E-mail Security, E-mail Threats like Eavesdropping, Spam E-mails, E-mail Viruses and Worms, E-mail Bombs, how to mitigate threats using S/MIME and PGP
Electronic mail (E-mail) is a method of exchanging digital messages across the Internet or other computer networks. E-mail is the backbone of today's communication and it is a convenient medium for communications for all segment of users. First E-mail was sent in 1971 by an engineer Ray Tomlinson. Before this, email was limited to users within a single machine. Tomlinson's was able send messages to other machines on the Internet, using the @ sign to designate the receiving machine. Email messages are normally plain text messages, with or without attachments. An E-mail consists of two parts, the message header, and the message body. The message header normally contains originator's email address, one or more recipient addresses and other control information.
An E-Mail server is an application that receives incoming e-mail from local users and remote senders and forwards outgoing e-mail for delivery. Example: MS Exchange Server, SendMail, QMail etc. All recent E-mail servers work on Simple Mail Transfer Protocol (SMTP).
E-Mail clients are programs which are used to create, send, receive, and view e-mails. Example: Mozilla Thunderbird, MS Outlook etc. All recent versions of E-mail clients allow messages to be formatted in plain text or.HTML (Hypertext Markup Language).
E-mails and mail system are also targets of attackers. Some common E-Mail threats are explained below.
Eavesdropping
Normally all E-mail messages (including userids and passwords) are transmitted between computer and E-mail servers as plain text. This is not secure and anyone who can intercept this can read your email and obtain your userids, passwords and sensitive E-mail content.
Spam E-mails
Spam is flooding the internet with many copies of unsolicited bulk E-mail messages. Spam E-mails are usually commercial advertisements like replica watches, cheap drugs, get rich quick and other dubious products. Spam E-mails decreases productivity and increases the cost of email use. Many legitimate E-mails are also filtered by spam filters.
E-mail Viruses and Worms
Many viruses and worms are spread as attachment of emails. Once your computer is infected, the Viruses and Worms may spread your network computers also. These malwares can send your private information to attackers, destroy your precious data or disrupt productivity.
Your E-mail server should be equipped with strong anti-virus application and spam filters to stop spam, viruses, and other unwanted content before they reach your infrastructure and users. Anti-virus application and spam filters should actively protect you against email bombs and other attacks, and greatly reduce the impact of spam and viruses.
E-mail Bombs
Email Bombs are a type of Denial of Service (DoS) attack which target mail servers. “Email bombs” occur when you receive a large number of E-mail messages in a very short time to overflow the mailbox or overload the server. Different types of E-mail bombs are Mass mailing (sending mass emails to the victims E-mail inbox), link listing (linking the victims E-mail address to different E-mail lists, so that the inbox is flooded with unwanted e-mails) and Zip bombing (a type of attack targeted to server where large number of compressed files are sent to servers).
How to mitigate E-mail Threats
Your E-mail server should be equipped with a trusted and updated anti-virus application and spam filters to stop spam, viruses, and other unwanted content before they reach your infrastructure and users. Anti-virus application and spam filters should actively protect you against email bombs and other attacks, and greatly reduce the impact of spam and viruses.
To protect yourself from eavesdropping attacks, encrypt your E-mail messages. Encryption scrambles the contents of the E-mail message and its attachments, and then reassembles the contents back at receiving side. Anyone intercept the data in between can catch only the encrypted packets. Most popular encryption methods available for E-mails are Secure/Multipurpose Internet Mail Extensions (S/MIME) and PGP.
Secure/Multipurpose Internet Mail Extensions (S/MIME): MIME (Multi-Purpose Internet Mail Extensions) is an extension of Simple Mail Transfer Protocol (SMTP). MIME (Multi-Purpose Internet Mail Extensions) provides the ability to transfer different types of data formats like audio, video, images, compressed files, and applications etc as attachments. The MIME (Multi-Purpose Internet Mail Extensions) header is inserted at the beginning of the E-mail, and the E-mail clients use the MIME (Multi-Purpose Internet Mail Extensions) information to determine which program associated with the attached file. MIME does not provide any security to the E-mails. S/MIME (Secure/Multipurpose Internet Mail Extensions) is a protocol that adds digital signatures and encryption to Internet MIME (Multipurpose Internet Mail Extensions) messages. S/MIME (Secure/Multipurpose Internet Mail Extensions) provides authentication, message integrity and non-repudiation of origin (using digital signatures) and privacy and data security (using encryption) to E-Mails. E-mail Messages are encrypted using a symmetric encryption, and a public-key algorithm is used for key exchange and digital signatures. DES, 3DES, or RC2 encryption can be used for encryption.
PGP (Pretty Good Privacy): PGP (Pretty Good Privacy) is another encryption method for E-mails. PGP (Pretty Good Privacy) uses both symmetric encryption and asymmetric encryption. PGP uses symmetric encryption algorithm to encrypt the E-mail message to be sent. After encrypting the E-mail message PGP (Pretty Good Privacy) encrypts the symmetric key used to encrypt the E-mail message with the public key of the intended recipient. The encrypted key and E-mail message are then sent to the intended recipient. At The receiving side, PGP (Pretty Good Privacy) will first decrypt the symmetric key with the private key supplied by the recipient and will then use the decrypted symmetric key to decrypt the E-mail message.
Note: Visit Public Key Infrastructure section to learn more about the terms encryption, symmetric encryption, asymmetric encryption, public key, private key and other related terms.
