Which of the following will help control unauthorized access to an e-mail server?
A.
Disable CGI scripts
B.
Prohibit relaying
C.
Limit the number of e-mail messages a given account can receive in a day
D.
Scan all e-mail messages at the firewall or SMTP server
Explanation:
The issue is to prevent a payload being sent as an attachment to an e-mail message. A dangerous payload could be a virus, Trojan horse, or other damaging code segment that when executed can take over or gain unauthorized access.
Also, with proper scanning techniques, e-mail messages for users not serviced by the local e-mail server can be discarded. This prevents undeliverable e-mail from entering the system. In order to get e-mail through this scan, it would have to be destined to a valid e-mail account.
Incorrect Answers:
A: Disabling CSI scripts would be desirable, but then you lose the services provided by those scripts, which would have to be rewritten in another language. Otherwise, if a WEB server is also on the e-mail server, then disabling would be reasonable.
B: To prohibit relaying would prevent the receipt and delivery of mail. Relaying is sometimes required, and beyond you control to configure it.
C: This is desirable, because if I send millions of e-mails to a single server, I can fill up the mail directories and disable the e-mail server. However, this does not gain unauthorized access, this fills up the queue and causes a denial of service.