Hardening the core to reduce vulnerabilities
Using best practices for securing the OS, the server is hardened during deployment, to reduce risks that arise from having a larger surface of vulnerability i.e. a server doing more than it is supposed to do. These include but are not limited to turning off/blocking unnecessary services, resources and access points, running a firewall on the server, providing a role based command line access control with audit logs to trace each and every action taken on the server, etc.
Besides this, the Mithi backend team regularly scans for new found vulnerabilities and publishes customer advisories with patches to mitigate the risks posed by these.
Securing User Access
Limiting Access to trusted networks with Access control
Administrators can setup policies on each service and for each user or group of users to restrict use of the services from un-trusted networks. The same control allows the administrator to choose, which services should be available to which users, allowing the organisation the flexibility to define the use of the services.
Secure authentication with strong Password Policies
Passwords are the single weakest link to the security of any system. To reduce risks from leaked and weak passwords, Administrators can enforce password policies like minimum password length, password complexity (rules to define the mix of characters in a password like minimum 1 special character, 2 numbers and the rest can be alphabets), password expiry (forcing a password change at the end of a defined period)for users and groups of users and password history to prevent users from reusing the same password in a defined period.
Keep out intruders with Account lockout
Baya can automatically block repeated attempts to login with a wrong password and alert the administrator of the failed attempts.
Use Authorization to limit use of services and features for different users
Typically it is not needed to provide all services/features to all users. It’s a generally a good practice to segregate users into their classes of use and limit their access only to the relevant services/features. This approach is akin to hardening at the Application layer to further reduce risk from exposing unnecessary services and also helps to optimize server resource utilisation.
Eliminate risk of sniffing and tapping by Encrypting the client-server communication
The POP, IMAP, SMTP, XMPP and HTTP services can be setup with TLS/SSL (Transport level security) to secure the channel of communication between the client (mobile, desktop or baya (web)) and the server, thus eliminating the risk of anybody snooping in on the conversation and stealing information.
Reduce risk of scripting attacks with Mail Sanitization
The Administrator can enable strict HTML mail sensitization to prevent cross scripting attacks by removing code in email, which may redirect users to rogue sites.
Securing Mail flow
Encrypt server to server communication to eliminate risk of snooping
The MTAs are equipped to transport mail over TLS to encrypt the mail data in transit, thus reducing risk of data theft by wire sniffing.
Control Mail traffic, Information theft and Resource overuse with extensive and granular Mail Flow Policies
Its been observed that a lot of security threats come from an unharnessed mail system, which allows all and sundry to send any kind of mail to anybody (internal or external). It is a good practice to establish a corporate mail policy framework, which prescribes for each user and group of users, what type of mail they can send, and to whom. Connect Xf is equipped with a strong mail policy framework, that allows the administrator to encode such corporate policies and control the mail flow.
The policies can be defined based on parameters such as sender, recipient, mail size, subject, contents, and attachments and can be used to control mail flow to/from users, and to distribution lists, e.g. the "testing team" can send mail ONLY to the internal users and the mail should be without any kind of attachments, ONLY the management team can send mail to the "everyone" distribution list, etc.
The solution provides an easy and intuitive way to define the policies for each entity: Allow universe and deny few (exceptions) or deny universe and allow few (exceptions).
Detect and Control internal spam/DOS attacks
Typically when client PCs get infected with certain types of viruses, they become spam generation agents. The virus hijacks the desktop mail client (typically MS Outlook) and pumps large volumes of mail to the configured outbound SMTP server using the authentication information remembered in the mail client. All this typically happens without the user's knowledge. To reduce impact of such attacks from within the network, the administrator can configure IP rate control to enable auto blocking of client IPs if they cross their allowed number of connections in a day and the administrator can also configure email id rate control to disable users automatically if they cross their threshold of sending mail in a day.
While it is doing the above automatically, the system also continually scans for any threshold overflows in normal usage patterns and sends out early warning alerts to the administrator if any anomaly is observed.
Disable automatic mail forwarding
Users may or may not be allowed to configure an autoforward option for all inbound mail to their mailbox. This can be configured granularly for a set of users, or the entire domain. Controlling this can go a long way in preventing data theft.
Disable masquerading with domain and email id Spoof check
In a normal insecure mail system, It has been observed that once a user authenticates, he can now relay mail with the from id/envelop id as something different from the authentication id, making it appear to the receiver that the mail came from another person. This means that technically one user can send mail on behalf of another (masquerade). To prevent this, Connect Xf is equipped with 2 types of spoof check viz. domain spoof check which ensures that mail originating from a trusted IP address (typically a branch email server or a mail gateway server) can only be from a trusted list of domains, and email id spoof check to ensure that the envelop from id, mime from id and the authentication id must all match for the mail to be accepted for relaying.
Automatically isolate Virus infected mail
The product has a built-in Anti-virus tool, to ensure that all mail traffic flowing through the servers is checked for virus. Infected mail are automatically quarantined to prevent spread of the virus through the system, and an alert is sent out to the recipient. The administrator can view the quarantine folder to review the filtered mail.
Automatically detect and mark Spam mail
The Connect Xf Server incorporates reputation and content based technologies to detect, control and mark spam on incoming channels, giving more than 98% spam detection accuracy. The reputation based technologies in play are Greylist, RBL, reverse PTR checks, return MX checks, Blacklists & Whitelists, etc. The content based scanning is implemented using SpamAssassin, an open source spam detection tool, which scans the contents of the mail for objectionable words and known patterns matched to spam signature database and marks the mail as spam. The marked mail are automatically filtered into the spam folder of each user for their review.
Easy Spam Management
The end users can manage their own spam by analysing a digest (report) of spam sent to the them daily or by browsing the spam folder where the mail marked as spam are deposited. This they can do from any client (web or desktop). The report and the Baya interface allows the user to release a mail falsely marked as spam (false positive), whitelist a sender such that in future mail from that sender will not be scanned for spam, blacklist a sender to block all further mail from that sender, or mark a mail as spam (false negative).
Mail Archival for Compliance and Recovery
Personal archival for securing a user's mail to retrieve on demand
Connect Xf allows you to configure archival for a select set of users, where a copy of every mail sent and received is deposited into a parallel read only mailbox for that user. This can be used to retrieve the entire mailbox for the user on demand or only seek out a few specific mail and forward them to the original account. The system can configure the retention period for mail in each of these personal archive accounts.
Compliance archival: Retain, Search, Comply
Keeping in line with government regulations and compliance policies, most enterprises are required to retain a copy of all mails sent and received for defined period. With the Compliance Mail Archival feature, retaining, storing and searching for a copy of mails exchanged by users or set of users becomes very easy. The mails are stored in a compressed and encrypted format which only the Administrators can access through the web based interface. They are stored and indexed on a separate partition of the server for the defined period and can be retrieved quickly for audit purpose.
Compliance archival: Retain, Search, Comply
The administration console via the GUI is secured with role based access to allow multiple levels of administration (concept of least privileges). Using the roles, the super administrator can define granular control over entities, fields/attributes of entities and operations. The same roles apply for operations done via the command line.
Trace changes with Activity Logging
The system maintains audit trails for each operation done by the administrators, and a trace of all the transactions and configurations done by the end users.