With the increasing threat of far more sophisticated attacks than just spam and viruses, email security is taking a leap forward. But in implementing new solutions, organisations open up the risk to additional vulnerabilities, because the products they have chosen may not provide an adequate level of security.

Email has always been a non-conformer, the maverick of the information security world. Don’t talk to strangers is a concept your email server doesn’t understand. It breaks the standard security model by allowing unauthenticated and unidentified connections from an untrusted source to a trusted destination. Furthermore your firewall doesn’t lift a finger to help secure it.

To operate email needs both inbound and outbound access. The very fact that companies want to receive email from strangers – potential customers – means that asking for authentication, the standard way to verify a connection passing through a firewall to a protected network, simply does not work. So the firewall just passes the responsibility to the mail server. Putting the mail server on the DMZ is not an answer either, this just moves the problem rather than addressing the insecurities of email, and makes it more difficult for internal users to read their email.

The link for this article located at Net-Security.org is no longer available.