Security Ripcord

SMTP Server Security

February 16th, 2008 cutaway Posted in Email, SANS, Security | 1 Comment » 1,407 views

I have just finished writing a paper for a SANS‘ initiative that Stephen Northcutt is working on. Although I do not have permission to provide it here (yet) I thought you all might be interested in some of the resources I have tracked down relating to this subject. There is no particular order and some of the information may be redundant, but here you go.


General guidance SANS Top 20: http://www.sans.org/top20/

Open relay source: http://www.spamhelp.org/shopenrelay/

Mail relay and spoof source: http://www.defendingthenet.com/Newsletters/HackingSMTPGatewaysCommandReference.htm

Open relay mitigation source: http://www.mail-abuse.com/an_sec3rdparty.html

Mail relay testing source: http://www.abuse.net/relay.html

DoD bans webmail source: http://www.sans.org/newsletters/newsbites/newsbites.php?vol=8&issue=102

Microsoft 2007 Security Guide: http://technet.microsoft.com/en-us/library/bb691338.aspx#BestPractices

Email spoofing source: http://www.windowsecurity.com/articles/Email-Spoofing.html

How email works source plus securing your server: http://www.ftc.gov/bcp/conline/pubs/buspubs/secureyourserver.shtm

Server security source: http://spamlinks.net/prevent-secure.htm

Spoofed email source: http://www.cert.org/tech_tips/email_spoofing.html

spoof detection source: http://www.fraudguides.com/internet_detect_spoofed_email.asp

Linux Journal article: http://www.linuxjournal.com/article/5753

7 reasons why HTML e-mail is EVIL!!!: http://www.georgedillon.com/web/html_email_is_evil.shtml

Expert warns of security dangers from webmail: http://www.itwire.com/content/view/2373/53/

Internal/External email server: http://en.wikipedia.org/wiki/Demilitarized_zone_(computing)

SMTP Security: http://technet2.microsoft.com/windowsserver/en/library/ded0ca67-f81c-49ad-91d4-cb21bc91dd0b1033.mspx

Data loss prevention: http://www.networkworld.com/columnists/2008/020408insider.html?fsrc=rss-security

Go forth and do good things,

Don C. Weber

Technorati Tags , , , , , ,
Help support my training and travel to security conferences. Get your SANS Training and GIAC Certifications through the Security Ripcord.
Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported.

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “SMTP Server Security”

  1. Security Ripcord » Blog Archive » Cutaway Influences Security Managers AROUND THE WORLD!! Says:
    February 21st, 2008 at 12:17 pm

    [...] SMTP Server Security [...]

Leave a Reply

«
»