friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaj4_5.4.0.1/rzaj45zoemail.htm

132 lines
9.1 KiB
HTML
Raw Permalink Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="E-mail security" />
<meta name="abstract" content="Using e-mail across the Internet or other untrusted network imposes security risks against which using a firewall may not protect." />
<meta name="description" content="Using e-mail across the Internet or other untrusted network imposes security risks against which using a firewall may not protect." />
<meta name="DC.Relation" scheme="URI" content="rzaj45zrscenario1risks.htm" />
<meta name="DC.Relation" scheme="URI" content="../rzalx/rzalxsecterms.htm" />
<meta name="DC.Relation" scheme="URI" content="../rzaja/rzajagetstart.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaj45zpftpsolutions.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaj40a0internetsecurity.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1999, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1999, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzaj45zoemail" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>E-mail security</title>
</head>
<body id="rzaj45zoemail"><a name="rzaj45zoemail"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">E-mail security</h1>
<div><p>Using e-mail across the Internet or other untrusted network imposes
security risks against which using a firewall may not protect.</p>
<p>You must understand these risks to ensure that your security policy describes
how you will minimize these risks.</p>
<p>E-mail is like other forms of communication. It is very important to use
discretion before sending any confidential information through e-mail. Because
your e-mail travels through many servers before you receive it, it is possible
for someone to intercept and read your e-mail. Consequently, you may want
to use security measures to protect the confidentiality of your e-mail.</p>
<div class="section"><h4 class="sectiontitle">Common e-mail security risks</h4><p>These are some risks
associated with using e-mail:</p>
<ul><li><img src="./delta.gif" alt="Start of change" /><strong>Flooding</strong> (a type of denial of service attack) occurs when a system
becomes overloaded with multiple e-mail messages. It is relatively easy for
an attacker to create a simple program that sends millions of e-mail messages
(including empty messages) to a single e-mail server to attempt to flood the
server. Without the correct security, the target server can experience a denial
of server because the server's storage disk fills with useless messages. Or,
the server stops responding because all server resources become involved in
processing the mail from the attack.<img src="./deltaend.gif" alt="End of change" /></li>
<li><img src="./delta.gif" alt="Start of change" /><strong>Spamming</strong> (junk e-mail) is another type of attack common to e-mail.
With increasing numbers of businesses providing e-commerce over the Internet,
there has been an explosion of unwanted or unrequested for business related
e-mail. This is the junk mail, that is being sent to a wide distribution list
of e-mail users, filling the e-mail box of each user. <img src="./deltaend.gif" alt="End of change" /></li>
<li><strong>Confidentiality</strong> is a risk associated with sending e-mail to another
person through the Internet. This e-mail passes through many servers before
it reaches your intended recipient. If you have not encrypted your message,
a hacker can pick up and read your mail at any point along the delivery route.</li>
</ul>
</div>
<div class="section"><h4 class="sectiontitle">E-mail security options</h4><p>To guard against flooding
and spamming risks, you must configure your e-mail server appropriately. Most
server applications provide methods for dealing with these types of attacks.
Also, you can work with your Internet Service Provider (ISP) to ensure that
the ISP provides some additional protection from these attacks.</p>
<p>What
additional security measures you need depend on the level of confidentiality
that you need, as well as what security features your e-mail applications
provide. For example, is keeping the contents of the e-mail message confidential
sufficient? Or do you want to keep all information associated with the e-mail,
such as the originating and target IP addresses, confidential?</p>
<p>Some
applications have integrated security features that may provide the protection
you need. Lotus
Notes<sup>®</sup> Domino<sup>®</sup>,
for instance, provides several integrated security features including encryption
capability for an entire document or for individual fields in a document.</p>
<p>In order to
encrypt mail, Lotus
Notes Domino creates
a unique public and private key for each user. You use your private key to
encrypt the message so that the message is readable to only those users that
have your public key. You must send your public key to the intended receivers
of your note so that they can use it to decipher your encrypted note. If someone
sends you encrypted mail, Lotus Notes<sup>®</sup> Domino uses the public key of the sender
to decipher the note for you.</p>
<p>You can find information about using these Notes<sup>®</sup> encryption
features in the online help files for the program.</p>
<div class="p">For
more detailed information about security for Domino on the iSeries™, see these references: <ul><li><a href="http://www.ibm.com/eserver/iseries/domino/library.htm" target="_blank">Lotus<sup>®</sup> Domino reference library</a>. <img src="www.gif" alt="Link outside Information&#xA;Center" /></li>
<li><a href="http://notes.net/notesua.nsf" target="_blank">Lotus
Notes user assistance web site</a>. <img src="www.gif" alt="Link outside Information Center" /></li>
<li><a href="http://www.redbooks.ibm.com/pubs/pdfs/redbooks/sg245341.pdf" target="_blank">Lotus Notes and Domino R5.0 Security Infrastructure Revealed</a> <img src="rbpdf.gif" alt="Link to&#xA;PDF" /> (SG24-5341).</li>
<li><a href="http://www.redbooks.ibm.com/pubs/pdfs/redbooks/sg245990.pdf" target="_blank">Lotus Domino for AS/400<sup>®</sup> Internet Mail and More</a> <img src="rbpdf.gif" alt="Link to&#xA;PDF" /> (SG24-5990).</li>
</ul>
</div>
<p>When you want to provide more confidentiality for e-mail or other
information that flows between branch offices, remote clients, or business
partners, you have a couple options.</p>
<p>If your e-mail server application
supports it, you can use Secure Sockets Layer (SSL) to create a secure communications
session between the server and e-mail clients. SSL also provides support for
optional client-side authentication, when the client application is written
to use it. Because the entire session is encrypted, SSL also ensures data
integrity while the data is in transit.</p>
<p>Another option available to
you is to configure a Virtual private network (VPN) connection. As of V4R4,
you can use your iSeries to
configure various VPN connections, including between remote clients and your iSeries system. When you use a VPN all
traffic that flows between the communicating endpoints is encrypted, ensuring
both data confidentiality and data integrity.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaj45zrscenario1risks.htm" title="Use this information to learn about common Internet security risks for a number of popular Internet applications and services and measures that you can take to manage these risks.">Application security options</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="../rzaja/rzajagetstart.htm">Virtual private network (VPN)</a></div>
<div><a href="rzaj45zpftpsolutions.htm" title="FTP (File Transfer Protocol) provides the capability of transferring files between a client (a user on another system) and your server.">FTP security</a></div>
<div><a href="rzaj40a0internetsecurity.htm" title="Your security policy defines what you want to protect and what you expect of your system users.">The layered defense approach to security</a></div>
</div>
<div class="relref"><strong>Related reference</strong><br />
<div><a href="../rzalx/rzalxsecterms.htm">Security terminology</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink