When we think about online security in a company, we immiately think of VPNs, firewalls, antiviruses, and SSL certificates. But mail servers also ne protection. In this article, we will give 8 recommendations for corporate mail security.
Corporate email is a great solution for communicating with clients
It helps to strengthen the image, develop user loyalty, and even create funnels and increase sales. However, corporate email requires a special protection system at all levels.
From 2016 to 2021, attackers carri out 240 attacks on corporate mailboxes and stole $ 43 billion from companies . Compromise, theft of personal data, salary data and crypto wallets are the main types of such attacks. Moreover, small businesses are the most vulnerable – in January 2023, the number of attacks on small and mium-siz companies increas 5 times compar to the same month in 2022.
1. Register a PTR record for mail servers
Resource records, or DNS records, are records that can be us to enter service information about a server into the DNS system. Each DNS record has a specific purpose.
PTR, or Pointer, is a resource record that links a server’s IP address to a domain.
To protect users from spam, mail services check whether the server’s IP address matches the company’s real domain. All suspicious emails are sent to spam. The PTR record ensures that your emails reach the recipient and are not perceiv as unwant.
In REG.RU, records are creat automatically for all servers on virtual hosting. If you have a cloud or dicat server, you can add a PTR record manually .
2. Add an SPF record to protect against phishing
SPF (Sender Policy Framework) is another resource record, but it is locat inside another, TXT record. This is a kind of code, a list of trust IPs from which you can send emails on behalf of a specific domain.
SPF is a resource record. This is a kind of code, a list of trust IPs from which you can send letters on behalf of a specific domain.
Half of all emails sent last year turn out to be spam and phishing mailings. And in the first 3 months of this year, 7 thousand phishing resources were remov in Russia .
Mobile phone number data is vital to the global economy. With its rapid growth, it provides new marketing opportunities for service iraq phone number data providers for this business. If you are one of these marketers or you plan to add a mobile phone number data to your service or solution, you must use this database of ours.
Perhaps you have also receiv such letters – often they come supposly from a bank, two years ago the most popular letters were with surveys about vaccinations, and in the past, scammers sent out “invitations” to visit the military registration and enlistment office with links to unsafe sites.
3. Use SMTP encryption mechanisms
SMTP (Simple Mail Transfer Protocol) is a protocol responsible for sending letters. Outgoing mail servers use it.
Before sending a letter, the SMTP server checks the settings on the sender’s computer and connects to the recipient’s mail server. If there are no errors in the settings, the letter is sent, and the protocol confirms its delivery. Otherwise, it issues an error notification. SMTP tasks:
– make sure that the sending settings are correct;
— check the contents of the letter for spam;
— increase email deliverability using filters;
— confirm delivery or notify about an error — the protocol sends commands in response, from which you can understand why exactly the letter was not sent.
We wrote more about SMTP and its configuration in the Knowlge Base . Also, protection at the SMTP level is includ in the “Extend Spam Protection” from REG.RU.
4. Use DKIM email authentication mechanism
DKIM is a digital signature for emails. It has two main tasks – to ruce the likelihood of an email ending up in spam and to protect against china, with its vast population and rapid technological phishing. Providers trust emails sent with a DKIM record more, which means the chances of getting into the Inbox are higher.
DKIM technology works on the basis of encryption keys – a public one, which is written in the TXT record in DNS, and a private one, known only to the sender’s server. With the help of the private key, each letter receives an encrypt inscription with information about the time of sending and the recipient. This information is decrypt by the recipient’s server using the public key. If everything is correct, the letter will be deliver. If an error in the key or digital signature is found in the process, the letter will be sent to “Spam”.
How DKIM records work
5. Set up black and white lists of addresses
Almost all mail services allow you to set up white and black lists of senders and recipients. The white list is the addresses you trust. Letters from these senders will never end up in spam. Addresses from the black list, accordingly, you do not trust, so they will automatically end up in spam or will not be deliver at all.
With mail on a domain from REG.RU you can independently set up black and white lists in a few minutes.
6. Change your passwords in your personal accounts and email every six months
Gif demonstrates that passwords should be different for different accounts
Each employee should have an individual complex password for mail, which should be chang every six months. When using corporate mail, it is important that all employees follow this rule – one breach can cost the company millions if attackers gain access to your clients’ data or company accounts through it.
It is convenient to store passwords using special managers , such as KeePass . Remember that a strong password contains at phone number qa least 8 characters, including numbers and letters of both registers. You should not use information that is easy to find for passwords: children’s names, your date of birth. And, of course, combinations 123456, 123456789, qwerty123 will not work – by the way, these three “passwords” were the most popular last year, according to data from the analysis of leak accounts .
7. Avoid free services
Free services are simple, but you ne to understand that in this case the mail does not actually belong to you – it is locat on someone else’s server, and you do not control it. At the same time, free services have a low level of protection, and no one is insur against possible failures. The advantages of your own corporate mail are obvious:
creating a mail environment for employees – it is convenient when employees do not have to mix personal mail with work emails.
In addition, with mail on a domain from REG.RU, you can create an unlimit number of mailboxes, and for protection against spam, a cloud solution from Kaspersky Lab is us.
