DOCSLIB.ORG

Professional Manual

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Professional Manual Professional Manual 1 Table of Contents 1. Table of Contents 1-8 2. Introduction 9 2.1. Introduction 9 2.2. Prerequisites 9-10 2.3. How Internet Email Works 10-11 2.4. What's New in Version 10 11-12 3. Overview 13 3.1. Overview 13 3.2. Structure of MailEnable 13-14 3.3. Administration 14-15 3.4. Email Delivery Flow 15-16 4. Installation 17 4.1. Installation Overview 17 4.2. Installation process 17-25 4.3. Upgrading 25 4.3.1. Upgrading Overview 25 4.3.2. Upgrading an existing web mail installation 25-26 4.3.3. Configuration repository location 26 4.3.4. Replace configuration files 26-27 4.4. Post-installation configuration 27 4.4.1. MailEnable Diagnostic Utility 27-29 4.4.2. Check and configure DNS settings 29 4.4.3. To set up PTR records under Microsoft's DNS Server 29-30 4.4.4. Check mail services 30 5. Administration 31 5.1. Administration Overview 31 5.2. Messaging Manager 31 5.2.1. Messaging Manager Overview 31-32 5.2.2. Messaging Manager - General 32 5.2.3. Messaging Manager - Administration 32-33 5.2.4. Messaging Manager - Security 33-34 1 ©2018 MailEnable Pty Ltd. All Rights Reserved. Professional Manual 5.2.5. Messaging Manager - Footers 34 5.3. Post office configuration 34 5.3.1. Post office configuration Overview 34-35 5.3.2. How to create a Post Office 35 5.3.3. Post office - General 35-36 5.3.4. Postoffice - Footers 36-37 5.3.5. Postoffice - Usage Notifications 37-38 5.3.6. Postoffice - Web Admin 38-39 5.3.7. Postoffice - Auth Policies 39-40 5.3.8. Postoffice- Facebook 40 5.3.9. Post office actions 40 5.3.9.1. Post office actions Overview 40-41 5.3.9.2. Export users 41 5.3.9.3. Import Windows users 41 5.3.9.4. Import users 41 5.3.9.5. Email users (all) 41-42 5.3.9.6. Email users (individual) 42 5.3.9.7. Delete Inbox Messages 42 5.3.9.8. Set Quotas 42 5.3.9.9. Edit default message 42 5.4. Domain configuration 42 5.4.1. How to create a domain 42 5.4.2. Domain - General 42-44 5.4.3. Domain - Blacklists 44 5.4.4. Domain - DKIM (DomainKeys) 44-47 5.4.5. Autodiscover 47-48 5.5. Mailbox configuration 48 5.5.1. Mailbox Overview 48 5.5.2. How to create a mailbox 48 5.5.3. Mailbox - General 48-49 5.5.4. Mailbox - Addresses 49-50 5.5.5. Mailbox - Redirection 50-51 5.5.6. Mailbox - Actions 51-52 2 Professional Manual Professional Manual 5.5.7. Mailbox - Messages 52-53 5.5.8. Mailbox - POP Retrieval 53-54 5.5.9. Mailbox - Auth Policies 54-55 5.6. Group configuration 55 5.6.1. How to create a group 55-56 5.6.1.1. How to add a group member 56 5.6.1.2. How to import group members 56 5.6.2. Group - General 56-57 5.7. Lists configuration 57 5.7.1. Lists Overview 57 5.7.2. How to create a list 57 5.7.3. Lists - General 57-58 5.7.4. Lists - Options 58-60 5.7.5. Lists - Headers and Footers 60-61 5.7.6. Importing list members 61 5.7.7. List commands 61 5.8. Server configuration 61-62 5.8.1. Localhost - General 62-63 5.8.2. Localhost - Policies 63-64 5.8.3. Localhost - Secure Sockets Layer (SSL) encryption 64-65 5.8.4. Localhost - Auditing 66-67 5.8.5. Localhost - Facebook 67 5.9. Advertising and Campaign Management 67 5.9.1. How to enable campaign management 