Posts

The Complete Guide to Email Authentication

Introduction

The objective of this paper is to provide a brief overview and description of the most commonly used email authentication practices and methodologies. It is not exhaustive in nature, and does not cover every aspect of every technology in use today. It does, however, cover the main topics and points of discussion with regard to the mainstream standards used today for authenticating email.

Spam and Other Online Threats

In a recent report released by Cisco Systems, it was revealed that nearly 200 billion spam email messages are sent each day – approximately 90% of worldwide email. Other online threats that were cited include phishing, botnets, social engineering, and reputation hijacking – all used in collaboration with spamming. Because spam and other cyber security issues continue to increase year after year, technology integrators have turned to alternative methods to secure their communications. Email authentication is one such method, along with a wide set of other tools used by email senders and receivers to establish sender reputation.

Email Authentication

Generally defined, email authentication is a multi-method approach to securing email communications using either IP based and/or cryptographic standards. Email senders create a public record that verifies that their sending domain is authorized to send email from a particular IP address or mail server. Receiving ISPs can then use this record to validate the legitimacy of the sender and the messages they are sending. Additionally, ISPs commonly use this validation along with other metrics to determine the reputation of a sender, and ultimately if they will deliver the sender’s messages.

There are currently four different methods or standards that are typically used to authenticate email today: Sender Policy Framework (SPF), Sender ID, DomainKeys, and DomainKeys Identified Mail (DKIM). Each standard authenticates using a different methodology. While a sender can authenticate using all of the standards, an ISP may choose to only verify one or more of them.

Email Spoofing

One of the main benefits to using email authentication is that it dramatically reduces the problem of email forging or spoofing (also known as phishing) – where a user will receive an email that appears to originate from one source, when in reality it was sent from another source. Email spoofing is a classic spammer tactic used to coerce unsuspecting users into disclosing secure or confidential information without their knowledge or authorization.

A classic example of email spoofing that still occurs today are emails purportedly from a bank or financial institution, alerting the user that their account has been compromised and, in order to resolve the situation, they must click the link in the email to log into their account. Both the link, as well as the sender information have been spoofed or forged to look as if the message came from the purported bank.

Courtesy http://www.socketlabs.com/blog/the-complete-guide-to-email-authentication-part-1/

LinkedIn Within Microsoft Outlook

Where did the LinkedIn Outlook Toolbar go?

We’ve discontinued offering the Outlook Toolbar to focus on our new tool called LinkedIn Outlook Connector. This tool is built using the Microsoft Outlook Social Connector platform.

For an overview with download instructions and a video that shows what LinkedIn Outlook Connector can do, visit the LinkedIn Blog.

LinkedIn Outlook Connector requirements:

  • Outlook 2010, 2007 or 2003.
  • Outlook 2010 beta users should review additional Microsoft requirements.

A download of a 64 bit version of LinkedIn Outlook Connector is also available.

Install Self Signed Exchange 2010 SSL certificate

For my example, my domains are…

Local domain: vcp.local
Outside domain: vcpdomain.com.au

#NETBIOS name of Client Access exchange server:        vcpsydex01
#Internal FQDN (AD name):        vcpsydex01.vcp.local
#External FQDN (Public name):        smtp.vcdomain.com.au
#Autodiscover name:            autodiscover.vcdomain.com.au
#SubjectName:                cn=smtp.vcdomain.com.au

Run the following command on the Client Access Server for generating the new Self-Signed SSL cert using the names listed above:

New-ExchangeCertificate -FriendlyName “SelfSigned Cert” -SubjectName “cn=smtp.vcdomain.com.au” -DomainName vcpsydex01,vcpsydex01.vcp.local,smtp.vcdomain.com.au, autodiscover.vcdomain.com.au -PrivateKeyExportable $True

Prior to Windows Vista SP1, the Windows RPC/HTTP client-side component required that the Subject Name (aka Common Name) on the certificate match the “Certificate Principal Name” configured for the Outlook Anywhere connection in the Outlook profile. Therefore, as a best practice, you should ensure that smtp.vcdomain.com.au is listed as the Subject Name in your certificate unless you plan on changing the configuration which can be achieved by using the Set-OutlookProvider cmdlet with the -EXPR parameter as described in http://msexchangeteam.com/archive/2008/09/29/449921.aspx.

Open IIS on the Exchange Server and tell it to use this certificate.

