Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Jmail security

Posted on 2006-03-31
Medium Priority
Last Modified: 2006-11-18
Are there any security advantages to using Jmail?
Are there any security advantages to any other email applications?  Like CDONTS, or any ohters?

Which is the most secure?

How can I make this secure, especially when the email is going through a firewall from the Internet and to the Internet
How can I increase security to make sure no one uses this email and starts sending spam from it, or WORSE...
Question by:Gemini532
  • 5
  • 3
LVL 31

Expert Comment

ID: 16362610
"Security" is bit vague, I think. As in stable, not going down/crashing/causing weird problems? As in not being hacked from outside? As in protecting user data?

There doesn't seem to be a lot of security issues with the SMTP protocol (hacker-related), nor with any of the popular SMTP servers, or we would have heard about it by now, I'm sure. MS-based servers managed to get hacked through their web server (IIS, I believe it's called) and once you're in, you can of course do a lot of things... IIS have been patched since then. Imail comprises a web server as well, for the web mail service, but I haven't heard of one being hacked, which is good.

As for the spam issue, you can set relaying rules and restrictions in different manners. I bet all mail servers worth their name can be stopped from being open relays, by the application of decent realying restrictions.

So, for good preventions against external disturbances, you need a good firewall and secure applications on ALL servers that are accessible from outside (web, FTP, mail etc).

For stability and minimal downtime, you need stable O/S and good hardware. Applications are important as well; you need to choose stable server software.

And, of course, you need to be able to trust or restrict users, so that no malicious software is downloaded and run on a client; that could cause havoc, too...

Author Comment

ID: 16365530
What I need to know is if Jmail is any less secure than other ways of sending email.  I"m comparing the different programs.
I  know that you have to pay for Jmail.
So why pay?  Does it have stronger security, is it easier to code? etc?

Author Comment

ID: 16371998
Sending email through programs is very dangerous, right?  I mean because a hacker could start using this email to send his own spam to other people...  Am I right?
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 31

Accepted Solution

rid earned 2000 total points
ID: 16372454
Nor quite clear on your thought here; do you mean having an add-on application that sends e-mails? That could be a problem, if this program could be "hacked" and forced to do things beyond your control. Otherwise, you use a program to send e-mail everytime - you use your client (Outlook or Mozilla or Thunderbird or whatever) and you connect to the outgoing (SMTP) server, which runs another program (the mail server program).

The spam problem as far as outgoing spam is concerned, is handled by setting relaying restrictions on the mail server,. allowing only trusted clients to relay (send mail). If a client on a trusted network is compromised by a trojan or virus, it can send mail, because it is a trusted client; that is one source of spam. Another source is a badly configured mail server, which allows anybody to relay. Such servers are quickly found by spammers and used for their purposes. This can be avoided by configuring the server software properly. All of the known mail servers can be locked down, as far as I know.

Author Comment

ID: 16375875
It's just that we're conflicted whether to use CDO or Jmail...
Which one is used the most often?  Which one do you recommend?  If a person is visiting out website and their computer does not have Java installed, will they still receive a confirmation email if we used Jmail to write the code where out application is sending confirmation emails to our clients automatically?

Author Comment

ID: 16426646
>>AnnieMod  -- You are right!   I should keep the questions open until I get the full answer I Need   :)

>>rid Your answer was very helpful, exactly what I need it...
Just a few more questions:
1.   The chances of Jmail being Hacked are they greater or the same as CDO (CDONTS)?  We're tying to find out if Jmail is posing an extra un-necessary threat to our security...

2.  How can we prevent our Jmaill application from being hacked by a add-on application that sends e-mails?
I used Jmail to write the code in applications which right now reside on the Internet, so anyone can get to them.  

How difficult is it to add a program that sends spam emails to my Jmail code?  How easily can this be hacked?  Does it pose a real threat?

I mean what do other people, who are super concerned about security, do when they have code on the Internet that send emails automatically?  Do they encrypt this code?

Should I encrypt it?  If so can you suggest either code or a link that explains how to do this encription?
LVL 31

Expert Comment

ID: 16428009
Hi again.

I'm afraid your questions are well above and beyond my scope of expertise. I know some of the standards involved, and a little about the common "commercial" mail servers out there, but your questions run to the very specific and involve coding, which I'm not into at all.

I suggest you post a link question in another topic area (like "Security" or something related to programming) and invite other experts here.

People who are very concerned about security probably don't use e-mail at all... or use an encryption function (several are available, even open source). The security of your server system or network is in all probability not going to depend on which e-mail server software you choose, but on other services that are running, with or without your knowledge. Such issues are best dealt with using a good firewall and good, stable operating systems and applications on servers and clients. Perhaps going into non-Microsoft country is a good idea...


Author Comment

ID: 16436672
Thanks :)

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
The purpose of this video is to demonstrate how to set up Lists in Mailchimp. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mailchimp account. : Click on Lists. Click on Create List Button : Choose the desi…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question