15 Best Practices for Protecting Your Email with Security Gateway

Despite the rumors announcing the death of email, its use continues to grow. According to research from the Radicati Group, email traffic is predicted to grow to over 333.2 billion emails sent per day (from the current 306.4 billion emails). And as long as businesses continue to use email, cybercriminals will find new ways to exploit security gaps, software bugs, and basic human nature to extort millions of dollars from their victims.

With the widespread transition from on-premise email servers to the cloud, hosted email providers have become a growing target for cybercriminals. In fact, reports show that over 29% of businesses had seen their Office 365 accounts compromised in a single month last year. That’s why you need the additional protection offered by Security Gateway for Email Servers to protect against email-borne threats.

Here are our top 15 recommendations to protect your business from email-borne threats with Security Gateway

Security Gateway was designed to be easy to use while providing the strongestHow to protect your business email from spam, phishing, malware, data leaks, and more, with Security Gateway for Email Servers. Click here to download the how-to guide PDF. protection against spam, phishing, and data leaks. And while most security settings are configured for optimal protection by default, it’s a good idea to follow these guidelines for best results.

Verify That a User is Valid before Creating an Account

With every incoming message addressed to an unknown local user, Security Gateway needs to be able to verify that the account is a valid local user by querying Office 365, Active Directory, MDaemon, or another data source before creating the account and delivering the message. We recommend using one the five user verification sources found in Security Gateway to validate accounts.

User verification options to validate users by querying Office 365, Active Directory, MDaemon, or an LDAP data source
User verification options to validate users by querying Office 365, Active Directory, MDaemon, or an LDAP data source

Use SMTP Authentication to Prevent Unauthorized Account Access

To help prevent unauthorized account access, we recommend requiring SMTP Authentication unless a message is transmitted from a domain mail server.

SMTP authentication settings in Security Gateway for Email Servers
SMTP authentication settings in Security Gateway for Email Servers

Use Strong Passwords

Spammers will often try to hijack an email account by guessing its password. Therefore, passwords that are easy to guess should always be avoided. If Security Gateway is configured to create accounts automatically by querying a user verification source, then make sure your user verification source is configured to require strong passwords. Passwords can also be assigned to users manually via the Domains and Users menu.

Enable Dynamic Screening

Enable Dynamic Screening to block connections that exhibit suspicious activity, such as failing too many authentication attempts, connecting too many times in a given time frame, attempting to keep a connection open too long, or sending to too many invalid recipients. Dynamic Screening makes it more difficult for a malicious person to guess passwords by detecting the malicious activity and blocking the connections.

Dynamic Screening Settings in Security Gateway for Email Servers
Dynamic Screening Settings in Security Gateway for Email Servers

Enable Account Hijack Detection

If a spammer guesses an account’s password, he can then use that account to send out spam. To limit the spammer’s ability to abuse a compromised account, enable Account Hijack Detection, and then enter the maximum number of messages that can be sent in a given time frame. Once the limit has been reached, the account is disabled and the administrator is notified.

Prevent compromised email accounts from abuse with Account Hijack Detection in Security Gateway for Email Servers
Prevent compromised email accounts from abuse with Account Hijack Detection in Security Gateway for Email Servers

Enable at Least One Default Mail Server

When email arrives for a domain that has not been assigned its own mail server, Security Gateway needs to know where to send those messages. We recommend adding a default mail server for all Security Gateway domains that have not had domain mail servers specifically associated with them.

Security Gateway - Default mail server settings
Security Gateway – Default mail server settings

Prevent Unauthorized Mail Relaying

Relaying occurs when mail that is neither to nor from a local account is sent through your server. Servers that are not properly configured to prevent relaying can end up on a blacklist. By default, Security Gateway does not allow mail relaying.

Relay Control Settings in Security Gateway for Email Servers
Relay Control Settings in Security Gateway for Email Servers

Protect Your Domain with IP Shielding

IP Shielding is a security feature that only honors SMTP sessions claiming to be from someone at one of the listed domains if they are coming from an IP address associated with that domain.

The best way to secure outbound email is via SMTP authentication. However, for businesses that need to send email from a printer or other device that is not capable of authenticating, IP Shielding can be used to exclude certain IP’s or ranges from having to authenticate. Messages from authenticated sessions can optionally be exempt from IP Shielding requirements.