  1. Click on the Default Web Site
  2. Click Bindings on the right
  3. Select HTTPS, and choose edit
  4. Under SSL certificate, click the drop down list and choose your certificate that you created earlier.
  5. You need to setup the following external DNS entries 1. smtp.vcdomain.com.au 2. autodiscover.vcdomain.com.au, these need to point to the external IP address of your Exchange CAS server.
    The next few steps are to install the certificate to the Clients.
  6. From Internet Explorer, navigate to the website of your OWA, https://mail.vcdomain.com/owa Click on Certificate Error, then click View certificates.
  7. Click Install Certificate
  8. Click Next
  9. Select the second option
  10. Select the box Show Physical Stores, Under Trusted Root Certification Authorities, select Registry and click OK

    Please note, you will need to repeat this step again and choose Local Computer. 

  11. Click Finish
  12. Select Yes. Close and re-open Internet Explorer.
  13. Close and restart Internet Explorer.

For more information, please refer to http://msexchangeteam.com/archive/2007/07/02/445698.aspx

Beware of online fraudsters

Beware of online fraudsters trying to obtain your personal details

How To Configure GMail Account With Microsoft Outlook 2010

First of all launch MS Outlook 2010 and click the office button which is located in the left most corner, now under the Info category you will be able to see the Account Settings option, click the drop down button and choose Add Account as shown in following screenshot.

outlook 2010
In the next step, select Email Account, enter Your Name, Email Address, and Password and clickNext.

outlook 2010 Add new Account
Now sit back and relax, Outlook 2010 will do the rest for you, it will establish connection to the relevant network, search for GMail server settings and log you on to the server automatically.

outlook 2010 online search for server settings
It will take a couple of minutes to complete the required configuration.

outlook 2010 -Add new account
Click Finish and thats all, it will take some time to download your emails.

outlook 2010- inbox
Now use all the enhanced features of Outlook 2010 to manage your GMail inbox. Enjoy!

courtesy: addictivetips.com

How to set up your Outlook 2007 client to work with Gmail

To set up your Outlook 2007 client to work with Gmail:

  1. Enable IMAP in Gmail. Don’t forget to click Save Changes when you’re done.
  2. Open Outlook.
  3. For new setups, select Do not upgrade.
  4. Click Yes.
  5. Enter your display name, email address (including ‘@gmail.com’), and password. Google Apps users, enter your full email address, e.g. ‘username@your_domain.com.’
  6. Select the ‘Manually configure server settings or additional server types’ checkbox.
  7. Select Internet E-mail.
  8. Settings: name, full email address (including ‘@gmail.com’ or ‘@your_domain.com’)
    • In the Account Type dropdown menu, select IMAP. In the ‘Incoming server name’ section, enter: imap.gmail.com and in the ‘Outgoing server name (SMTP)’ section, enter: smtp.gmail.com.
    • In the ‘User Name’ field, give your full Gmail address, including ‘@gmail.com’ or ‘@your_domain.com.’
    • After creating these settings, clicking Next takes you to the end of the setup.

  9. In the Tools menu, select Options then Mail Setup. Under ‘Email Accounts,’ click E-mail Accounts.
  10. Select an account, and click Change above the list of accounts. Click More Settings, then the Advancedtab.
    1. Incoming server must be 993, and must use SSL3 encryption.
    2. Outgoing server can use 587, TLS4 encryption.

  11. Click the Outgoing Server tab. Make sure that ‘My outgoing server (SMTP) requires authentication’ is selected. The radio button ‘Use same settings as my incoming mail server’ should also be selected.
  1. Click OK > Next > Finish > Close > OK.
  2. Check our recommended client settings, and adjust your client’s settings as needed.

IMAP: IMAP (Internet message access protocol) lets you download messages from Gmail so you can access your mail with a program like Outlook Express or Apple Mail. IMAP syncs the actions you take in Outlook Express or Apple Mail with Gmail so if you read a message in your mail client, it’ll be marked as read in Gmail.

domain: A domain is a name for an IP address and is more commonly recognized as a website or web address. For example, Google.com is a domain.

SSL: SSL (secure socket layer) is a way of changing data such as your username and password into code as it travels across the Internet, so that the data will be secure and private.

