New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
E-Mail Security IMAP
Hello everyone,
is there any way to protect yourself from hackers regarding mail servers ? Assuming you have a mailhosting with Mxroute or any webspace with a provider with IMAP mailbox, then the only security is the email password. Is it possible to secure this somehow with 2 way authentication or similar ?
Comments
Not to say that MFA wouldn't also be good, but I would assume the Mxroute also uses a firewall to limit password guessing attempts. Even the free ConfigServer has some nice options for this.
IMAP doesn't support two factor auth. JMAP does but not everything supports it yet.
You need to understand the threat model here. Why would anyone try to brute
your mailbox, assuming you have a strong password in the first place? 2FA here
is really redundant, and is usually complicates stuff with web tokens and other auth
methods. Assuming you use just authenticated email to fetch/send from, you should
be totally fine with a strong password and that's it. Gmail is different, since it's your entire
Google account we are talking about, with Youtube, drive, and other shit.
Also a good anti-virus. A virus going around right now seems to pull off stealing your password from Outlook config, best I can tell. I've got some pretty heavy mitigations for catching it and locking down accounts though.
That is already what I consider semi targeted attacks. If we are talking about macros and malicious
scripts whatsoever. Well, not a big fan of antivirus, if that's what you refer to. They suck on their
signatures. It's just since last year MS finally nuked macros, and other malicious stuff by default.
Honestly just don't download weird attachments, but the number of people who do it anyway is admittedly alarming.
If I was you I would nuke it at rspamd rule. Or at least put it in a dedicated folder for the
benefit of your clients. I'm sure the benefit will overcome the false-positives.
On the inbound they keep changing patterns and virus signatures, it's been.... hell
For many who never housekeep their e-mail, it's a treasure trove of username/password combinations sent from poorly designed sign-ups, and a goldmine for identity theft.
Aye. Though it's worth noting, success from credential stuffing is so high that brute force has taken a distant second place in effectiveness.
Tbh, I think that virus I mentioned might actually be second place. At least for my customers. Basic brute force protection mostly eliminates it, just makes it too high cost.