Jmail security

Are there any security advantages to using Jmail?
Are there any security advantages to any other email applications?  Like CDONTS, or any ohters?

Which is the most secure?

How can I make this secure, especially when the email is going through a firewall from the Internet and to the Internet
How can I increase security to make sure no one uses this email and starts sending spam from it, or WORSE...
Gemini532Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ridCommented:
"Security" is bit vague, I think. As in stable, not going down/crashing/causing weird problems? As in not being hacked from outside? As in protecting user data?

There doesn't seem to be a lot of security issues with the SMTP protocol (hacker-related), nor with any of the popular SMTP servers, or we would have heard about it by now, I'm sure. MS-based servers managed to get hacked through their web server (IIS, I believe it's called) and once you're in, you can of course do a lot of things... IIS have been patched since then. Imail comprises a web server as well, for the web mail service, but I haven't heard of one being hacked, which is good.

As for the spam issue, you can set relaying rules and restrictions in different manners. I bet all mail servers worth their name can be stopped from being open relays, by the application of decent realying restrictions.

So, for good preventions against external disturbances, you need a good firewall and secure applications on ALL servers that are accessible from outside (web, FTP, mail etc).

For stability and minimal downtime, you need stable O/S and good hardware. Applications are important as well; you need to choose stable server software.

And, of course, you need to be able to trust or restrict users, so that no malicious software is downloaded and run on a client; that could cause havoc, too...
/RID
0
Gemini532Author Commented:
What I need to know is if Jmail is any less secure than other ways of sending email.  I"m comparing the different programs.
I  know that you have to pay for Jmail.
So why pay?  Does it have stronger security, is it easier to code? etc?
0
Gemini532Author Commented:
Sending email through programs is very dangerous, right?  I mean because a hacker could start using this email to send his own spam to other people...  Am I right?
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

ridCommented:
Nor quite clear on your thought here; do you mean having an add-on application that sends e-mails? That could be a problem, if this program could be "hacked" and forced to do things beyond your control. Otherwise, you use a program to send e-mail everytime - you use your client (Outlook or Mozilla or Thunderbird or whatever) and you connect to the outgoing (SMTP) server, which runs another program (the mail server program).

The spam problem as far as outgoing spam is concerned, is handled by setting relaying restrictions on the mail server,. allowing only trusted clients to relay (send mail). If a client on a trusted network is compromised by a trojan or virus, it can send mail, because it is a trusted client; that is one source of spam. Another source is a badly configured mail server, which allows anybody to relay. Such servers are quickly found by spammers and used for their purposes. This can be avoided by configuring the server software properly. All of the known mail servers can be locked down, as far as I know.
/RID
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Gemini532Author Commented:
It's just that we're conflicted whether to use CDO or Jmail...
Which one is used the most often?  Which one do you recommend?  If a person is visiting out website and their computer does not have Java installed, will they still receive a confirmation email if we used Jmail to write the code where out application is sending confirmation emails to our clients automatically?
0
Gemini532Author Commented:
>>AnnieMod  -- You are right!   I should keep the questions open until I get the full answer I Need   :)

>>rid Your answer was very helpful, exactly what I need it...
Just a few more questions:
1.   The chances of Jmail being Hacked are they greater or the same as CDO (CDONTS)?  We're tying to find out if Jmail is posing an extra un-necessary threat to our security...

2.  How can we prevent our Jmaill application from being hacked by a add-on application that sends e-mails?
I used Jmail to write the code in applications which right now reside on the Internet, so anyone can get to them.  

How difficult is it to add a program that sends spam emails to my Jmail code?  How easily can this be hacked?  Does it pose a real threat?

I mean what do other people, who are super concerned about security, do when they have code on the Internet that send emails automatically?  Do they encrypt this code?

Should I encrypt it?  If so can you suggest either code or a link that explains how to do this encription?
0
ridCommented:
Hi again.

I'm afraid your questions are well above and beyond my scope of expertise. I know some of the standards involved, and a little about the common "commercial" mail servers out there, but your questions run to the very specific and involve coding, which I'm not into at all.

I suggest you post a link question in another topic area (like "Security" or something related to programming) and invite other experts here.

People who are very concerned about security probably don't use e-mail at all... or use an encryption function (several are available, even open source). The security of your server system or network is in all probability not going to depend on which e-mail server software you choose, but on other services that are running, with or without your knowledge. Such issues are best dealt with using a good firewall and good, stable operating systems and applications on servers and clients. Perhaps going into non-Microsoft country is a good idea...

Cheers
/RID
0
Gemini532Author Commented:
Thanks :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Software

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.