67-68 5.9.2. How to enable Advertising banners in web mail 68 5.10. Option Files 68-69 6. Services and Connectors 70 6.1. ActiveSync 70 6.2. CalDAV/CardDAV 70-71 6.2.1. CalDAV and CardDAV configuration 71-72 6.2.2. Integrated Mailbox Calendar 72 6.2.3. iCalendar Hosting 72-73 6.3. IMAP Service 73 3 ©2018 MailEnable Pty Ltd. All Rights Reserved. Professional Manual 6.3.1. IMAP Service Overview 73 6.3.2. IMAP - General 73-75 6.3.3. IMAP - Settings 75 6.3.4. IMAP - Logging 75-76 6.4. List Server Connector 76 6.4.1. List Server Connector 76-77 6.5. Management Service 77 6.5.1. Management Service Overview 77 6.5.2. Management properties 77 6.5.2.1. Management Logging 77-78 6.5.3. Greylist Cleanup agent 78-79 6.5.4. Log Archive agent 79-81 6.6. Mail Transfer Agent (MTA) 81 6.6.1. MTA Overview 81 6.6.2. MTA - General 81-82 6.6.3. MTA - Archiving 82-83 6.7. POP Retrieval Connector 83 6.7.1. POP Retrieval Connector 83-84 6.8. POP Service 84 6.8.1. POP Service Overview 84-85 6.8.2. POP - General 85-86 6.8.3. POP - Advanced 86-87 6.8.4. POP - Logging 87-88 6.9. Postoffice Connector 88 6.9.1. Postoffice connector Overview 88 6.9.2. Postoffice connector - General 88-90 6.9.3. Postoffice connector - Logging 90 6.10. Search Indexing 90 6.10.1. Search Indexing Overview 90 6.10.2. Search Indexing Settings 90-91 6.11. SMTP Connector 91 6.11.1. SMTP Connector Overview 91 4 Professional Manual Professional Manual 6.11.2. SMTP - General 91-92 6.11.3. SMTP - Inbound 92-94 6.11.4. SMTP - Outbound 94-95 6.11.5. SMTP - Relay 95-97 6.11.6. SMTP - Security 97-99 6.11.7. SMTP - Advanced SMTP 99-101 6.11.8. SMTP - Delivery 101-103 6.11.9. SMTP - Smart Host 103-104 6.11.10. SMTP - Logging 104-105 6.11.11. SMTP - Blocked addresses 105-106 6.11.12. SMTP - Whitelist 106-107 6.11.13. SMTP - Sender Policy Framework (SPF) 107-108 6.11.14. SMTP - DNS Blacklisting 108-111 6.11.15. SMTP - Greylisting 111-113 6.11.16. SMTP - IP Blocking 113-114 6.11.17. SMTP Connections 114-115 6.11.18. SMTP Queues 115-116 6.12. SyncML 116 6.12.1. SyncML Protocol 116 6.12.2. Using SyncML 116-117 6.12.3. SyncML Synchronization Data 117-118 6.13. Synchronization Service 118 6.13.1. Synchronization - General 118-119 6.13.2. Synchronization - HTTPMail 119-120 6.13.2.1. Configuration 120 6.13.3. Synchronization WebDAV 120-121 6.14. Web Administration 121 6.14.1. Web administration Overview 121 6.14.2. WebAdmin - General settings 121-122 6.14.3. WebAdmin - Features settings 122 6.14.4. How to enable the Web Administration interface 122-125 6.14.5. How to add the Web Administration interface to web sites within IIS 125-126 6.14.6. How to access the Web Administration interface 126-127 5 ©2018 MailEnable Pty Ltd. All Rights Reserved. Professional Manual 6.15. Web Mail 127 6.15.1. Web Mail Overview 127-128 6.15.2. Web Mail - Properties 128 6.15.2.1. Web Mail - General 128-130 6.15.2.2. Web Mail - Spam 130-131 6.15.2.3. Web Mail - Logging 131-132 6.15.3. Configuring Web Mail 132 6.15.3.1. Configuring web mail Overview 132 6.15.3.2. Publishing via host headers or virtual directories 132-134 6.15.4. Browser compatibility 134-135 6.15.5. File Storage 135-136 6.16. XMPP Service 136 6.16.1. XMPP Service Overview 136-137 6.16.2. XMPP - Settings 137-138 6.16.3. XMPP - Advanced 138 6.16.4. XMPP - Roster 138 6.16.5. XMPP - Logging 138 7. Message Filtering 139 7.1. How to enable Message Filtering 139 7.2. MailEnable Message Filter Properties 139-140 7.3. Spam Protection 140-141 7.4. Global Filtering 141 7.4.1. How to create a Global Filter 141 7.4.2. Filter Criteria 141-144 7.4.3. Filter actions 145-147 7.4.4. Token Substitutions 147 7.5. Scripted Filtering 147 7.5.1. Overview 147 7.5.1.1. Scripted Filtering 147-148 7.5.1.2. Literal values 148-149 7.5.1.3. Enumerations requiring the CriteriaMet syntax 149-150 7.5.2. Basic Script Example 150-151 7.5.3. Advanced Script Example 151-152 6 Professional Manual Professional Manual 7.6. Antivirus filtering 152 7.6.1. ClamAV Antivirus Filtering 152 7.6.2. How to implement antivirus filtering 152-154 7.6.3. Configuring the antivirus filter 154-155 7.6.4. Testing Antivirus Configuration 155 7.7. Bayesian filtering 155 7.7.1. Configuring Bayesian Filtering 155 7.7.1.1. Setting up auto-training Bayesian filtering Overview 155 7.7.1.2. Step 1: Set up auto-training for the filter 155-156 7.7.1.3. Step 2: Collecting spam for auto-training 156 7.7.1.4. Step 3: Collecting ham for auto-training 156 7.7.1.5. Step 4: Create a global Bayesian filter 156 7.7.1.6. Step 5: Testing the Bayesian filter 156-157 7.7.2. Bayesian filter general settings 157-158 7.7.3. MailEnable Default Dictionary 158 7.7.4. Manual training 158-160 7.7.5.
Load more

Recommended publications
  • Electronic Mail Standard
    IT Shared Services Standard: Electronic Mail Standard For South Carolina State Agencies Version 1.0 Effective: August 8, 2018 Revision History: Date Authored by Title Ver. Notes Recommended by the Security and Architecture 08.08.2018 Standards 1.0 Executive Oversight Group. Review Board Standard finalized. Electronic Mail Standard | 2 Contents Revision History: ................................................................................................................................... 1 Electronic Mail ...................................................................................................................................... 4 Rationale ........................................................................................................................................... 4 Agency Exception Requests ............................................................................................................... 4 Current State..................................................................................................................................... 4 Purchasing......................................................................................................................................... 4 Maintenance ..................................................................................................................................... 5 Service Level Agreements ............................................................................................................. 5 Security ............................................................................................................................................
