SpamAssassin is included with all Kerio Connect licenses that utilize a Bayes self-learning mechanism to catch emails that contain similar ‘features’ to emails that have been previously flagged as Spam.While all of the features within this section prevent Spam, there are two primary Spam Filter providers available within Kerio Connect - Spamassassin and Kerio Anti-Spam. ![]() One of the most numerous options available to administrators is the spam filtration options within the Spam Filter menu. You can access these directly within the Content Filtering section of the Webadmin. While not commonly a source of security issues, it can be crucial to fully understand how you have configured any listed Relays, especially if you have disabled authentication requirements.īeyond the main security settings mentioned above, Kerio Connect has additional features that can be added on or enabled to further enhance the server’s security. This allows you to define the use of SSL/TLS for SMTP conversations when available and determine specific SMTP Relay Delivery rules. The SMTP Delivery tab is the final security-centric feature within this menu of WebAdmin. While unassuming, this section provides an enormous return on investment when properly configured. The Security Options tab provides many options for fine-tuning limits(such as max messages per IP or maximum email size) and DNS-related SMTP checks. This is a common area where security is unexpectedly impaired due to unexpected IPs within the IP Address Group or accidentally using the “Open Relay” option. The Relay control menu handles the configuration for who can send email using the Kerio Connect server. See Securing the Kerio Connect SMTP Server for more information on using these features. The security of the SMTP Server is tightly tied into the selections made, so being familiar with their functions can help ensure you are not inadvertently opening your server to unexpected threats. This menu of WebAdmin is primarily used for the configuration of the SMTP server itself. This allows you to set the minimal TLS version for both the inbound and outbound connections using any supported versions. Starting in version 9.4 of Kerio Connect, you also have access to defining your default TLS version via the TLS options tab. See Configuring Anti-Spoofing in Kerio Connect for more information on setting up the feature. This can act as the first line of defense against spammers that might spoof your email domain. Anti-Spoofing implements Sender Identify(via your SPF DNS Record ), which users must authenticate with to send an email using any of the local domains. The Sender Policy tab provides you with anti-spoofing protection options. You can define the user authentication requirements for connecting to the server, the authentication mechanisms to be used when secured connections are used, and refine the Login Guessing Protection settings. ![]() The Security Policy tab provides the bulk of the authentication-related settings available. You can review more about using these within Securing Kerio Connect. Note that many of these may play into your SMTP workflow - namely, the authentication methods selected. ![]() This menu provides the bulk of the non-SMTP-related standard security components (except for the special features such as AntiSpam, AntiVirus, etc., detailed later on). You can configure Kerio Connect’s fundamental security features from these two menus. Two main sections within WebAdmin provide you with several security-related settings - The Security menu and the SMTP Server menu.
0 Comments
Leave a Reply. |