Protect against email spoofing with IP Shielding in Security Gateway for Email Servers
Protect against email spoofing with IP Shielding in Security Gateway for Email Servers

Enable SSL to Ensure Data Privacy

To protect the privacy of transmitted data, we recommend enabling the SSL encryption features for SMTP and HTTP.

Secure Sockets Layer (SSL) settings in Security Gateway for Email Servers
Secure Sockets Layer (SSL) settings in Security Gateway for Email Servers

Enable Backscatter Protection

Most spam messages contain a forged return path. This often leads to users receiving thousands of delivery status notices, auto-responders, and other messages in response to messages that the user never sent. This is known as backscatter. To combat backscatter, Security Gateway’s Backscatter Protection feature can help to ensure that only legitimate Delivery Status Notifications and auto-responders get delivered to your domains.

Backscatter Protection Settings in Security Gateway for Email Servers
Backscatter Protection Settings in Security Gateway for Email Servers

Don’t Whitelist Local Email Addresses

In many cases, local IP addresses or host names may need to be whitelisted. However, we do not recommend whitelisting local email addresses. If a local address is added to the whitelist, messages sent to this address could bypass many of your security settings and put your server at risk of being blacklisted.

Protect your Email Infrastructure from Virus and Spam Outbreaks

Security Gateway scans all inbound and outbound mail using the Cyren and ClamAV antivirus engines. It also includes Cyren Outbreak Protection, which is real-time anti-spam and antivirus technology that is capable of proactively protecting your email infrastructure automatically and within minutes of an outbreak.

Antivirus settings in Security Gateway for Email Servers.
Antivirus settings in Security Gateway for Email Servers.

Prevent Data Leaks

Security Gateway includes over 70 Data Leak Prevention rules to help prevent unauthorized transmission of sensitive information such as personal identification numbers, credit card numbers, and other types of confidential data. These rules can be configured to send messages containing sensitive content to the administrative quarantine for further review, redirect the message to a designated address, or encrypt the message.

We recommend enabling the appropriate Data Leak Prevention rules to suit the needs of your specific business or industry.

Data Leak Prevention in Security Gateway for Email Servers
Data Leak Prevention in Security Gateway for Email Servers

Enable Location Screening

Use Location Screening to block inbound SMTP and HTTP connections from unauthorized countries. If your company has no legitimate business need to communicate with a particular country, then refusing connections from that country can potentially block large amounts of spam. Alternatively, you can configure Location Screening to only prevent authentication from unauthorized countries.

Block email from unauthorized countries with Location Screening in Security Gateway for Email
Block email from unauthorized countries with Location Screening in Security Gateway for Email

Enable Macro Detection in Microsoft Office Documents

Cybercriminals often use macros in email attachments to spread malware. In Security Gateway 6.5 and up, the Virus Scanning settings include an option to detect macros in Microsoft Office documents and flag them as infected. Security Gateway can refuse these messages or quarantine them for administrative review.

Download "Settings to Protect Your Mail Server"Would you like to learn more about Security Gateway for Email? Visit SecurityGatewayForEmail.com to sign up for hosted or on-premise email protection.

 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Microsoft is Ending Support for Windows 7. Here’s how to Move MDaemon and Security Gateway to the Latest OS

Microsoft Ends Support for Windows 7. Here's how to move MDaemon and Security Gateway for Email Servers to a new server.

Today, Microsoft is ending support for Windows 7. And while MDaemon and Security Gateway continue to support Windows 7, it’s a good idea to consider updating your Windows installation or migrating to an updated system.

Fortunately for MDaemon and Security Gateway users, moving to a new server isn’t a complicated process.

Moving MDaemon to a New Server or OS

Moving MDaemon to a new server using the same directory path involves these tasks:

  1. On the existing server, remove the MDaemon system service.
  2. Deactivate MDaemon & its associated plugins.
  3. Copy the MDaemon directory to the same path on the new server.
  4. Install the same version of MDaemon on the new server.
  5. Activate MDaemon on the new server.

For more detailed instructions, you can follow the steps outlined in this knowledge base article to move MDaemon.

If you’re moving MDaemon to a different directory path on the new server, you’ll need to update a few configuration files to point to the proper path, but this process isn’t complicated. Simply follow the steps outlined here to migrate to the new server on a new path.

