Email Security

(OBJ .)

Email Security

• Encompasses techniques and protocols to protect email content, accounts, and infrastructure from unauthorized access, loss, or compromise

Key email security techniques

• DKIM (DomainKeys Identified Mail)
  • Allows the receiver to verify the source and integrity of an email by adding a digital signature to the email headers
  • The recipient server validates the DKIM signature using the sender's public cryptographic key in the domain's DNS records
  • Benefits
    • Email authentication
    • Protection against email spoofing
    • Improved email deliverability
    • Enhanced reputation score
• SPF (Sender Policy Framework)
  • Prevents sender address forgery by verifying the sender's IP against authorized IPs listed in the sender's domain DNS records
  • A receiving server checks if the sender's IP is authorized in the SPF record before accepting the email
  • Benefits
    • Preventing email spoofing
    • Improving email deliverability
    • Enhancing the domain's reputation
• DMARC (Domain-based Message Authentication, Reporting and Conformance)
  • DMARC detects and prevents email spoofing by setting policies for email sending and handling failures
  • DMARC can work with DKIM, SPF , or both
  • Implementation helps protect against
    • Business email compromise attacks
    • Phishing
    • Scams
    • Cyber threats
• Email Gateway Protocol Configuration
  • Email gateways serve as entry and exit points for emails, facilitating secure and efficient email transmission
  • They use SMTP (Simple Mail Transfer Protocol) to send and receive emails
  • Email gateways handle email routing, email security, policy enforcement, and email encryption
  • Email Gateway Deployment Options
    • On-Premises Email Gateway
      • A physical server located within an organization's premises, offering full control but requiring maintenance and updates
    • Cloud-Based Email Gateway
      • Hosted by third-party cloud service providers, providing scalability but limited control over configurations
    • Hybrid Email Gateway
      • Combines on-premises and cloud-based gateways for a balance between control and convenience

Spam Filtering

• Spam filtering detects and prevents unwanted and unsolicited emails from reaching users' inboxes
• Techniques
  • Content analysis
  • Bayesian filtering
  • DNS-based sinkhole list
  • Email filtering rules
• Emails with spam-like keywords are flagged and often moved to the spam folder