    [Show full text]
  • Dnsservicediscovery Mach-Based API
    DNSServiceDiscovery Mach-Based API February 1, 2004 REPRESENTATION, EITHER EXPRESS OR IMPLIED, WITH RESPECT TO THIS MANUAL, Apple Computer, Inc. ITS QUALITY, ACCURACY, © 2001, 2004 Apple Computer, Inc. MERCHANTABILITY, OR FITNESS FOR A PARTICULAR PURPOSE. AS A RESULT, THIS All rights reserved. MANUAL IS SOLD ªAS IS,º AND YOU, THE PURCHASER, ARE ASSUMING THE ENTIRE No part of this publication may be RISK AS TO ITS QUALITY AND ACCURACY. reproduced, stored in a retrieval system, or IN NO EVENT WILL APPLE BE LIABLE FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, transmitted, in any form or by any means, OR CONSEQUENTIAL DAMAGES mechanical, electronic, photocopying, RESULTING FROM ANY DEFECT OR INACCURACY IN THIS MANUAL, even if recording, or otherwise, without prior advised of the possibility of such damages. written permission of Apple Computer, Inc., THE WARRANTY AND REMEDIES SET with the following exceptions: Any person FORTH ABOVE ARE EXCLUSIVE AND IN is hereby authorized to store documentation LIEU OF ALL OTHERS, ORAL OR WRITTEN, EXPRESS OR IMPLIED. No Apple dealer, agent, on a single computer for personal use only or employee is authorized to make any and to print copies of documentation for modification, extension, or addition to this warranty. personal use provided that the Some states do not allow the exclusion or documentation contains Apple’s copyright limitation of implied warranties or liability for notice. incidental or consequential damages, so the above limitation or exclusion may not apply to The Apple logo is a trademark of Apple you. This warranty gives you specific legal Computer, Inc. rights, and you may also have other rights which vary from state to state.
    [Show full text]
  • Polycom UC Software 5.4.3 Administrator Guide
    ADMINISTRATOR GUIDE UC Software 5.4.3 | March 2016 | 3725-49104-010A Polycom® UC Software 5.4.3 Copyright© 2016, Polycom, Inc. All rights reserved. No part of this document may be reproduced, translated into another language or format, or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Polycom, Inc. 6001 America Center Drive San Jose, CA 95002 USA Trademarks Polycom®, the Polycom logo and the names and marks associated with Polycom products are trademarks and/or service marks of Polycom, Inc. and are registered and/or common law marks in the United States and various other countries. All other trademarks are property of their respective owners. No portion hereof may be reproduced or transmitted in any form or by any means, for any purpose other than the recipient's personal use, without the express written permission of Polycom. Disclaimer While Polycom uses reasonable efforts to include accurate and up-to-date information in this document, Polycom makes no warranties or representations as to its accuracy. Polycom assumes no liability or responsibility for any typographical or other errors or omissions in the content of this document. Limitation of Liability Polycom and/or its respective suppliers make no representations about the suitability of the information contained in this document for any purpose. Information is provided "as is" without warranty of any kind and is subject to change without notice. The entire risk arising out of its use remains with the recipient. In no event shall Polycom and/or its respective suppliers be liable for any direct, consequential, incidental, special, punitive or other damages whatsoever (including without limitation, damages for loss of business profits, business interruption, or loss of business information), even if Polycom has been advised of the possibility of such damages.
    [Show full text]
  • Page 1 of 65 Chapter 6
    Chapter 6 - Windows 2000 DNS Page 1 of 65 Windows 2000 Server Chapter 6 - Windows 2000 DNS Microsoft® Windows® 2000 DNS is compliant with the standard Domain Name System (DNS) as described in the Request for Comments (RFC) documents of the Internet Engineering Task Force (IETF). DNS is the de facto naming system for Internet Protocol (IP)–based networks and the naming service that is used to locate computers on the Internet. Because Windows 2000 DNS is RFC- compliant, it interoperates with most of the other DNS server implementations, such as those DNS servers that use the Berkeley Internet Name Domain (BIND) software. This chapter describes the new features and enhancements of Windows 2000 DNS and explains how to set up and configure some of the features. For more information about DNS-related RFC standards that are supported by Windows 2000, see "Introduction to DNS" in this book. In This Chapter Introduction to the Windows 2000 Implementation of DNS Naming Hosts and Domains Windows 2000 Resolver Setting Up DNS for Active Directory Active Directory Integration and Multimaster Replication Dynamic Update and Secure Dynamic Update Aging and Scavenging of Stale Records Integration with WINS Interoperability with Other DNS Servers Internet Access Considerations Troubleshooting Related Information in the Resource Kit l For more information about TCP/IP, see "Introduction to TCP/IP" in this book. l For more information about the Windows Internet Name Service, see "Windows Internet Name Service" in this book. l For information about Domain Name System concepts, see "Introduction to DNS" in this book. l For more information about Active Directory, see "Active Directory Logical Structure" in Microsoft® Windows® 2000 Server Resource Kit Distributed Systems Guide.
