Points |
Requirement for |
1. Enable SPF |
Prevent email
spoofing |
2. Enable DKIM |
Make emails
trustworthy |
3. Enable DMARC |
Utilize SPF and DKIM
at best |
4. Anti-Spam Filter |
Block spam before
users see it |
5. Relaying protection |
Prevent unauthorized
use |
6. Enable Throttling protection |
Prevent spamming and
blacklisting |
7. Restrict Local Email Domain |
Prevent sender
domain forgery, fraud |
8. Check Attachment Restrictions |
Prevent malicious
attachments |
9. Log check and history |
Know what’s
happening and what happened |
10. Consider Email Encryption |
Guarantee privacy of
email data; SSL enable web mail and client |
11. Enable DNSSEC |
Prevent unauthorized
DNS changes |
12. Educate & train community |
Security starts with
people; training & awareness |
13. Regularly
Test Configurations |
Prevent
configuration point |
14. Antivirus
gateway |
To filter threats at
perimeter |
15. RRD check |
Round robin check
for DNS records |
16. MX record |
Validate MX records
timely |
17. Domain check |
Expiry of domain |
18. VA-PT for
domains |
Check external &
internal vulnerability |
19. Security audit |
Regular check
security and updates |
20. Check Phishing
awareness |
Test thru phishing
attack and review for protection,
awareness |
21. Password policy |
Stringent password policy,
at least 14 (complex) characters length |
22. Mail access
restriction |
Check allowed
protocols and restrict it at min. requirement |
23. Auto FWD
restriction |
Validate regular and
apply restriction |
24. IDs validation |
Users and its access
validation |
25. IP black listing |
Check regularly for
IP blacklist |
This blog is about IT, ITes services, cyber security, information security, training & awareness of information technology subjects. Always provide best of the market knowledge and content for enhancement of area of IT; digital. Making IT community to perform better and assisting for business enablement. Working along with IT technology we can optimize the services, cloud tech, InfoSec, Virtualization, Networking, applications are root of the IT, ITes industries. I can serve you better.
Monday, May 18, 2020
Checklist of recommended best practices for your office email server | Mail server, email support management - check-list and assessment steps | email server security
We as IT professional play multiple roles and wearing different types of hats as system administrator, network admin, linux admin, email admin, support manager etc. many times.
Responsibility of these individuals are larger and critical while supporting information technology environment hence sharing article on mail servers check-list and its assessment.
Here describing check-list for email servers' administrator and service provider which help to get check essential actions, check for services availability, confidentiality and integrity.
Email system is back-bone any enterprise and organization, interruption in email service may cause a big delay in many business decisions and may cause financial loss.
For any such type of services check and assessment and for guidance you can contact via email and comment in blog.
I will revert with solution and action items.
Subscribe to:
Post Comments (Atom)
How to become "Project Manager" | How to "Project Management" | Project Management
How to become "Project Manager" | How to "Project Management" | Project Management https://www.youtube.com/watch?v=ngLlY...
-
"We share information everywhere as we want to gather information from everywhere" Many of us unknowingly share personal ide...
-
Update (May 2020): After more than a year of development, Microsoft has started the official rollout of the Windows 10 May 2020 features up...
-
How to become "Project Manager" | How to "Project Management" | Project Management https://www.youtube.com/watch?v=ngLlY...
No comments:
Post a Comment
If you have any doubt or suggestion, please let me know.