Chapter 14
Securing E-Mail
In This Chapter
Protocols in this chapter: SSL, TLS, SMTP, SASL, POP, IMAP
Using common sense to protect against attacks
Identifying different types of attacks
Securing e-mail in layers
Adding security to e-mail clients and servers
Creating keys for encrypting e-mail
E-mail is one of the biggest threats to your client, server, host, intranet, and Internet security. If you think you have nothing to hide, remember that e-mail security is always a personal privacy issue even if you aren’t mailing credit card numbers or the secret formula for eternal youth. E-mail security involves three concepts:
Confidentiality: An e-mail message should be seen only by its sender and recipients.
Authenticity: As a recipient, you should know that e-mail comes from the sender, not from someone claiming to be the sender. As a sender, your e-mail should go only to the recipient (or recipients), not to someone claiming to be the recipient.
Integrity: No unauthorized person should be able to modify an e-mail message.
This chapter is full of tips for securing e-mail. You find how to secure your e-mail client and secure your server, host, and network. If you use a browser client to read your mail, please check Chapter 11 for secure browsing tips.
Common Sense: The Most Important Tool in Your Security Arsenal
Everyone has common sense (unless you hear Candace’s mother talk about her). The problem is that all of us occasionally forget our common sense or believe that we can put ...