    [Show full text]
  • Guidelines on Electronic Mail Security
    Special Publication 800-45 Version 2 Guidelines on Electronic Mail Security Recommendations of the National Institute of Standards and Technology Miles Tracy Wayne Jansen Karen Scarfone Jason Butterfield NIST Special Publication 800-45 Guidelines on Electronic Mail Security Version 2 Recommendations of the National Institute of Standards and Technology Miles Tracy, Wayne Jansen, Karen Scarfone, and Jason Butterfield C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 February 2007 U .S. Department of Commerce Carlos M. Gutierrez, Secretary Technology Administration Robert C. Cresanti, Under Secretary of Commerce for Technology National Institute of Standards and Technology William Jeffrey, Director Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security, and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-45 Version 2 Natl. Inst. Stand. Technol. Spec. Publ. 800-45 Version 2, 139 pages (Feb.
    [Show full text]
  • Networks: Access Management Windows 2000 Server Class Notes # 18 Domain Name Server (Part I) February 12, 2004
    Networks: Access Management Windows 2000 Server Class Notes # 18 Domain Name Server (Part I) February 12, 2004 Computers connected to a network require distinct IP addresses in order to communicate using the TCP/IP protocol. The IP addresses provide a distinct location for the sending and receiving of information. The IP addresses consist of a complicated set of numbers (4 octet address) that is not easy to remember. Therefore, DNS is used to provide a mapping between a name and its IP address. DNS is made up of many elements to provide name resolution for clients on a TCP/IP network, including name servers, domains, zones, zone files, and records. For any computer on the Internet, you can find the address of any other computer using the DNS hierarchy or namespace. This information is acquired within seconds. There is no one person or organization keeping track of the DNS machine name to IP address database. The responsibility for keeping track of the name to IP address relationship is maintained locally. For example, if your DNS server tries to figure out the IP address of www.google.com then your DNS server is soon going to be talking to the google DNS server to resolve that name. The DNS names are arranged in pieces separated by a period. For example, teacher.wqsb.qc.ca has four pieces where each piece can’t exceed 63 characters in length and the entire name can’t exceed 255 characters in total. The left most piece is the computer name, the remaining pieces to the right of the computer name is the DNS domain or DNS suffix.
    [Show full text]
  • What Is DMARC, SPF, and DKIM? • How to Configure • Common Mistakes • Best Practices • How Phishes Get By
    How to Prevent 81% of Phishing Attacks From Sailing Right Through DMARC, SPF, and DKIM Roger A. Grimes Data-Driven Defense Evangelist [email protected] About Roger • 30 years plus in computer security • Expertise in host and network security, IdM, crypto, PKI, APT, honeypot, cloud security • Consultant to world’s largest companies and militaries for decades • Previous worked for Foundstone, McAfee, Microsoft • Written 11 books and over 1,000 magazine articles • InfoWorld and CSO weekly security columnist since 2005 • Frequently interviewed by magazines (e.g. Newsweek) and radio shows (e.g. NPR’s All Things Considered) Roger A. Grimes Certification exams passed include: Data-Driven Defense Evangelist KnowBe4, Inc. • CPA • CISSP Twitter: @RogerAGrimes • CISM, CISA LinkedIn: https://www.linkedin.com/in/rogeragrimes/ • MCSE: Security, MCP, MVP • CEH, TISCA, Security+, CHFI • yada, yada Roger’s Books 3 KnowBe4, Inc. • The world’s most popular integrated Security Awareness Training and Simulated Phishing platform • Based in Tampa Bay, Florida, founded in 2010 • CEO & employees are ex-antivirus, IT Security pros • 200% growth year over year • We help tens of thousands of organizations manage the problem of social engineering 4 Today’s Presentation • What is DMARC, SPF, and DKIM? • How to Configure • Common Mistakes • Best Practices • How Phishes Get By 5 • What is DMARC, SPF, and DKIM? § How to Configure Agenda • Best Practices • How Phishes Get By 6 DMARC, DKIM, SPF Global Phishing Protection Standards • Sender Policy Framework (SPF) • Domain
    [Show full text]
  • A Security Analysis of Email Communications
