7 Deadly Sins of Windows Mail Server Misconfigurations

Web MailServer

Web MailServer

No matter what mail server system you’re the administrator for; there are a few things you need to keep in mind in terms of avoiding mistakes on a Windows mail server.

1-Plain Text Exploits

It’s important to make sure your Windows mail server is set to disallow plaintext authentication and that it uses encryption or else there will be seriously exploits possible within the system.

2- “Server Not Found” Errors

If you’re getting these types of errors, it can mean that your Windows mail server isn’t configured properly in a few specific ways. For example, you might realise that you have the wrong port settings. It’s worth checking to see whether port 25 is blocked, for example. It can help to switch your local email client to a better port such as 5827. It can also mean that you have a DNS problem. In some cases, it may very well be that you need to wait for the DNS to propagate to your Windows mail server. This can take a day or two depending on the settings.

3-Open Relay and Spammers

The entire point of an SMTP protocol is to get mail that’s coming through to get to its destination address. This is just as important with Windows mail server as with any other server type. The problem is that the open relay can let spammers access to your Windows mail server to add noise all throughout the area. This is because this is the quickest way to get through the system. It always helps to use open relay tests to make sure that your system isn’t accidentally set to open relay. You don’t want to open the door of your Windows mail server to spammers or they will completely wreck your system. It’s better to make sure the door is closed first.

4-Failing to Scan Mail on Both Ends

Both inbound and outbound mail is important when it comes to Windows mail server integrity. It’s important to scan all mail coming in and out of the system. This includes a host of potential problems including malware, attempts at “phishing,” and so on. The term “phishing” refers to people who pretend to be from a legitimate site that email recipients frequent in order to get their passwords. Phishers use this approach to get credit card, banking, and other sensitive information. This means it’s important to scan for such potential problems and keep them out. But there’s obviously a lot of other potentially inappropriate content going through your Windows mail server as well that you should scan for. It helps to make sure that the company you work for has a solid “Acceptable Use” policy and that standard corporate disclaimers are attached to outbound email. But this might not be enough all by itself. You should also scan it all to make sure there are no infected files flying around in outbound email.

5- Failing to Set Good Limits

It’s true that your Windows mail server will probably have a huge amount of data to play around, including terabytes of it or more. But this doesn’t mean that it can’t be used up in a hurry if you don’t set limits for file sizes that are reasonable for a mail server for windows.

6-Bad Use of Banner Info

While it’s possible to use the email system to seal information from people, it usually takes a lot of effort and training to accomplish this, which is why a lot of people use automated systems instead. This is why it’s important to reconfigure Internet accessible email servers so that there’s a custom banner there that doesn’t give out any information about the Windows mail server.

7-RFC Name Errors

It’s important to recognise the RFCs as the critical rules that they are. It’s important to configure certain mailboxes on a domain to make sure everything runs smoothly. Without the postmaster and abuse boxes you could have configuration problems on your Windows mail server.

If you avoid these 7 mistakes, you’ll tend to do much better in the long run in terms of making sure the Windows mail server runs smoothly.

Advertisements