1. Educate your employees: Educate and remind your users about the dangers of forwarding jokes, racy content, chain letters or political messages outside your network, as recipients are likely to report these as spam and your IP will get listed. You should also make your users aware that if they include a signature line that includes the company’s URL and phone/fax numbers, their emails are also likely to get blocked.
2. Educate your marketing department: Ensure your marketing department doesn't send out newsletters/ads using your normal outbound IP, as recipients will report the mailings as spam and your IP will get listed. Outbound mail should be restrictive, filtered and encryption authenticated. Do not build opt-out mailing lists, and be very quick to remove any subscribers that do not wish to be on the list. Another point to consider is that a virus outbreak that sends email you do not know about can cause your domain or network space to become blacklisted. Lastly, force outbound mail to go through servers that you control rather than going out directly.
3. Monitor: Keeping an eye on aspects such as inbound/outbound network traffic, service traffic, inbound connection attempts and port scans can help determine if your system has been compromised or if you need to take action.
4. Control your systems: Keep your systems locked down. It is important that you restrict inbound connections to any ports that you do not need to keep open. Ensure that all PCs require SMTP authentication on outbound mail, and force mail to go through your outbound MTAs (block port 25 connections outbound).
5. Use email authentication technologies: Use email authentication technologies and understand how the technology evolves. Email authentication technology is here to stay so it is important to learn how it can be leveraged to benefit your company, both when sending and receiving emails.
6. Stay up to date with patches: It’s a bit of a cliché but you must keep up to date with patches. This is important, not only on desktop computers but on servers as well. Viruses are not the only problem; a weak web application can also be exploited. For example, it can send an email you didn’t mean to send, irritating the recipients and earning your domain or IP address a bad reputation that could interfere with your regular messaging operations.
7. Configure your email server correctly: Ensure your Internet-facing email server environment is configured to validate recipients at reception time against your local LDAP system; otherwise you’ll be generating a lot of “backscatter” traffic when your un-validated content is attempting to be delivered to your internal Exchange/Notes/Zimbra/etc. server. This will get you blacklisted very quickly.
8. Set DNS protocols correctly: Make sure your forward and reverse DNS for your outbound hosts match.
9. Other security tips: Get to know the major RBLs now rather than scrambling around when your outbound IP address inevitably gets listed due to a bot’ed PC on your network. Also, deploy BATV to ensure you don’t receive bounces for spoofed content that you never originated.
10. Watch out for ‘free’ enterprise ready software: If you are serious about protecting your users (and your job), invest in one of the top commercial anti-spam software products.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.