TLS: TLS (Transport Layer Security) is a way of changing data such as your username and password into code as it travels across the Internet, so that the data will be secure and private. With mail delivery, TLS begins with an unsecured connection to the mail servers, and then upgrades to a secure connection once information is sent.

courtesy: mail.google.com

How to set up your Outlook 2003 client to work with Gmail

  1. Enable IMAP in Gmail. Don’t forget to click Save Changes when you’re done.
  2. Open Outlook.
  3. Click the Tools menu, and select E-mail Accounts
  4. Click Add a new e-mail account, then click Next.
  5. Choose IMAP as your server type by clicking the radio button, and click Next.
  6. Fill in all necessary fields to include the following information:
    User Information
    Your Name: Enter your name as you would like it to appear in the From: field of outgoing messages.
    Email Address:Enter your full email address (username@gmail.com). Google Apps users, enter your address in the format username@your_domain.comServer Information
    Incoming mail server3 (IMAP): imap.gmail.com
    Outgoing mail server (SMTP):smtp.gmail.comLogin Information
    User Name: Enter your full email address (including @gmail.com or @your_domain.com)
    Password:Enter your Gmail password.
  7. Click More Settings… and then click the Outgoing Server tab.
  8. Check the box next to ‘My outgoing server (SMTP) requires authentication’ and select Use same settings as my incoming mail server.
  9. Click the Advanced tab, and check the box next to ‘This server requires an encrypted connection (SSL)’ underIncoming Server (IMAP). Also, enter 993 in the Incoming server (IMAP) box.
  10. Check the box next to ‘This server requires an encrypted connection (SSL)’ under Outgoing Server (SMTP), and enter 465 in the Outgoing server (SMTP) box.
  11. Click OK.
  12. Click Next, and then click Finish.
  13. Download the latest updates for Outlook from Microsoft. This will help prevent the most common Outlook errors that Gmail users see.
  14. Check our recommended client settings, and adjust your client’s settings as needed.

Congratulations! You’re done configuring your client to send and retrieve Gmail messages.

IMAP: IMAP (Internet message access protocol) lets you download messages from Gmail so you can access your mail with a program like Outlook Express or Apple Mail. IMAP syncs the actions you take in Outlook Express or Apple Mail with Gmail so if you read a message in your mail client, it’ll be marked as read in Gmail.

domain: A domain is a name for an IP address and is more commonly recognized as a website or web address. For example, Google.com is a domain.

mail server: A mail server is a machine that sends and receives emails. Think of a mail server as a mailman who makes sure messages go to the right place.

courtesy: mail.google.com

Setting Up Your POP or IMAP Email Address in MS Outlook Express

To Set Up Your E-mail Account in Microsoft Outlook Express

  • In Microsoft Outlook Express, from the Tools menu, select Accounts

  • Go to the Mail tab and from the Add menu, select Mail.

  • In the Display Name field, enter you full name and click .

  • In the E-mail address field, enter your email address and click Next.

  • On the E-mail Server Names page, complete your information as follows:
    • My incoming mail server is a POP3 or IMAP.
    • Incoming mail (POP3, IMAP or HTTP) server
    • POP pop.secureserver.net. or IMAP imap.secureserver.net.
    • Outgoing mail (SMTP) server
    • smtpout.secureserver.net.

Click Next.

NOTE:“smtpout.secureserver.net” is an SMTP relay server. In order to use this server to send e-mails, you must first activate SMTP relay on your e-mail account. Log on to your Manage Email Accounts page to set up SMTP relay. If you do not have SMTP relay set up and your Internet Service Provider (ISP) allows it, you can use the outgoing mail server for your Internet Service Provider. Contact your Internet Service Provider to get this setting.

  • In the Account Name and Password fields, enter your email address and password, and then click Next.

  • On the setup confirmation page, click Finish.

  • On the Mail tab, select the account you just created, and then click Properties.

  • Go to the Servers tab.
  • Select My server requires authentication, and then click Apply.

 

  • Go to the Advanced tab.
  • In the Server Port Numbers section, change Outgoing mail (SMTP) to 80, and then click OK.

  • (Optional) If you want to keep a copy of email messages stored on your email provider’s servers, in theDelivery section, select Leave a copy of messages on server.

Your Outlook Express account is now set up. Click Close to close the Internet Accounts window and return to your Outlook Express.

courtesy: secureserver.net

courtesy

Prevent your IP getting Black Listed , Maintain IP Reputation

There are a number of reasons your IP address may have been listed as “poor”, including:

1. The email server at this IP address contains a virus and has been sending out spam
2. The email server at this IP address may be configured incorrectly
3. The PC at this IP address may be infected with a virus or botnet software program
4. An individual in the organization at this IP address may have a PC infected with a virus or botnet program
5. This IP address may be a dynamic IP address which was previously utilized by a known spammer
6. The marketing department of a company at this IP address may be sending out bulk emails that do not comply with the CAN-SPAM Act
7. This IP address may have a insecure wireless network attached to it which could allow unknown users to use it’s network connection to send out bulk email
8. In some rare cases, your recipients’ Barracuda Spam Firewall may be misconfigured

If you do not think any of the above apply, please also contact the person who manages this IP address, as they may be better able to investigate this issue.

Courtesy : barracuda.com