch are trademarks of Dell MessageOne, Inc. MessageLabs® and the MessageLabs logo are trademarks of MessageLabs Ltd. Research in Motion, RIM, and BlackBerry are trademarks/registered trademarks of Research in Motion Limited. All other trademarks are the property of their respective owners. This product uses certain third-party software. Relevant licensing information is provided in the MESSAGEONE LICENSE file in the installation directory. Dell
    [Show full text]
  • Using Dmarc to Improve Your Email Reputation Zink
    USING DMARC TO IMPROVE YOUR EMAIL REPUTATION ZINK USING DMARC TO IMPROVE up with ways to mitigate this problem using two primary technologies. YOUR EMAIL REPUTATION Terry Zink 1.1 Terminology Microsoft, USA In email, people naturally thing that the sender of the message is the one in the From: fi eld – the one that they see in their email Email [email protected] client. For example, suppose that you are a travel enthusiast and you receive the email shown in Figure 3. You received the message ‘from’ [email protected], right? Wrong. ABSTRACT In email, there are two ‘From’ addresses: In 2012, the world of email fi ltering created a new tool to combat 1. The SMTP MAIL FROM, otherwise known as the RFC spam and phishing: DMARC [1, 2]. DMARC, or Domain-based 5321.MailFrom [3]. This is the email address to which the Message Authentication, Reporting & Conformance, is a technology that is designed to prevent spammers from From [email protected] <[email protected]> forging the sender, thus making brands more resistant to Subject Receipt for your Payment to Penguin Magic abuse. However, its most powerful feature is the built-in To Me reporting mechanism that lets brand owners know they are being spoofed. June 10, 2014 08:42:54 PDT DMARC has its upsides, and it is very useful for Transaction ID: 8KAHSL918102341 preventing spoofi ng, but it also has some drawbacks – it will fl ag some legitimate email as spam, and it will Hello Terry Zink, cause some short-term pain. You sent a payment of $427.25 USD to Penguin Magic.
    [Show full text]
  • Permanent Email • Spam and Spoofing
    CU eComm Program Permanent Email • Spam and Spoofing We get a lot of inquiries regarding SPAM. As a result, we have compiled a list of the most frequently asked questions with explanations for each. See below. I hope you find this information helpful. SPAM FAQ Is the alumni association sending me spam? No. Neither the alumni association nor Harris Internet Services, who host the Alumni Connections servers that maintain the email forwarding service, are the source of the spam. We respect your privacy and do not sell, or otherwise distribute, alumni email addresses; nor have they been stolen. How did the spammers get my address? Unfortunately, there are many ways that spammers obtain email addresses: addresses compiled by commercial entities from web commerce; web crawlers searching for specific domain names (such as @alumni.anyschool.edu) on any web site where contact information might be listed; and a practice sometimes called "blind spamming" or "dictionary spamming" in which spammers simply guess at the username before the @ sign and send literally thousands of messages. This is why you may see a message addressed to "albert@, allen@, andrew@ ...," etc. The spammers run what is basically a dictionary of usernames against a domain • those that don't immediately bounce are kept and reused. This can give the false impression that the spammer has access to the list of user accounts. Viruses can also generate unwanted email and harvest addresses for spammers. Even if your computer is not infected, if someone else has your address in their address book and their computer becomes infected, viruses will often send multiple messages to everyone in the address book.
    [Show full text]
  • Email Sender Authentication Development and Deployment
    EMAIL SENDER AUTHENTICATION DEVELOPMENT AND DEPLOYMENT (PROJECT CHEESEPLATE) Volume I Technical and Management Proposal pobox.com IC Group, Inc. [email protected] v1.01 20041217 Full Proposal Control Number EB8A Email Sender Authentication OFFICIAL TRANSMITTAL LETTER IC Group, Inc., a New York State corporation, doing business as pobox.com, respectfully submits a proposal in response to solicitation BAA04-17 for Cyber Security Research and Development. It is submitted under Category 3, Technical Topic Area 7, Technologies to Defend Against Identity Theft, for consideration as a Type II Prototype Technology. Solicitation Title: BAA 04-17 Topic Title: Technologies to Defend Against Identity Theft Type Title: Type II (Prototype Technologies) Full Proposal Control Number: EB8A Proposal Title: Email Sender Authentication A companion proposal, Reputation System Clearinghouse (1RGT), is also being submitted under the same category and type. We request that these two proposals be read together. This proposal should be read first. This proposal was authored by Meng Weng Wong, Founder and Chief Technology Officer for Special Projects. He can be contacted at [email protected]. Meng Weng Wong IC Group, Inc. 1100 Vine St Ste C8 Philadelphia, PA 19107 December 15th 2004 EIN: 113236046 Central Contractor Registration: 3EKUCT Email Sender Authentication 2 EXECUTIVE SUMMARY Pobox.com aims to fight phishing by adding sender authentication “Phishing” is a class of high-tech scam that functionality to the Internet email system. First we will build a library uses fraudulent e-mail to deceive consum- ers into visiting fake replicas of familiar to implement a useful set of recently devised anti-forgery specifica- Web sites and disclosing their credit card tions, including ip-based approaches such as SPF and crypto-based numbers, bank account information, Social approaches such as DomainKeys.
    [Show full text]
  • Solution Guide Email Management GROUP Business Software
    Solution Guide Email Management GROUP Business Software About GBS GROUP Business Software is a leading supplier of solutions and services for the leading IBM and Microsoft collaboration platform. With the Competence Centers Security, Portal & BPM, Mobility and Modernization, GBS enables its customers to manage the challenges of today and tomorrow faster, easier and more targeted. Competencies GBS solutions feature outstanding usability and unmatched efficiency. The necessary user interaction is reduced to a bare minimum. Centrally defined processes ensure compliance with corporate policies and statutory requirements. Customers Over 5,000 customers and more than 4 million users worldwide trust in the expertise of GBS. 2 Contents Legally compliant email management with iQ.Suite 4 Platforms supported 6 iQ.Suite – An overview 7 Uncompromising email security 8 n iQ.Suite Trailer – Rule-based legal disclaimer 9 n iQ.Suite Watchdog – Central virus protection 10 n iQ.Suite Wall – Multi-level spam protection and intelligent content analysis 11 n iQ.Suite DLP – Protection against data theft 13 n iQ.Suite Crypt Pro – Server-based email encryption 14 n iQ.Suite WebCrypt Pro – Email encryption made easy 15 n iQ.Suite PDFCrypt – PDF-based email encryption 16 Legally compliant email archiving 17 n iQ.Suite Bridge – Legally compliant email archiving and compliance interface 18 n iQ.Suite Store Pro – Central reduction of server load 19 Email productivity for efficient processes 20 n iQ.Suite Connect – The smart link to social business 21 n iQ.Suite Clerk – Rule-based email forwarding 22 n iQ.Suite Smart – Work-life-balance in email reception 23 n iQ.Suite Budget – Efficient cost control 24 Professional services 25 References 26 Contact 30 3 Legally compliant email management with iQ.Suite The majority of business correspondence is now handled GBS’ iQ.Suite is a comprehensive email management via email – from offers and orders through to contracts and solution.
