Part 2 of 2: How to Ensure E-mail Security

- Advertisement -

The sample SPF records are displayed below:

rakesh.com. IN TXT “v=spf1 a mx -all”
rakesh.com. IN SPF “v=spf1 a mx -all”

‘v=’ defines the version of SPF used. The following words provide mechanisms to use to determine if a domain is eligible to send mail. The ‘a’ and ‘mx’ specify the systems permitted to send messages for the given domain. The ‘-all’ at the end specifies that, if the previous mechanisms did not match, the message should be rejected.

- Advertisement -

Comparing SPF and DKIM, we can say that SPF validates the message envelope (the SMTP bounce address), not the message contents (header and body). It is orthogonal and complementary to DKIM, which signs the contents (including headers). In brief, SPF validates MAIL FROM versus its source server; DKIM validates the ‘From:’ message header and a mail body by cryptographic means.

One of the problems with DKIM is that if the message is significantly modified en route by a forwarding mechanism, such as a list server, the signature may no longer be valid and, if the domain specifies that all e-mail is signed, the message may be rejected. Also, many central antivirus solutions add footer that the e-mail has been scanned and the date of the signature files. Some free e-mail servers also add advertisements at the bottom of the e-mails. Many domains, however, say that only some of their e-mail is signed, and so a missing or broken signature cannot always be used to reject e-mail.

The solution is to sign all your e-mail. If the only modifications en-route involve the addition or modification of headers before the DKIM-Signature: header, the signature should remain valid. Also the mechanism includes features that allow certain limited modifications to be made to headers and the message body without invalidating the signature. We can suggest that this limitation could be addressed by combining DKIM with SPF, because SPF (which breaks when messages are forwarded) is immune to modifications of the e-mail data, and mailing lists typically use their own SMTP error address or Return-Path.

In short, SPF works without problems where DKIM might run into difficulties, and vice versa. Fig. 8 shows the e-mail sent using DKIM and how the DKIM signature looks and how the decision is taken to pass it to inbox or spam. To see the DKIM signature and SPF record, you can go to your e-mail client (Gmail or yahoo) and invoke the view full header option. In Fig. 9, we can see that the DKIM/SPF e-mail authentication failed. SPF shows that there is a permanent error in processing of domain of ICICI bank. The sample e-mail in Fig. 9 is a phishing attack mail which came to the spam folder of my e-mail. It arrived in my spam folder as the SPF/DKIM processing failed. In Fig. 10, we can see an e-mail sent from [email protected] to [email protected], which is a self-mail sent by me. The e-mail passed both DKIM and SPF.

Now we will discuss some tips which can be address, accessing, browsing and using e-mail and e-mail accounts.

Properly managing your e-mail accounts
1. Using just one e-mail account. E-mail users often think that their e-mail accounts, like their home address, should have only one e-mail address. A good rule of thumb for the average e-mail user is to have separate e-mail accounts for work and personal requirements and an e-mail account for general use like signing up for newsletters and posting e-mail account for online activities, such as blogs and online forums.

2. Closing the browser after logging out. When checking e-mail at a library or cybercafé, one not only needs to log out of the e-mail but also needs to close the browser window completely. Some e-mail services display the username (but not your password) even after logging out. Whilst the service does this for convenience, it compromises your e-mail security.

3. Forgetting to delete browser cache, history and passwords. After using a public terminal, it is important to delete the browser cache, history and passwords. Most browsers automatically keep track of all the Web pages that have been visited, and some keep track of any passwords and personal information that were entered in order to help out to fill similar forms in the future. If this information falls into the wrong hands, it can lead to identity theft and stolen bank and e-mail information.

Because the stakes are so high, it is important that Internet users be aware of how to clear a public computer’s browser cache so that they can delete private information before lurking hackers get hold of it. In Mozilla’s Firefox, simply press Ctrl+Shift+Del. Opera users need to go to Tools>>Delete Private Data. Users of Microsoft’s Internet Explorer need to go to Tools>>Internet Options then click the ‘Clear History,’ ‘Delete Cookies’ and ‘Delete Files’ buttons.