No shells in sugar-coated clothing -- e-mail security

Source: Internet
Author: User

Build an E-mail line of defense
In the security defense of E-mail, we can also use the strategy of "false ignorance, we have built a security line for E-mail from the system, anti-virus, anti-Black, and other aspects ......

  Analysis on security risks of E-mail

E-mail is the most widely used communication tool in interpersonal communication on the network. Its security issues have attracted attention from various aspects several years ago. To put it simply, E-mail has the following direct or indirect security issues:

● Password theft

Trojans, brute-force guesses, software vulnerabilities, sniffing, and many other methods may cause the mailbox password to give away without knowing it.

● The email content is intercepted

● The attachment contains a large number of Viruses

It often uses the psychology of people who are eager to receive emails and are easily attracted by the subject of the emails to infiltrate and destroy computers and networks. At present, the harm of mail virus is far greater than that of traditional viruses.

● Email bomb attack

● Design defects

Next we will discuss some practical preventive measures to address the various threats that e-mails may pose to us from the perspective of ensuring the security of email and email, as well as the purpose of system security.

  Email client software usage restrictions

As the mail client software (such as Foxmail) is the operating environment for sending and receiving mails, we can regard it as the first line of defense to restrict the use of the mail client software. Taking Foxmail as an example, there are several restrictions based on different operating systems:

1. in Windows 98 and other operating systems with poor Security design, you can use third-party Security tools such as PC Security to limit the use of Foxmail. After installing the software, right-click the Foxmail icon and select "PC Security" and "Lock" in the shortcut menu to achieve the "locked" restriction. To use Foxmail, you must enter the corresponding unlock password to use Foxmail.

2. When using Windows XP and other secure systems, in addition to third-party encryption tools such as PC Security, you can also use the system's own encryption functions. The premise is that the Foxmail software should be installed in the NTFS partition, and then you can right-click the icon, select "properties" in the pop-up menu, and click to switch to the "Security" tab setting interface, set the user (1) authorized to use the program as needed ).

  Mailbox password security measures

Email passwords are currently one of the most vulnerable registration passwords, which are harmful and widely used. Therefore, we should take the following measures to minimize risks:

1. We strongly recommend that you use "irregular password combination with sufficient length + Regular password replacement ".

2. It is complicated to set the password to prompt questions and answer questions. When registering an email address, you may need to set a password prompt to restore the password. But sometimes this will give hackers a chance to "Guess! For example, if a user asks 123, the answer is 321. Then hackers with a little experience will first test such questions and answers, so that they can easily crack the mailbox. Therefore, it is recommended that you start a problematic password that is meaningful, easy to remember, and hard to be guessed by hackers.
 Email encryption

Email encryption is an effective and effective security precaution against email content. HotCrypt is a software used for email encryption, which is very suitable for new users. HotCrypt adopts advanced encryption algorithms to effectively protect data security. It supports any email program or other file editing windows and can be quickly encrypted and easy to use using hotkeys. Next, we will introduce in detail how to encrypt emails under Foxmail:

Step 1: After you run HotCrypt and edit the content in the Foxmail email writing window, press Ctrl + E to bring up the HotCrypt encryption window to encrypt the email.


Step 2: enter the password in the text box below "Enter Password" and click "OK" to return to the mail editing window, you will find that the body of the email has been converted into encrypted ciphertext.

Tip: HotCrypt can only encrypt the content in the upper-level current window. After receiving this email, A friend needs to press Ctrl + D after running HotCrypt to bring up the Password Input window and enter the correct password to read the email normally.

  Email virus prevention

As email is increasingly becoming an important means of daily communication, the shadow of viruses begins to surround emails. Today, more than of computer viruses are transmitted by email. So how can we comprehensively intercept email viruses? You can use the following methods:

1. prohibit other programs from secretly sending emails

In order to prevent the email virus from automatically querying the user's address book, and then sending it to the user's friends and family in the name of the user. Taking Outlook Express 6.0 as an example, we can make the following settings:

Click Tools> Options> Security, and select the check box before the option "warn me when other applications attempt to send an email in my name" on the settings page, when any "underground email sending activity" is detected, users are immediately reported (3 ).

2. Enable the auto-virus option for Outlook Express 6.0

Because most of the mail viruses are transmitted by loading the mail attachments, you can use OE to disable attachment opening to prevent such viruses. Run OE6.0 and click "Tools", "options", and "security" in sequence ", click the check box before the "Do Not Allow save or open attachments with viruses" tab on the settings page to enable the OE self-protection function.

3. Modify Association

Some worms pass. to reduce the risks caused by such virus, an easy way is to modify the file's association attributes so that when opening the script file (for example, double-click an attachment) it does not run automatically. Open "Control Panel" of Windows XP, double-click "Folder Options", select the "file type" tab, and select the. vbs file type
Then, change its default operation to notepad (instead of running it with VBScript by default), click the "advanced" button, and select "edit" in the "edit file type" dialog box ", in the pop-up "edit this type of operation" dialog box, specify the opened program as NotePad

TIPS: You can also modify file types such as. vbe,. wsf,. wsh,. js, And. jse. Modifying File Association attributes cannot isolate all risks.

After modifying the association attribute of a file, When you click a script file, it will not run automatically as originally, but will be opened and edited in notepad. To run a script, you must explicitly specify vbscript.exe in the script format to open the script file.

4. Use anti-virus software

Currently, the vast majority of anti-virus software provides the function of Virus Detection on the mail content. For example, the Rising antivirus software can do this well. It allows us to send and receive emails, the system automatically performs Virus Detection on emails to prevent viruses from being poisoned ".

  Email bomb prevention

The prevention of email bombs is cumbersome, and it is difficult to ensure that they are safe. However, we can use the following methods to avoid email bomb attacks and handle the aftermath as much as possible:

● Do not disclose your mailbox address at will

● Hide your email address

For example, the shy@public.sq.js.cn in the input into shy · public .sq.js.cn, so that everyone knows that this is actually a mailbox, but some mailbox automatic search software can not identify such a "Mailbox.

● Exercise caution when using the automatic reply function

"Automatic reply" can be well designed, but it may also be used to create email bombs! Imagine if both parties have set the "automatic reply" setting for receiving and sending, and neither party has received the email in time, A mailbox bomb will be created in repeated "auto-reply.

  Patch

Unexpected errors and vulnerabilities often occur in software design, which brings security and stability risks to the program. Therefore, frequent software updates are the simplest and most direct way to ensure system security. For example, to download and install the SP1 Simplified Chinese version for Outlook Express 6.0, the download URL for the patch is: http://www.microsoft.com/downloads/details. aspx? Familyid = 0cf81200-dd86-4636-8ae5-3f4af4e829d8 & displaylang = zh-cn

  Email backup

When talking about mail security, we can't help but talk about the backup topic. However, due to the different software, many backup methods can be used, so this article cannot be detailed. However, you should basically set up a dedicated directory for the received emails, export the "Address Book" and other backup operations.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.