If you are purchasing your own domain name to run a mail server at your office, here are some suggestions and resources to help you secure your mail server. With an unsecured server, a spammer would be able to send email through your server.
- Use a static IP and get the reverse DNS (PTR records) set up correctly. Most mail servers do a reverse IP lookup on the sending mail transfer agent (MTA), your server IP. If there are no records or the PTR does not match the domain name of the sending mail server, the mail may be rejected.
Example: Your mail server name is mail.mydomain.com and the IP is 192.168.0.5. The IP of 192.168.0.5 must point to the domain name of mail.mydomain.com.
- Never allow email to be sent unless the sender validates themselves. This can be done by IP or by submitting a user name and password. The user name and password is preferable because an IP can change. If your network gets infected with a mass mailing worm, the worm tries to send email using the SMTP settings on the infected computer. By requiring a user name and password, you may be able to stop this type of activity.
- Only allow mail to be sent through the server from internal IP addresses. If your associates need to send email from home, use a VPN to gain access to the network. After they validate using a user name and password, email can be sent.
- Log all transactions and off load the logs to a secure server. This helps track email that has been sent through the server. By off loading the logs to another server, a hacker would not have access to the logs. If the server is compromised, hackers usually change the logs to cover their tracks. Do not forget to use a date and time stamp for each transaction.
- Run anti-virus and anti-spam filters on the server as well as on your devices. This helps protect your network and the anti-spam filters help reduce junk email from reaching your users.
- Complete updates and patch your mail server software.
- If possible, do not bounce messages back to the sender containing viruses or bad addresses. Instead, either delete or route the messages to a dummy account. This helps reduce the propagation of viruses and harvesting schemes. Most of the reply addresses contained in these emails are fake.