enquriy

 

Messaging System Enquiry

Mobile Messaging

4 July 2008

Presented by:

CF Lai

 

eMessaging in Small Business Environment

This paper will probe into today’s messaging system in Small business environment and introduce the form of mail clients and discuss the e-mail solution’s risk.  A guidance and an appropriated solution for email admin.

 

 Planning the site

Mobile messaging

Today’s mail administrators are facing hugs of communications problem between email systems and mail clients.  The reasons for these problems are appeared from various human factors, cultures, technologies and values.  Administrators are boundary by the gapes and movement of the messaging system to be a risky system to fulfill the mobile messaging.

Form of mail clients

SMTP relay with authentication, HTTPS, clients certifications and token security password are prevent mail system used by spammer or unauthorised access.  These facilities are to pay up with movement of messaging system.  Messaging system development from 1972 from intranet to internet where two standards still common nowadays. “SMTP and POP/POP3”.  As the mobile users request the administrator must allow the SMTP relay.  That’s why the Forgery email addresses still circulate around the internet world. 

A new SMTP with authentication seems to be a solution to prevent the spammers abuse the mail server.  However, spammers still active and feel exciting by controlling the Zombie and Botnet. Spammer distribute mail by using valid user name and password easily by Trojans and password hacking programs.  The outcomes are the mail server’s IP address will be listed in the”DNS block list”.  It will reduce the competitive of a organisation’s.

On the others hands most ISP restricted their client (home users) initiate SMTP service from their desktop.  The home users are allowed to use the SMTP server which provided by the ISP only.

 

Although, SMTP auth. is allowed, the mobile users cannot perfectly use this service at home.  Administrators are necessary to explain to them some of the ISP blocking the SMTP port.  “I don’t understand” the users may reply.   Most administrators in small business environment cannot mark out the IT policy.  The policy may subject to the executives favorites.   There are only one or two IT forks in a company, however they are facing the same problems same as big companies from the messaging system.  Finally, SMTP with auth.  is not an appropriated solution to an organisation in today’s Internet environment

https://ab.login.yahoo.com/img/FGOUsOJZFem8hBie2JcWnOiY3IHISLsBPUuPl0kI7vBN_Pv2ws9zmWU7.Z_Lk7dhPLeorW0KagXu8HIAKVFE.W9zNdNp.j3mQU6l.jpgPreventing the risks

Human Factors

 

The strongest way is DO NOT allow SMTP relay but it is not realistic way.  Forces uses experience and understand the benefits of HTTPS and Web interface and in combining with graphical code at each login. 

If SMTP relay must use, define and education the security policy. Send security awareness reminder in particulars periods.  Keeping the mobile device such as notebook, PDA or smart phone which can connect to the messaging system patches and viruses definition up-to-day. To avoid the desktop be a Zombie, don’t allow user install or run unnecessary programs.

http://tbn0.google.com/images?q=tbn:Qu0vl2D8RTVJsM:http://ebanking.bankofmaldives.com.mv/pix/props/security-sw-token.jpg

Use one-time password for messaging system gateway login
 

 

 

 

 

Admin your system

Maintenance the mail server by a set of procedures and the procedures should be review in a particular period.  Review the system features and prevention system can use for today’s Internet environment.  Carefully use the DNS block list servers, they might not correct and out of services.  Monitoring the DNS block list servers and other database engines that subscribed.

Verify and check the new IP address offered by ISP, ensure the assigned IP addresses are clean and not listed in any DNS block list server.

Regularly, measure the bandwidth usage for your e-mail server.  If the spam email or internet attacks allocation the system loading over 80% or above, you must report to your ISP to stop the unnecessary traffic at the ISP’s edge.

http://tbn0.google.com/images?q=tbn:SDHItxXI81NnHM:http://bp0.blogger.com/_RPkxsQAL_tg/R0MJYlIV2eI/AAAAAAAAASM/cxwUefyZzc8/s400/%E5%A4%AA%E6%A5%B5.pngEnsure system and spam filter configurations unchanged after patching or software upgrade.  Your server may missing many important mails if the spam filtering engineer too strong.  Try to balance between security and real business environment.

Technologies are moving fast, the duration of the messaging system life cycle will depend on the technology growing.  We are look forward to new technology and new security aspects. The processing of the system life cycle is required to monitor, review and re-engineering.

Manage your organisation

A system’s usability can be measured by Integrity and Availability.  Whatever, a international corporation or a sold trader.  They have same expectation to a messaging system.  On-time, useable in anywhere and assist their business.

 

 

 

 

Steps for setup messaging system

 

 

1