Since the recipient doesn’t already Know you, you need to send them an introductory email. It must not contain an attachment. Basically, you’re introducing yourself and asking their permission to send email with an attachment that they may otherwise be suspicious of. Tell them who you are, what you’d like to do, and ask for permission to continue.
This introductory email qualifies as the mail Received from you.
Hopefully, they’ll respond; and if they do, honor their wishes. If they choose not to receive email with an attachment from you, don’t send one. If you never hear from them, try your introductory email one more time.
If they accept your offer to receive email with an attachment, send it off. They will Know you and will have Received email from you before. They will also Expect this email with an attachment, so you’ve satisfied the first three requirements of the KRESV tests.
Whatever you send should make Sense to them. Don’t use a provocative Subject line or any other social engineering practice to encourage them to read your email.
Check the attachments for Viruses. This is again based on having virus-checking programs, and we’ll discuss that later.
Email security
Email security, email_check, Mail, received_email, recipient, subject_line, viruses, virus_checking
There are many different ways to classify malware. Most, such as Antivirus vendors, tend to classify by intent (Trojan, worm, mailer, etc…) and several aspects of severity (damage potential, potential of outbreak, and actual outbreak reports). These metrics are usually averaged to create an overall risk rating. To the end user, malware is usually just software they didn’t want or ask for, doing nasty things to them or their computers. However, a great deal of modern malware doesn’t want to announce its presence to the average end user.
Malware
Computer security tools, Computer threats, Mail, Malware, outbreak_reports, risk_rating, trojan_worm
Many of the are based on those available through the operating system. The following sections outline TCP/IP security.
Access Control
The security policy for networking is an extension of the security policy for the operating system, and it consists of the following major components:
- User authentication
- Connection authentication
- Data import and export security
User authentication is provided at the remote host by a user name and password, the same as when a user logs in to the local system. Trusted TCP/IP commands, such as ftp, rexec, and telnet, have the same requirements and go through the same verification process as trusted commands in the operating system.
Connection authentication is provided to ensure that the remote host has the expected Internet Protocol (IP) address and name. This prevents a remote host from masquerading as another remote host.
Data import and export security permits data at a specified security level to flow to and from network interface adapters at the same security and authority levels. For example, top secret data can flow only between adapters that are set to the top secret security level.
Tags: tcp/ip, ip, tcp, telnet, data, security
Computer security tools
Computer security tools, Mail
You can use the following options to check that incoming mail was sent from a valid user mail account or to deny access to specified mail addresses. IMail Server will always include the IP address of the source of a message in the message header.
Check valid sender. If enabled, IMail Server requires that the user’s mail address (user@host) is specified in the MAIL FROM or REPLY-TO line of an incoming mail message.
Auto-deny possible hack attempts. If more than 512 characters are sent during anything but the SMTP DATA command, the remote IP address is temporarily put in the "deny access" (Control Access) file until you stop and restart the service. Sending more than 512 characters in anything but the SMTP DATA command will look like an attempt to "hack" in to your server. You will not see the address in the "deny access" list, but it is reported in the log file.
Disable SMTP `VRFY’ command. The SMTP VRFY command is used to verify a user ID on a host – as such it can be used from a remote host to test for valid user IDs. If you select this option, when IMail Server receives an SMTP VRFY request, it returns the message: 502 Command not implemented
Tags: validating, email, mail, smtp, hack
Email security
Mail
You can use the Mail Relay Options to prevent unauthorized mailings, such as mass promotional mailings (known as spam) from passing through the IMail Server as a relay or gateway. The Relay mail for Addresses option lets you configure IMail Server to only accept mail that originates from local users or that is destined for local users. You can define the systems or range of IP addresses that you want to consider local.
Consider the following issues when using the "Relay for" options.
- When one of your users sends a mail message, it is relayed through the IMail Server. So, you must enter the IP addresses or IP address range of all of your mail user’s systems.
- If a user needs to send mail from an unknown IP address, have the user select "user authorization" in their mail client. When this option is selected, the IMail Server uses the SMTP AUTH command to validate the user’s logon user ID and password.
- If you have IMail Server set up to be a backup server for a remote mail server and you want to restrict relay access to your server, use the Relay mail for Addresses option and specify the address of the host for which IMail Server is a backup server. See "Configuration" and "Backups" for more information about setting up a backup server
- .Tags: email, mail relay, mail server, smtp
Email security
Mail
Most of the time several viruses sent over email or Instant Messenger won’t damage your computer without your participation. For example, you would have to open an email or attachment that includes a virus or follow a link to a site that is programmed to infect your computer. So, don’t open an email attachment if it appears to be from a friend or coworker you are expecting it or know what it contains. You can help others trust your attachments by including a message in your text explaining what you’re attaching.
Hackers often lie to get you to open the email attachment or click on a link. Some virus-laden emails appear to come from a friend or colleague; some have an appealing file name, like “Fwd: FUNNY” or “Per your request!”; others promise to clean a virus off your computer if you open it or follow the link.
So try not to open the attatchment received through emails or messanger otherwise your system may crash down.
Malware
Mail, Malware
Prior to installing sync software, prior to various software updates, prior to troubleshooting any problems with your email software, your techs may be, should be! recommending you backup your mail.
A free way to do this with Mail.app in Apple’s OS X 10.4 is here:
http://docs.info.apple.com/article.html?artnum=301239#mail
An almost free way to do it ($10), and do it automatically, scheduled, with Apple Mail as well as Entourage and Thunderbird, is here:
http://homepage.mac.com/minge/emailbackuppro/index.html
Read more at gray
Computer-security
Computer Backup, Mail, OS-X
This is for users of OnDeckTech’s Zimbra hosting services, however, it also explains how to configure Eudora more generally for other users, who will have to substitute their settings where appropriate.
Click on Eudora in the menu bar at the top of the screen then click preferences.
Then click “Getting Started” at the left hand side of the screen
Change the Mail Server to macsuite.com
Change the SMTP server to mail.macsuite.com:587
Click “Checking Mail” on the left hand side
Make sure the mail server reads macsuite.com
Make sure “save password” is also selected
Scroll down under Category and select Sending Mail
Make sure “Allow authorization” is checked.
Make sure “Use Submission port (587)” is checked
Scroll down on the left menu (to the bottom of the list) and select SSL.
Click on the drop down menu next to SSL for POP and select Required (Alternate Port)
Click on the drop down menu next to SSL for SMTP and select Required (TLS)
Make sure under “Standard Port SSL Negotiation” that Maximum Compatibility is Checked. Same goes for “Alternate Port SSL Negotiation”
Click on Ok to save these settings.
Read more at gray
Macintosh security
eudora, Mail, OS-X
I’m not sure who came up with the three-pane system most software mail clients (and some web clients) use, but I’m desperately curious as to what they were thinking. It’s one of those things we don’t normally think about because, well, we’ve just been using it forever and gotten used to it, but how many times have you had to fiddle with that middle divider to get just the right amount of body showing and still be able to see more than a few e-mails. It just doesn’t make any sense to cram two fields that need to be long on top of each other. Enter Letterbox .
Original post by Brandon and plugin by Elliott Back
Apple security
Apple security, Mail, OS-X