Managed Services
With a managed service, all email messages are sent first to an offsite service that filters email, as Figure 2, shows. This service then forwards valid email messages to your organization's mail server.
For this strategy to be effective against direct attacks that use mail protocols, the internal mail server must not accept any connections other than those that the managed service initiates. However, such services work for inbound email traffic only. Outbound traffic is still sent directly to other servers on the Inter-net, enabling possible exploits that use mail protocols (e.g., a receiving mail server exploits a buffer-overflow vulnerability in your sending mail server's software during the SMTP transaction).
Integrated Software
Finally, you can install integrated software to help protect your mail server. This locally installed software hardens servers against network attacks. Often, integrated software works at the application layer (i.e., SMTP) to protect a server from exploits. Some integrated software replaces a server's local TCP/IP stack with a customized hardened version. More often, however, local filtering software works in conjunction with the mail software rather than creating a wall between it and external systems. Integrated software that takes this approach can help if an attacker has direct access to the mail server (e.g., if a trusted internal user initiates the attack). . . .
Register
