What is a Secure Email Server?
A secure e-mail server means protecting a person or institution's e-mail domain and data against unauthorized access and use. To examine in more detail:
– Protecting e-mails both during transmission and while waiting in mailboxes,
– Preventing attackers from sending an e-mail using the organization's domain,
– Activating options such as e-mail filters and antivirus protection on servers,
– Making the networks used by company employees and authorized users to access these e-mail servers more secure,
– It is necessary to implement basic security policies, such as taking security measures against attackers' physical access to e-mail servers.
To go into more detail, taking some security measures such as the following will strengthen our position against attackers:
1. Customization of Email Servers: Organizations' mail servers should never be left at default. This includes the default login information. If such options are not taken into consideration, potential attack risks will come to the fore.
2. Setting up Strict Transport Security (MTA-STS) with Mail Transport Agent: When MTA-STS is enabled on mail servers, incoming traffic will only continue over authenticated secure connections (TSL1.2 and TLS 1.3). This means that if the sender's digital identity is not verified or SSL/TLS is not enabled, the incoming message will be rejected.
Thus, SMTP connections for e-mail will become more secure with the MTA-STS policy configured on the sending and receiving servers.
3. Protocol Selection to Protect Communication in Mail Transfer: Although MTA is a good option for secure communication, it will not be sufficient on its own. In addition, to enable HTTPS, it is important to use secure protocols such as SSL/TLS that will encrypt data traffic between mail servers.
Generally, IMAP or POP3 are the protocols used for incoming e-mails, and SMTP is used for outgoing e-mails. But the ports used by these protocols are important. These services must be set on TCP/IP ports.
Outgoing: Secure port 465 or 587 for SMTPS (with STARTTLS enabled)
Incoming: When SSL/TLS is enabled, the following ports are available.
– Port 993 for IMAP (with SSL enabled)
– Port 995 for POP3 (with SSL enabled)
4. Using DMARC as a Precaution against Domain Forgery: DMARC is an email protocol that helps protect the domain against actions such as spoofing by attackers. DMARC is based on two authentication protocols:
– SPF: An SPF text is a record that you add to your DNS. This helps verify messages sent through your domain.
– DKIM: This protocol adds your digital signature to the "header" section of your sent email. This allows you to use public key encryption to help prove the authenticity of emails coming through your domain.
5. Using Email Server Firewall to Control Incoming and Outgoing Traffic: Email server firewall filters traffic flowing on your email server based on rules. These filters help track the traffic flowing on the domain.
In addition, certain limitations (speed limits and size restrictions) can be made on the flowing traffic. These limits make it easier to detect sudden changes in traffic.
6. Configuring Mail Server Access Control: In cases where company employees or users need to access mail servers, configuring them to have a minimum access level can be given as an example. In addition, it is important to implement the necessary procedures for deactivating the accounts of employees who leave the organization.
7. Providing Training to Users on Account Security: The fact that the main factor of security is "human" requires opening a separate window to awareness. Various awareness trainings need to be provided, such as training against social engineering-based attacks, what to do against suspicious e-mails or phone calls, and creating strong passwords.
8. E-mails to be transmitted from Administrator Accounts are subject to digital signature and encryption: To prevent employees, especially administrator accounts, from being exposed to phishing attacks, everyone's emails must be digitally signed. With these measures to be taken:
– Assuring the e-mail recipient that the e-mail sent is safe,
– Issues such as ensuring the integrity of messages after signing will be clarified.
When these measures are taken for both parties (sender and receiver), they will lead to the emergence of a concept such as switching. These keys ensure end-to-end encryption of messages. A private key must be used to decrypt transmitted messages.
To summarize generally, we can list the requirements of having secure mail servers as follows:
– It ensures that data is protected against access by attackers.
– Prevents data breaches and risks.
– Prevents loss of reputation that may arise from security problems.
– Ensures compliance with international data privacy and security procedures such as GDPR, CCPA, PCI DSS.