    A security analysis of email communications Ignacio Sanchez Apostolos Malatras Iwen Coisel Reviewed by: Jean Pierre Nordvik 2 0 1 5 EUR 28509 EN European Commission Joint Research Centre Institute for the Protection and Security of the Citizen Contact information Ignacio Sanchez Address: Joint Research Centre, Via Enrico Fermi 2749, I - 21027 Ispra (VA), Italia E-mail: [email protected] JRC Science Hub https://ec.europa.eu/jrc Legal Notice This publication is a Technical Report by the Joint Research Centre, the European Commission’s in-house science service. It aims to provide evidence-based scientific support to the European policy-making process. The scientific output expressed does not imply a policy position of the European Commission. Neither the European Commission nor any person acting on behalf of the Commission is responsible for the use which might be made of this publication. All images © European Union 2015, except: Frontpage : © bluebay2014, fotolia.com JRC 99372 EUR 28509 EN ISSN 1831-9424 ISBN 978-92-79-66503-5 doi:10.2760/319735 Luxembourg: Publications Office of the European Union, 2015 © European Union, 2015 Reproduction is authorised provided the source is acknowledged. Printed in Italy Abstract The objective of this report is to analyse the security and privacy risks of email communications and identify technical countermeasures capable of mitigating them effectively. In order to do so, the report analyses from a technical point of view the core set of communication protocols and standards that support email communications in order to identify and understand the existing security and privacy vulnerabilities. On the basis of this analysis, the report identifies and analyses technical countermeasures, in the form of newer standards, protocols and tools, aimed at ensuring a better protection of the security and privacy of email communications.
    [Show full text]
  • 98-367: Security Fundamentals
    98-367: Security Fundamentals 1. Understand security layers (25–30%) 1.1. Understand core security principles Confidentiality; integrity; availability; how threat and risk impact principles; principle of least privilege; social engineering; attack surface analysis; threat modelling 1.2. Understand physical security Site security; computer security; removable devices and drives; access control; mobile device security; disable Log On Locally; keyloggers 1.3. Understand Internet security Browser security settings; zones; secure websites 1.4. Understand wireless security Advantages and disadvantages of specific security types; keys; service set identifiers (SSIDs); MAC filters 2. Understand operating system security (30–35%) 2.1. Understand user authentication Multifactor authentication; physical and virtual smart cards; Remote Authentication Dial- In User Service (RADIUS); Public Key Infrastructure (PKI); understand the certificate chain; biometrics; Kerberos and time skew; use Run As to perform administrative tasks; password reset procedures 2.2. Understand permissions File system permissions; share permissions; registry; Active Directory; NT file system (NTFS) versus file allocation table (FAT); enable or disable inheritance; behavior when moving or copying files within the same disk or on another disk; multiple groups with different permissions; basic permissions and advanced permissions; take ownership; delegation; inheritance 2.3. Understand password policies Password complexity; account lockout; password length; password history; time
    [Show full text]
  • BOD-18-01 Original Release Date: Applies To: All Federal Executive Branch Departments and Agencies
    Secretary U.S. Department of Homeland Security Washington,DC 20528 Homeland Security Binding Operational Directive BOD-18-01 Original Release Date: Applies to: All Federal Executive Branch Departments and Agencies FROM: Elaine C. Duke Acting Secretary OCT 1 6 20t7 CC: Mick Mulvaney Director, Office of Management and Budget SUBJECT: Enhance Email and Web Security A binding operational directive is a compulsory direction to federal, executive branch, departments and agencies for purposes of safeguardingfederal information and information systems. 44 U.S.C. § 3552(b)(l). The Department ofHomeland Security (DHS) develops and oversees the implementation ofbinding operational directivespursuant to the Federal InformationSecurity Modernization Act of2014 ("FISMA"). Id.§ 3553(b)(2). Federal agencies are required to comply with these DHS-developed directives. Id. § 3554(a)(l)(B)(ii). DHS binding operational directivesdo not apply to statutorily defined"National Security Systems" or to certain systems operated by the Department ofDefense orthe Intelligence Community. Id. § 3553(d)-(e). I. Background Federal agency 'cyber hygiene' greatly impacts user security. By implementing specific security standards that have been widely adopted in industry, federal agencies can ensure the integrity and confidentiality of internet-delivered data, minimize spam, and better protect users who might otherwise fall victim to a phishing email that appears to come from a government-owned system. Based on current network scandata and a clear potential forharm, this directive requires actions related to two topics: email security and web security. A. Email Security STARTTLS When enabled by a receiving mail server, STARTTLS signals to a sending mail server that the capability to encrypt an email in transit is present.
