How to better run and protect your email system?
Our Main Products: Sprocket,Gear&Shaft,Chain coupling, Taper bush,Pulley,CNC customized....
Run email server
Setting up an email server is not very difficult. Most Unix-like operating systems include sendmail or ready-made alternatives. Some Linux distributions do the same. The more challenging task is to ensure the security of the mail server and ensure that other servers will accept the emails it sends.
Email in the "reputation" era
Spam is almost as old as email. According to Wikipedia, the earliest spam was sent in 1978. On today's Internet, after a machine is connected, it will start to receive e-mails whether it is needed or not. Since most computers are not interested in receiving e-mail, blocking connections through TCP port 25 (SMTP) is a good default strategy.
Real-time black hole list
After accepting the connection, most email servers will be configured to query one or more real-time black hole lists (RBL). The Spamhaus project manages some of the most commonly used lists, but there are many others. If the server is listed in one of these black hole lists, any email it tries to send may be rejected. In addition to the real-time black hole list, there is also a real-time white list: DNSWL.
Staying away from the black hole list and entering the white list is a great way to help ensure that emails will be accepted. Sending spam will make the server blacklist. The long history of not sending spam will make the server whitelist. In addition to preventing servers from entering the blacklist and whitelist, there are three DNS-based technologies that can help ensure that emails are accepted:
The Sender Policy Framework (SPF) lists the IP addresses from which the domain thinks it can send emails. If an email from a certain domain arrives from anywhere else, it will be suspected (or even rejected).
Domain Key Identified Mail (DKIM) is a mechanism for cryptographically signing email headers. As part of the spam filter library, the recipient will verify that the header is properly signed before allowing the message to pass.
Domain-based message authentication, reporting and consistency (DMARC) connects DKIM and SPF together. DMARC allows domain owners to indicate to recipients what to do with emails that fail DKIM or SPF. They can also specify reporting mechanisms to help monitor forged emails from their domains.
All these methods work by adding the TXT record to the domain in DNS. With DNSSEC, the receiver can be reasonably confident that the policy is made by the (claimed) sending domain.
The reputation of the server will determine whether other servers will talk to it. At this stage, content filtering begins. The content filter will check the received mail for malware, accidental legacy by the Nigerian prince, and other harmful content before moving it to the user's mailbox. Older content checking filters will check a long list of regular expressions. Newer technologies use neutral networks trained on large amounts of good news and bad news to assess the desirability of the messages.
Since content filters can never be perfect, emails deemed bad by content filters are more likely to be archived as "spam" rather than rejected outright. Some more advanced content filters (such as Rspamd) will track the score of the email and decide to reject or archive it as "spam" based on a configurable threshold.
How Can YQ Help