-
June 11th, 2005, 03:43 AM
#1
Junior Member
Defending a Cheap Mail Server
I work for a small company that has their email services hosted by an online email provider (at a very cheap cost). I can access and manage all the mail accounts from a web interface and then configure Microsoft Outlook on all the desktops for users to send/receive mail, from the offsite mail server.
The problem is the mail server that my company's email is hosted on has no type of virus or firewall protection. Basically it's wide open, the only feature I'm able to configure is a cheap spam filter. I spoke several times to this ISP and voiced my concerns about this problem and they are just now in the process of upgrading their services and offering some type of virus protection.
Other than switching to a different mail provider (which I know the company may not do because they're cheap) what can you suggest as a good measure to effectively increase security when they download emails at their desktops via Outlook. Right now they are having all sorts of issues with spam, spyware, adware, and trojans. Are there any free gateway type of services that would provide a means to scan all email before it gets to my companies network or any utilities I can install on all the desktops to minimize these security threats. Any ideas please let me know, thanks!
-
June 11th, 2005, 04:34 AM
#2
http://www.barracudanetworks.com/
I have a couple of small clients where we don't have our own server for each service (like you.)
I have found one great (local) ISP/Mail host that uses the spam/antivirus/spyware firewall and we lease the service. (Part of the ISP/Mail cost). Never once had a problem on these networks.
I have AV clients on the workstations themselves...
Then for added protection against spyware... locked down workstations and blackhole dns.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
June 11th, 2005, 04:39 AM
#3
Hey Hey,
You've got your mail hosted externally... that's one thing, but what about the gathering of the mail. Instead of having the users Outlook connect directly to the external mail server, could you setup an internal mail server using say fetchmail with spamassassin and clamav and set it up to clean the mail and store it locally. You don't have to run a mail server, just setup an outbound connection from the internal server to the external host, have it check every 10 minutes or whatever, this way the users aren't all checking externally individually (if you pay for bandwidth it may save you money there). Setup your users Outlooks to access the internal machine. if you don't have a server lying around you may have to obtain one, but you wouldn't need very high requirements ( prolly anything newer than a 486 would handle the task for you) and a little bit of knowledge.
peace,
HT
-
June 11th, 2005, 05:23 AM
#4
Junior Member
Very good tips thanks, I have the workstations locked down through group policy so the fetchmail and blackhole dns ideas will add an extra layer of defense, I'll check out barracuda as well. Also this mail server has been hacked recently (I suspect) the admin password was changed I didn't change it and neither did anyone else with access (only two other people) so there's no telling what kind of backdoors the attacker could have left. I had to call the ISP and have them reset the pwd and then I created a stronger password to help slow any attackers down a bit.
I'm sure I can get a spare machine and setup an additional server I'll have to plan this out though of course. What version/flavor of Linux would you recommend running fetchmail on? One other question we don't have a very good firewall system at this site either what if I setup a linux firewall using IPchains, etc would that be enough or could it be configured to help protect the mail and internal network infrastucture?
-
June 13th, 2005, 06:30 AM
#5
www.mailarmory.com
Will provide both spam and virus protection for a VERY low cost.
If you check it out and have any questions, let me know, I use it.
-
June 14th, 2005, 07:27 AM
#6
Junior Member
Thanks chef! I'll look into this as well.
-
June 14th, 2005, 08:57 PM
#7
The latest version of McAfee has an incomming mail scanner applied at each desktop. Your local file system would then be covered as well.
VirusScan 8.0i
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
-
June 14th, 2005, 09:21 PM
#8
Junior Member
I'm running Symantec AV 10 with the system center console so I can manage all my machines from one place. Version 10 is actually pretty good it includes tamper protection and so a virus can't totally disable SAV protection.
-
June 14th, 2005, 09:52 PM
#9
If you are running an active scanner locally then they should detect infected mail when it's executed. On a small network you have good visibility of whats going on so would imagine you would be ok.
//EDIT without digging into the manual, which you can do The AV 10 read me indicates some e-mail integration:
Internet E-mail Auto-Protect port changes are ignored
-----------------------------------------------------
The antivirus client Auto-Protect feature for Internet E-mail Advanced
Options lets you change the ports for POP3 and SMTP. The defaults
for these ports are 110 and 25. The antivirus client ignores
changes to these defaults. This issue applies to all email
programs that use POP3 and SMTP, including Microsoft Outlook.
If you change these defaults with the antivirus client but your email
program uses the defaults, Auto-Protect still scans for risks in your
email traffic. If your email program does not use the defaults and
you change the Auto-Protect ports to match the ports used by your
email program, Auto-Protect does not scan for risks in your email
traffic.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
-
June 14th, 2005, 10:02 PM
#10
Junior Member
Yeah your right for the most part but what seems to be happening is spam email seems to be making its way back and forth through a bunch of my users computers. They are also afflicted with loads of trojans and spyware but this is probably from click happy Internet users.
I'm in the process of rebuilding every machine on the network so I can start from a clean slate, this in combination with several tips above will help out a lot.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|