Despite the rumors announcing the death of email, its use continues to grow. According to research, email traffic is predicted to grow to over 424 billion emails sent per day by 2028. And as long as businesses continue to use email, cybercriminals will find new ways to exploit security gaps, software bugs, and basic human nature to extort millions of dollars from their victims. That’s why you need the additional protection offered by SecurityGateway for Email to protect against email-borne threats.
Here are our top 15 recommendations to protect your business from email-borne threats with SecurityGateway™
SecurityGateway
was designed to be easy to use while providing the strongest protection against spam, phishing, and data leaks. And while most security settings are configured for optimal protection by default, it’s a good idea to follow these guidelines for best results.
Verify That a User is Valid before Creating an Account
With every incoming message addressed to an unknown local user, SecurityGateway needs to be able to verify that the account is a valid local user by querying Microsoft 365, Active Directory, MDaemon, or another data source before creating the account and delivering the message. We recommend using one the user verification sources found in SecurityGateway to validate accounts.
User verification options to validate users by querying Microsoft 365, Active Directory, MDaemon, or an LDAP data source
Use SMTP Authentication to Prevent Unauthorized Account Access
To help prevent unauthorized account access, we recommend requiring SMTP Authentication unless a message is transmitted from a domain mail server.
SMTP authentication settings in SecurityGateway for EmailUse Strong Passwords
Spammers will often try to hijack an email account by guessing its password. Therefore, passwords that are easy to guess should always be avoided. If SecurityGateway is configured to create accounts automatically by querying a user verification source, then make sure your user verification source is configured to require strong passwords. Passwords can also be assigned to users manually via the Domains and Users menu.
Enable Dynamic Screening
Enable Dynamic Screening to block connections that exhibit suspicious activity, such as failing too many authentication attempts, connecting too many times in a given time frame, attempting to keep a connection open too long, or sending to too many invalid recipients. Dynamic Screening makes it more difficult for a malicious person to guess passwords by detecting the malicious activity and blocking the connections.
Dynamic Screening Settings in SecurityGateway for EmailEnable Account Hijack Detection
If a spammer guesses an account’s password, he can then use that account to send out spam. To limit the spammer’s ability to abuse a compromised account, enable Account Hijack Detection, and then enter the maximum number of messages that can be sent in a given time frame. Once the limit has been reached, the account is disabled and the administrator is notified.
Prevent compromised email accounts from abuse with Account Hijack Detection in SecurityGateway for EmailEnable at Least One Default Mail Server
When email arrives for a domain that has not been assigned its own mail server, SecurityGateway needs to know where to send those messages. We recommend adding a default mail server for all Security Gateway domains that have not had domain mail servers specifically associated with them.
SecurityGateway - Default mail server settings
Prevent Unauthorized Mail Relaying
Relaying occurs when mail that is neither to nor from a local account is sent through your server. Servers that are not properly configured to prevent relaying can end up on a blacklist. By default, SecurityGateway does not allow mail relaying.
Relay Control Settings in SecurityGateway for Email
Protect Your Domain with IP Shielding
IP Shielding is a security feature that only honors SMTP sessions claiming to be from someone at one of the listed domains if they are coming from an IP address associated with that domain.
The best way to secure outbound email is via SMTP authentication. However, for businesses that need to send email from a printer or other device that is not capable of authenticating, IP Shielding can be used to exclude certain IP’s or ranges from having to authenticate. Messages from authenticated sessions can optionally be exempt from IP Shielding requirements.
Protect against email spoofing with IP Shielding in SecurityGateway for Email
Enable SSL to Ensure Data Privacy
To protect the privacy of transmitted data, we recommend enabling the SSL encryption features for SMTP and HTTP.
SSL & TLS settings in SecurityGateway for Email
Enable Backscatter Protection
Most spam messages contain a forged return path. This often leads to users receiving thousands of delivery status notices, auto-responders, and other messages in response to messages that the user never sent. This is known as backscatter. To combat backscatter, SecurityGateway’s Backscatter Protection feature can help to ensure that only legitimate Delivery Status Notifications and auto-responders get delivered to your domains.
Backscatter Protection Settings in SecurityGateway for Email
Don’t Whitelist Local Email Addresses
In many cases, local IP addresses or host names may need to be whitelisted. However, we do not recommend whitelisting local email addresses. If a local address is added to the whitelist, messages sent to this address could bypass many of your security settings and put your server at risk of being blocklisted.
Protect your Email Infrastructure from Virus and Spam Outbreaks
SecurityGateway scans all inbound and outbound mail using the Ikarus and ClamAV antivirus engines. It also includes Outbreak Protection, which is real-time anti-spam and antivirus technology that is capable of proactively protecting your email infrastructure automatically and within minutes of an outbreak.
Antivirus settings in SecurityGateway for Email
Prevent Data Leaks
SecurityGateway includes over 70 Data Leak Prevention rules to help prevent unauthorized transmission of sensitive information such as personal identification numbers, credit card numbers, and other types of confidential data. These rules can be configured to send messages containing sensitive content to the administrative quarantine for further review, redirect the message to a designated address, or encrypt the message.
SecurityGateway can also check for medical terms to prevent sensitive information from getting into the wrong hands.
We recommend enabling the appropriate Data Leak Prevention rules to suit the needs of your specific business or industry.
Data Leak Prevention in SecurityGateway for Email
Enable Location Screening
Use Location Screening to block inbound SMTP and HTTP connections from unauthorized countries. If your company has no legitimate business need to communicate with a particular country, then refusing connections from that country can potentially block large amounts of spam. Alternatively, you can configure Location Screening to only prevent authentication from unauthorized countries.
Block email from unauthorized countries with Location Screening in SecurityGateway for Email
Enable Macro Detection in Microsoft Office Documents
Cybercriminals often use macros in email attachments to spread malware. In SecurityGateway, the Virus Scanning settings include an option to detect macros in Microsoft Office documents and flag them as infected. Security Gateway can refuse these messages or quarantine them for administrative review.
SecurityGateway provides accurate spam filter protection, email encryption, data leak prevention (DLP), archiving & compliance, and much more for Microsoft 365, Microsoft Exchange Server, Google Workspace & other email platforms. We offer a fully-functional 30-day free trial. Click here to get started!
