E-mail and its security discontents

E-mail and its security discontents

Why Microsoft, Cisco, IBM and others need to step up to protect SMTP

This clear direction, the "You must do this.....," has to be led in a non-partisan way by Microsoft, IBM, HP, Oracle, Cisco, MessageLabs, Postini, Yahoo and Google, and have visible backing of the top-100 global companies that all agree to implement the solution within 12 months and start blocking (or at least discriminating against) e-mail that does not conform.

It is my belief that the Jericho Forum, an international IT security thought-leadership group, and a Managed Consortia of Open Group, a highly-respected vendor and technology neutral consortium, is ideally suited to bring together the best-of-the-best from the vendor community and global companies to play the role of honest-broker to deliver standards on behalf of the global community.

So Bill Gates, you promised an end to spam by 2006; perhaps you would like to champion this as your retirement project?

Ten questions to ask about your e-mail systems:

  1. Do you have a strategy for securing e-mail?
  2. Is your e-mail server capable of SMTP/TLS in at least opportunistic mode?
  3. Can you support a request for forced SMTP/TLS?
  4. Have you updated your DNS to include your SPF records?
  5. Have you trained your people that sending Internet e-mail is like sending a postcard?
  6. Are you alerting your e-mail recipients when an external e-mail is not secure?
  7. Are you feeding SPF and SMTP/TLS attributes into your spam calculations?
  8. When using an (e-mail) marketing company and they spoof your e-mail domain -- do you ensure the SPF is OK?
  9. Do you have processes to ensure content is secured when sending via the Internet?
  10. Does your DNS provider support the latest SPF standard?

Paul Simmonds is a member of the management board of the Jericho Forum, an organization pushing for innovation in e-commerce security, and is also CISO for a large, global chemicals corporation.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments