Email is the preferred method of communicating sensitive business information, as well as the attack vector used in over 90% of all cyberattacks and breaches. Thus, it is critical that business email servers and accounts are configured with security in mind. Here are our top tips for securing your email server:

Avoid being an Open Relay for spammers by configuring your mail relay parameter to be very restrictive.

Set up SMTP authentication to control user access and prevent open relay and abuse of your server. Only authorized users should be able to send mail for your domain using your mail server.

Limit the number of connections to your SMTP server to protect against denial-of-service (DoS) attacks.

Activate reverse DNS to block bogus senders by verifying the existence of the sender's email domain before accepting a message.

Reduce incoming spam email using DNSBL servers, which check the reputation of sender domains or IPs.

Activate Sender Policy Framework (SPF) to help prevent spoofing and sender fraud.

Enable SURBL (Spam URI Real-time Blocklists) to verify message content by detecting unwanted email based on invalid or malicious links within a message. 

Block spammers by maintaining local IP blocklists.

Protect the privacy of your passwords by encrypting POP3 and IMAP authentication.

Ensure email availability by having at least two MX records for each domain. ​​This configuration is done on the DNS Zone level.

Avoid using SMTP default settings, which have not been configured to provide optimal security. For instance, under Account Settings for your email client, make sure the “Allow insecure authentication” option (which is checked by default) is unchecked. Also, be sure to check the “Require sign-in” option.

Set up enforced TLS to protect the privacy of your email communications.

Implementing additional layers of security by fortifying business email with a comprehensive, proactive email security solution can help protect your business from phishing, ransomware and other cyberattacks.

Some best practices for securing email accounts include:

Choose a strong, unique password and use two-step verification.

Review security notifications carefully.

Always use a secure device to access your email account, and log out of your email account when you are finished using it.

Don’t allow web browsers or mobile phones to remember your email account or password. In the event that your device is lost or stolen and an attacker is able to guess or crack your password, he or she can then log into your email account using your saved credentials and send mail from your compromised account masquerading as you.

Be cautious of who you share your email address with.

Partnering with a managed services email security provider can assist greatly in setting up and configuring business email securely. For instance, Guardian Digital's fully-managed solution - EnGarde Cloud Email Security - features an interactive Dashboard administrative portal designed to deliver increased levels of security, effectiveness, and cost-efficiency to your team. The Dashboard provides valuable insight that can be leveraged to tailor email account and email security settings to protect against the specific threats your business faces. 

Next Steps

Want to learn more about how you can configure your email servers and accounts securely to help protect the privacy of your communications? Get in Touch >>

Sign Up and
Receive a Free

Cybersecurity Awareness Infographic at the End of the Month

CyberSecurity Month