Archive for category Email Management

I am receiving spam mails from my own email id ? Is there any security laps ?

The error as mentioned by you is known as Email Spoofing. The current email protocol system lacks such protection. The majority of communication could be spoofed as it is very difficult to verify who is there on the other end, who is sending the mail and his authenticity.

On Internet while receiving mails, smtp protocol does not verify the sender for its validity expect valid IP and domain. The Reason – It is difficult to know who is going to send you a mail next and from where.
You may be expecting a mail from any where in the world connected via internet on your mail id account.

Please be notified that some Spammer may induce virus use via this technique and send spam mail by putting sender as same as recipient to gain trust with antispam and to by pass the filter as Antispam server and whitelist your domain.

http://www.cert.org/tech_tips/email_spoofing.html

What are the measures to STOP this ?

1. Identifying and taking Legal action:

By checking the Mail Header we will able to know the originator IP address and we can inform IP owner to stop such activity. (May be – server is infected with virus).

2. Remove white list of owndomain.

Most of the mail server configured not to check mails for spam from own domain to Reduce false positive and reduce antispam load.

3. SPF

This define only allow mails of OWN domain from specific IP address. but putting this rule you need to declare all IP address that you would be using as Outgoing. Main drawback incase of MAIL FORWARDING. ie.

If any user forwarded mail from hotmail/yahoo/gmail to your server then all these mails shall also get reject by as per this policy. Another disadvantage is if SPF query fails then it leads to risk of a bounce back of their mail(s) which is not acceptable to any user.

4. Domain Key/DMKI

DomainKeys Identified Mail (DKIM) is a domain-level Authentication framework for email using public-key cryptography and key server technology to permit verification of the source and contents of messages at STMP level. This framework permits a signing domain to assert responsibility for a message, thus protects the message signer identity and the integrity of the messages that they convey while retaining the functionality of Internet email as it is known today.

Protection of email identity may assist in the global control of “spam” and “phishing” and spoofing.

There by as such there is no standard protocol defined whereby we could stop spoofing and retain the functionality of Internet email as it is known today. Domain key looks very handy but is not that useful until all service provider implement(s) the same worldwide.

How To Set Up ActiveSync With Mobile phones

Check your phone GPRS ready by browsing any website.

Click on Exchange ActiveSync

    In the Email ID option enter complete email id i.e. test@email.com

    In the Server URL feed in exmail.net4india.com

    In the User Name enter test

    In the password field enter the password to your account

    In the Domain filed do not enter any thing

Click on Save to complete the configuration

For Iphone Check out Youtube video Iphone