    [Show full text]
  • Composition Kills: a Case Study of Email Sender Authentication
    Composition Kills: A Case Study of Email Sender Authentication Jianjun Chen, Vern Paxson, and Jian Jiang Component-based software design has been widely adopted as a way to manage complexity and improve reusability. The approach divides complex systems into smaller modules that can be independently created and reused in different systems. One then combines these components together to achieve desired functionality. Modern software systems are commonly built using components made by different developers who work independently. While having wide-ranging benefits, the security research community has recognized that this practice also introduces security concerns. In particular, when faced with crafted adversarial inputs, different components can have inconsistent interpretations when operating on the input in sequence. Attackers can exploit such inconsistencies to bypass security policies and subvert the system’s operation. In this work we provide a case study of such composition issues in the context of email (SMTP) sender authentication. We present 18 attacks for widely used email services to bypass their sender authentication checks by misusing combinations of SPF, DKIM and DMARC, which are crucial defenses against email phishing and spear-phishing attacks. Leveraging these attack techniques, an attacker can impersonate arbitrary senders without breaking email authentication, and even forge DKIM-signed emails with a legitimate site’s signature. Email spoofing, commonly used in phishing attacks, poses a serious threat to both individuals and organiza- tions. Over the past years, a number of attacks used email spoofing or phishing attacks to breach enterprise networks [5] or government officials’ accounts [10]. To address this problem, modern email services and websites employ authentication protocols—SPF, DKIM, and DMARC—to prevent email forgery.
    [Show full text]
  • Master Thesis Characterizing Sender Policy Framework Configurations At
    Master Thesis Characterizing Sender Policy Framework Configurations at Scale Gabri¨elMathay Kahraman Monday 7th September, 2020 A thesis presented for the degree of Master of Science Computer Science Design and Analysis of Communication Systems (DACS) Chair: prof. dr. ir. Aiko Pras Supervisor: dr. ir. Mattijs Jonker Co-supervisors: ir. Olivier van der Toorn and dr. Doina Bucur Abstract Phishing involves disguising oneself as a trustworthy entity in electronic communication, for example, by pretending to send e-mail on behalf of a company. Phishing e-mails can be prevented if domains implement e-mail security techniques. One of the techniques to improve e-mail security is the Sender Policy Framework (SPF). To enable SPF, the administrator of a domain can specify an SPF policy in the DNS zone of the domain. The SPF policy determines which IP addresses are authorised to send e-mail from the administrator's domain. When an e-mail server receives an e-mail, the e-mail server retrieves the SPF policy of the sender's domain. Next, the IP address of the sender will be queried against the SPF record, and the response of this query determines how to handle the incoming e-mail. The SPF standard was released over six years ago. Even though six years have passed, the research community does not yet have a thorough understanding of the characteristics of SPF use. What we miss is an understanding of how SPF policies are configured, how SPF policies have changed over time, and what the problematic trends are of SPF use. In this Thesis, we address the missing of a large scale analysis on SPF policies over time.
    [Show full text]