Mail client management

Data has become a primary asset of the 21st century. With an increasing number of data protection laws coming into force, organizations need to have better visibility and control over data that is entering and leaving their network, especially through email.

Here are a few best practices to manage and maintain a mail client's security:

Choosing the right email client.

There are number of vendors offering email client management and most come with basic security features enabled. However, only a few clients have enhanced security and privacy features that actually suit the needs of an organization. Before making a final decision on which email client to go with, you should compare their security features individually, see which ones fit your organization, then test and analyze them. You can do a preliminary check of different clients' security features here.

Scanning mail clients.

Viruses and malware can easily slip into a network in the form of an email attachment. Combat these hazardous programs by configuring an antivirus program that will scan your mail client.

Effective use of spam filters.

A common feature of most mail clients is a built-in spam filter. Most spam filters identify suspicious and unwanted mail and prevent spam from entering an inbox. If spam is reaching your inbox, you should try creating your own spam filters to catch these corner cases or use dedicated spam filtering software if the amount of spam is uncharacteristically bad. Additionally, you should choose a mail client that supports Spam URI Realtime Block Lists (SURBL), which can filter out malicious hyperlinks that commonly populate spam.

Configuring the right protocols and ports.

Improve security with SSL for SMTP, POP, and IMAP on common TCP/IP ports. Avoid using plaintext mail ports; using port 995 for POP3, port 993 for IMAP, and port 465 for SMTP is recommended instead.

Escaping DoS attacks.

SMTP servers are primary targets for Denial of Service (DoS) attacks. If you use SMTP, you should limit the number of connections to it (including the number of simultaneous connections).

Reverse DNS lookup.

Practicing reverse DNS lookup can add an additional layer of security for your SMTP server and can help with avoiding spam emails. You can also, limit your SMTP server to specific user accounts only.

Define where mail can go.

Define which domains inbound and outbound mail can be received and sent from. Doing so can keep a huge amount of irrelevant data out of your network. Depending on the mail client, domain-specific emails can be filtered and audited at regular intervals, and attachments can be stored in a specific folder.

Managing your mail client effectively can take some time, but when done right, it'll leave your enterprise free of unnecessary data as well as help in securely retaining data in a way that complies with your organization's privacy policy.