Chapter 10. Protecting E-mail
Malicious attack types come in cycles. Two decades ago it was boot viruses. In the mid 1990s, macro viruses reined. Malicious e-mails have been a huge problem since the Melissa virus in 1999 and the Iloveyou worm of 2000. These days, malicious e-mails account for the majority of the e-mail traffic headed across the Internet, albeit using bots, viruses, worms, spam, or phishing attacks.
Preventing malicious e-mail attacks is one of the strongest defenses any network administrator can implement. In this chapter, we discuss the various e-mail threats, introduce Windows Vista's new Windows Mail application, and discuss e-mail defenses that should be enacted to secure any environment.
E-mail threats come in the form of malicious file attachments, embedded content, embedded links, leaked passwords, and some other miscellaneous categories.
Malicious File Attachments
Malicious file attachments still account for a large majority of all e-mail threats, although the percentage is decreasing as attackers begin to rely on embedded content more and more. In most instances, a malicious file attachment must be manually opened or executed by the end user to launch the malicious program or instructions. There have been a few isolated cases and periods of time where file attachments have been able to automatically execute when the user retrieved the e-mail (for example, buffer overflows and MIME-type mismatches), but those types of flaws are usually patched ...