Email Gateway – Best Defend Against External Email Threats

An email gateway (aka external SMTP server) is a server where all incoming and outgoing emails are processed and typically provide the following service:

• Anti-virus scanning on all inbound and outbound emails
• Anti-spam Management
• Quarantine Email
• Company email policy implementation such as message size permitted, allowable type of attachments, etc.
• Automatic logging and archiving of usage logs.

A typical email gateway architecture is shown below. All outgoing or incoming external emails are routed through email gateway whereas all internal email stay within company internal network and are handled by email server such as Microsoft Exchange.

The email message flow from Mary in Company1 to Joe in company2 is shown below.

There are many risks associated with unsecured email services and it is important to configure email gateway to minimize these risks. Some of the recommendations are:

• Every company should have email policy such as message size which needs to be implemented at Email gateway. The employees also need to be aware of this policy.
• The email policy should be monitored at Email gateway to make sure employees are compliance with Email policy.
• Most the social engineering attacks are spread using email and it is vital for company to make sure its employees are aware of these risks and know how to report them.
• Government agencies normally make use of email marking to make sure that sensitive emails are not sent over the internet. Email gateway can be configured to make sure that emails are processed as per agency marking policy.
• All outgoing and incoming emails must pass through the email gateway.
• Company should configured Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) on email gateway to detect email spoofing.
• Company can enable Transport Layer Security (TLS) encryption as per RFC3207.

Email gateway solutions are offered by number of vendors and some notable are:

• Cisco Email Security Appliance
• Proofpoint Email Protection solutions
• Microsoft Exchange Online Protection
• Symantec Messaging Gateway
• Trend Micro InterScan Messaging Security
• Fortinet FortiMail
• Sophos Secure Email Gateway

Followings are the criteria you can use to select the best vendor for your email gateway solution:

• Check that email gateway solution offered by the vendors offer antimalware, antispam, antivirus and antiphishing as part of their standard offering.
• Optional security offering such as Data Loss Prevention (DLP), email encryption, email attachment security and advanced threat protection (ATP) mechanism.
• User friendly interface and easy to manage.
• Sophisticated reporting functionality – useful for higher management or clients.

[su_box title=”About Dr. Muhammad Malik” style=”noise” box_color=”#336588″][short_info id=’100137′ desc=”true” all=”false”][/su_box]