Moving Security Gateway to a New Server or OS

To move Security Gateway, simply make a backup copy of the Security Gateway database, shut down Security Gateway, install Security Gateway on the new server, and then restore the database file.

You’ll find step-by-step instructions for moving Security Gateway in this knowledge base article.

“Will my software stop working after Microsoft ends support for Windows 7?”

MDaemon and Security Gateway will continue to support Windows 7, but because Microsoft will no longer provide automatic security updates, it’s a good idea to move to a newer operating system to remain secure.

If you need help, our expert support staff is available to provide guidance.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Never Lose an Important Email: How to Track Messages in Security Gateway

Most of our customers are small-to-medium businesses with limited IT budgets across a variety of industries – including healthcare, education, manufacturing, and government. Having a limited IT budget often means having limited staff available for troubleshooting email or tracking down messages, so when considering which email gateway/spam filter you want for your business, one of the main criteria to consider is how easy it is to find messages for your users. Users who are expecting business-critical messages need to know ASAP what happened if that message is not delivered. With Security Gateway, it’s easy to find out if a message was rejected, quarantined or delivered. If it was rejected or quarantined, color-coded transcripts make it easy to determine exactly why the message was not delivered.

At-a-Glance: The Message Log Window

Let’s have a look at the message log and its layout.

Use message list buttons to search messages, view message details, redeliver, whitelist or blacklist, or perform other actions.
Use buttons across the top to search messages, view message details, redeliver, whitelist or blacklist, or perform other actions.

Use the buttons across the top to:

  • Refresh the message list
  • Search for messages. Advanced search options are provided, allowing you to find messages based on a variety of criteria, such as message contents, delivery date, the result of the message delivery attempt, keywords in a message header, and others.
  • View message details (providing the same information as double-clicking the message)
  • Redeliver the message. Note that if the issue that made a message undeliverable still exists then the message will return to the message log with the same status.
  • Whitelist the sender or sender’s domain
  • Blacklist the sender or sender’s domain
Use the blue buttons to enable or disable columns in the SecurityGateway message list
Use the blue buttons to enable or disable columns in the SecurityGateway message list

Press the blue buttons to enable or disable specific columns.

The left & right-facing arrows indicate inbound and outbound messages.
The left & right-facing arrows indicate inbound and outbound messages.

The right-facing blue arrows indicate outbound messages, and the left-facing green arrows indicate inbound messages.

The remaining columns from left-to-right include:

  • Date (notice the arrow indicating sort order)
  • The message sender (From)
  • The message recipient
  • The message subject
  • The result of the message delivery attempt (Delivered, Quarantined, Rejected, etc.)
  • The reason the message was quarantined or rejected (for those that meet these criteria)
  • The message size
  • The final message score based on the total score accumulated by all security tests performed

Viewing message transcripts to determine a message’s fate

Now that we’re familiar with the layout of the message listing, let’s review how to troubleshoot email delivery issues.

Key events in a message’s transcript are color-coded for easy identification. In the following example, the message was scanned by SpamAssassin. During this process, it accumulated 1.7 points. It was then scanned by Outbreak Protection, during which it accumulated an additional 5.5 points. Finally, the total message score was tallied with a final score of 12.2 points and was rejected.

Message tracking with color-coded events for easy troubleshooting
Message tracking with color-coded events for easy troubleshooting

We’ve created the following video to help you become more familiar with message tracking in Security Gateway.

Would you like to learn more about how Security Gateway can protect your business from spam, phishing attempts and malware? Click here to download your free trial!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Prevent Leaks of Sensitive Business Data with Security Gateway for Email Servers

Data Leak Prevention - SecurityGatewayBusinesses of all types must maintain records containing personal information about their employees and customers, and executives and clients alike have a mutual interest in protecting that data. But there’s no guarantee that every employee will treat confidential account numbers, Social Security numbers, passport numbers or other personal data with the same amount of care. So how can we prevent this sensitive data from getting into the wrong hands?

We’ll show you how and give you a sneak preview of upcoming new data leak prevention rules in our latest Security Gateway for Email Servers video!

Click here for a detailed explanation of all DLP features.

If you’re not yet a Security Gateway user and would like to try it out, click here for a free trial.

Comments or questions? Let us know!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •