| Like what you see? Get it in one document for easy printing! |
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31) |
|
| Test yourself better with 300 extra Security+ questions! |
| Get It Here! |
|
|
3.5.3.3 Email Servers
Email servers actually run two different
types of protocols. The first type is SMTP (Simple Mail Transfer Protocol),
which is used to transfer mail from server to server on the Internet,
or to send mail from a client program like Outlook to a server that
can deliver the message to its destination. Clients use the second
type of protocol to pick up their mail from an email server. These
protocols include mailbox-access protocols like POP3 (Post Office Protocol
version 3) and IMAP (Internet Message Application Protocol). POP3 is
more popular (and better supported by client programs) than IMAP, but
IMAP includes additional features like the ability to organize email
into folders on the server, and search server mailboxes without downloading
their contents to the client.
 Email Ports
To send email from server to server, or from client to server, TCP port 25 (SMTP) is used.
For a client to retrieve email from a server, use TCP port 110 for POP3 connections, and TCP port 143 for IMAP connections. For a client behind a firewall to retrieve email from a server out on the Internet, open port 110 or 143 in the outbound direction, since the traffic is outbound from your network to the Internet. To allow Internet clients to retrieve mail from a server on your internal network, open port 110 or 143 inbound, since the traffic is coming into your network from outside.
|
Hardening Email Servers
Email server software is, like web
server software, a fertile ground for software bugs – some of which
can be exploited to gain administrative access to the email server.
Therefore, it is very important to keep up with your email server of
choice, and monitor the vendor’s site and security mailing lists
for bug reports.
![[spacer]](1p.gif)  Hardening is an Ongoing Process
For example, years ago, there was a running joke about the “Sendmail bug of the week,” because Sendmail is a complex application and new vulnerabilities were being identified in the program with such great frequency. Today many Microsoft applications seem to have comments like that applied to them, and it’s easy for Linux/UNIX users to look down upon them for that – not having been around when administrators were shaking their heads, wondering when the stream of Sendmail reports would end.
|
Additionally, some email servers
provide a great deal of functionality beyond simple mail delivery, such
as interactive conferencing, instant messaging and groupware. As with
any server, disable any functionality you do not need, because it is
an additional point of vulnerability in the server.
 SMTP Hole
One interesting issue with the SMTP protocol is the ability of an attacker to use an SMTP server to find user ID’s of users on your system via the SMTP VRFY command. Most mail servers have this disabled today (in fact, most servers can detect telnet connections and deny them), but some don’t. To find out if yours still allows VRFY, use the command “telnet yourmailservername 25”, then type the line “HELO test” and press enter, then after the server tells you it’s pleased to make your acquaintance (a social lot, mail server programmers ;-), type “VRFY yourloginID” and enter. You’re safe if you receive a reply saying that the VRFY command is not known or not allowed. You need to check with your vendor on how to disable it, if the VRFY came back with information. The SMTP command “EXPN yourloginID” has similar issues, but it’s somewhat worse – because if the SMTP server handles group alias expansion, a command of the form “EXPN aliasname” could potentially dump out to the requesting user, a list of all users in that alias.
|
Open Source Email Security371, by Richard Blum, contains many details on security
for common email server programs; including SMTP, POP3 and IMAP servers,
as well as details on blocking spam, open relays, etc. If you’re
implementing a UNIX or Linux-based email system, it’s worth taking
a look here to learn more about the many available alternatives. (Sendmail
is the most popular SMTP server… not the only one.)
__________________
371. Blum, Richard, Open Source Email Security, Sams, October, 2001, http://www.nerdbooks.com/item.html?id=0672322374
| If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support! |
|
|
Home -
Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.
|
