Know about Secure Email?
End-to-end Email Security:
S / MIME (Secure / Multipurpose Internet Mail Extensions), like PGP, the use of one-way hash algorithms and public key and private key encryption system. However, S / MIME and PGP also has two different aspects: first, S / MIME authentication mechanism relies on the certificate authority hierarchy, all organizations and individuals to the next level of higher-level certification organization responsible for the accreditation, while the top one mutual authentication between the level of the organization (root certificate); the second is S / MIME encrypted signature after the contents of the letter as a special attachment delivery. S / MIME certificate format uses X.509, and online transactions using SSL certificates have some differences. Abroad, Verisign provides S / MIME e-mail certificates to individuals; in the country, there are Beijing VeriSign company to support the standard. On the client side, Netscape Messenger and Microsoft Outlook support S / MIME.
Transport Layer Security
SMTP (Simple Mail Transfer Protocol) is a standard letter of agreement, POP (mail Protocol) is the recipient of the protocol. SSL SMTP and SSL POP SMTP and POP protocols that run on the established SSL secure transmission channel, while these two agreements made some extensions to better support encryption and authentication and transmission. This model requires the E-mail client software and server-side E-mail servers support SSL certificate and must be installed.
VPN and IP-based channel technology encapsulates all of the TCP / IP services, but also to achieve a method of secure e-mail transmission. This model is often part of a network security mechanism.
Safety and reliability of the mail server
Prevent attacks from external networks, including denial of service connection requests from the specified e-mail addresses and domain names, refused to greater than a predetermined upper limit of the number of the recipient mail, limiting the number of connections a single IP address, shelve suspicious correspondence. To prevent attacks from the internal network, including denial from the specified user, mail service request IP addresses and domain names, enforce SMTP authentication, SSL SMTP and SSL POP achieve to confirm user identity, to prevent relay attacks, including completely closed relay function in accordance with the letter and the recipient's IP address and domain name restrictions flexibly relay, relay, etc. in accordance with the recipient limit.