    [Show full text]
  • Towards the Adoption of Anti-Spoofing Protocols
    Towards the Adoption of Anti-spoofing Protocols Hang Hu, Peng Peng, Gang Wang Department of Computer Science, Virginia Tech {hanghu, pengp17, gangwang}@vt.edu Abstract—Email spoofing is a critical step in phishing attacks, where the attacker impersonates someone that the victim knows or trusts. In this paper, we conduct a qualitative study to explore why email spoofing is still possible after years of efforts to design, develop, and promote anti-spoofing protocols (SPF, DKIM, DMARC). Previous research shows that the adoption rates of anti-spoofing protocols are still very low. To understand the reasons behind the slow adoption, we conduct a user study with 9 email administrators from different institutions. The results show that email administrators are aware of the weaknesses of these protocols and believe the current protocol adoption lacks the crucial mass due to the protocol defects, weak incentives, and practical deployment challenges. Based on these results, we Fig. 1. A spoofing email that impersonates the U.S. Citizenship and discuss the key implications to protocol designers, email providers Immigration Services (USCIS). We acted as the attacker and sent this email and users, and future research directions to mitigate the email to our own account. The email arrived the inbox without triggering any alert (Mr. Hu is a fictional name). spoofing threats. I. INTRODUCTION administrators from different institutions. This user study turned Phishing attack is a known threat to the Internet. Recently, out to be challenging to conduct. Part of the reason is that this threat has been significantly escalated due to its heavy the candidate pool is small.
    [Show full text]
  • Iway Mail Upgrade User Manual
    IWAY MAIL UPGRADE USER MANUAL User guide documentation and FAQ on iWay site Table of Contents 1. How to logon to webmail ................................................................................................................... 2 2. Password Management ..................................................................................................................... 2 2.1 Guideline of how to create a strong password and password security ........................................ 2 2.1.1 How to Create a strong password .......................................................................................... 2 2.1.2 Tricks for creating strong passwords ..................................................................................... 3 2.1.3 What else has changed .......................................................................................................... 3 2.1.4 What to Expect ....................................................................................................................... 3 2.2 How to change password at first login to the new Email system ................................................. 4 2.3 How to change password from inside your email Mailbox .......................................................... 5 2.4 Setting up your Recovery Email .................................................................................................... 5 2.5 How to Reset / Change your Password via your Recovery Email ................................................. 7 3. Setting up your Mail Client ...............................................................................................................
    [Show full text]
  • Sender Policy Framework (SPF) a Convention to Describe Hosts Authorized to Send SMTP Traffic
    Internet Draft Category: Experimental Mark Lentczner draft-mengwong-spf-00.txt Meng Weng Wong, pobox.com Expires: July 2004 February 2003 Sender Policy Framework (SPF) A Convention to Describe Hosts Authorized to Send SMTP Traffic Status of this Memo This document is an Internet-Draft and is subject to all provisions of Section 10 of RFC2026 except that the right to produce derivative works is not granted. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/1id-abstracts.html The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html This Internet-Draft will expire in July 2004. Abstract Email address forgery is a problem on the Internet today. Domain owners want to control the use of their names in email, but are helpless because they lack the means. This document introduces a language for domains to make email-related declarations in DNS. It defines in detail one possible sender authentication scheme for domains to describe the hosts from which they send mail. SMTP receivers can use this scheme to detect sender forgery. Wong & Lentczner [Page 01] Internet-Draft Sender Policy Framework Feb 10 2004 Table of Contents 1.
    [Show full text]
  • Administrator's Guide
    Kerio Connect Administrator’s Guide Kerio Technologies 2011 Kerio Technologies s.r.o. All rights reserved. This guide provides detailed description on Kerio Connect, version 7.2. All additional modifications and updates reserved. For current versions of the product and related manuals, check http://www.kerio.com/connect/download/. Information regarding registered trademarks and trademarks are provided in appendix A. Contents 1 Introduction .................................................................. 10 1.1 Additional documentation ............................................... 10 1.2 Quick Checklist .......................................................... 10 2 Installation .................................................................... 13 2.1 System requirements .................................................... 13 2.2 Conflicting software ..................................................... 14 2.3 Firewall configuration .................................................... 14 2.4 Installation .............................................................. 15 2.5 Configuration Wizard .................................................... 23 2.6 Upgrade and Uninstallation .............................................. 25 3 Kerio Connect components .................................................... 28 3.1 Kerio Connect Monitor ................................................... 28 3.2 Standalone processes of the server ....................................... 31 4 Kerio Connect administration ................................................
    [Show full text]