Abstract: With the development of Internet, the security problems of e-mail are becoming more and more serious, such as e-mail virus, e-mail bomb and password problem. Without proper protection, personal privacy and company secrets may be intercepted and browsed at any time. So what is the security problem of email? How to do a good job of email security protection? The following small series will introduce the knowledge about email security. First of all, what is the security problem of e-mail?

1, mail virus

"Mail virus" generally spreads through "attachments" in mail. Mail virus has become the mainstream of virus development. At present, most worms can spread by mail. The mail worm uses its own SMTP to send virus mail to the searched email address. Once a user opens an email with a virus or runs a virus program, the computer will be infected with the virus immediately.

2. Mail bomb

The basic principle of bomb attack is to use special tools and software to send a large amount of information beyond the receiving range of the system to the target machine in a short time, with the aim of overloading the other target machine and blocking the network, thus leading to the collapse of the target system and denial of service. Common bomb attacks include mail bombs, logic bombs, chat room bombs, Trojan horses and so on.

3. Password problem

Password is the first line of defense to prevent illegal access to e-mail system, but it is often underestimated or even ignored. If you want to set a good password, you must consider it from a hacker's point of view. For the cracker, birthday, telephone number, work number, etc. It is the easiest to remember in our life, but it is also the easiest to crack. Passwords should be composed of uppercase letters, lowercase letters, numbers and special symbols, and the length of passwords should be greater than or equal to 12 bits, and they should be revised regularly to improve the security of passwords.

Second, how to do a good job in email security protection

1, virus mail protection

Because e-mail usually has files, these files may be applications, documents or viruses. Therefore, when you receive emails, you should scan for viruses in time, especially when they come from suspicious or anonymous senders. In many cases, mails and attachments are stored in mail servers, and most anti-virus programs cannot access these information files, or can't effectively detect and delete viruses hidden in mail files. Even if some anti-virus programs in memory can detect infected files when they are opened, they can't be cleaned automatically.

The methods to protect e-mail viruses are:

① Use antivirus software to protect clients and servers. On the one hand, only the antivirus software of the server can access the personal directory to prevent viruses from invading from the outside. On the other hand, only the server's anti-virus software can detect and remove viruses on a global scale.

② Use specific Smtp antivirus software. SMTP antivirus software has a unique function. It can intercept infected emails downloaded from the Internet before they reach the local mail server, thus keeping the local network non-toxic.

③ Protect all servers, even if they are not connected with the outside world.

④ Use excellent antivirus software to protect the email system.

⑤ Protect the whole network instead of a part of it. For the virus protection of the whole network, it is recommended to use specific anti-virus software to protect servers and workstations in all directions.

Step 2 guard against mail bombs

(1) Prevention is the key to remove the threat of mail bombs.

The principle of mail bomb is to put enough or larger mail into a mailbox with limited capacity, so that the mailbox collapses. There are many such mail bombs, such as Nimingxin, Quickfyre, avalanche and so on. The use of bomb mail is also very simple. Fill in the recipient's email address, enter the sending times, select the SMTP host, fill in your own address at will, and press "Send" to start sending bombs. Use the following methods to avoid mail bomb attacks as much as possible: don't disclose your email address at will; Hide your email address; Use the automatic reply function carefully.

(2) Public key system

Public key encryption technology needs to use a pair of keys to complete encryption and decryption operations respectively to ensure the integrity and authenticity of e-mail. One of this pair of keys is publicly released, which is called the public key, and the other is kept by the user himself, which is called the private key. The sender of the information first encrypts the information with the public key, and the receiver decrypts the information with the corresponding private key. The encryption process is guaranteed to be irreversible by mathematical means, that is, the information encrypted with the public key can only be decrypted with the private key in the public key pair. A message signed by a user with his own private key can only be verified (decrypted) with the corresponding public key, so that it can be determined that the message comes from a specific user, because only that user has the right to use the private key.

(3) Prevention of monitoring

Externally, many Web-based e-mail systems provide the function of "remembering" user names and passwords. If the simple login option is mistakenly selected on the public computer, others will easily get the user's password and account. So make sure that the system will not save the user's login certificate in the cache; Be sure to log out when you are not using the email system.

Internally, when sending e-mail, e-mail is not sent directly to the other party's e-mail, but passes through an unpredictable number of intermediate servers. Anyone with access to any server on this path can read the message being transmitted. The transmission of e-mail is also related to distance. The fewer intermediate server nodes between e-mails, the lower the possibility of being snooped. Therefore, using digital certificates to help protect e-mail is the most common method.

(4) Other protective measures against attacks

A. System security measures

1. Network security: The cloud decryption platform system should set corresponding firewall policies and only open port 443 to provide services to the outside world.

Second, your own system security: update the latest version and system patches in time to ensure that there are no known vulnerabilities.

B. Identification in use

First, support strong authentication: support challenge response, two-factor authentication and equipment terminal authentication.

Second, support weak password detection: if users use weak passwords, remind them to change them.

C. Anti-phishing measures

I. Decryption platform certificate: Apply for SSL authority certificate of decryption platform.

Second, two-factor authentication: For high-security users who want to bind the user's mobile phone number, they need to enter a verification code to decrypt it. Even if the hacker obtains the decryption password, he can't log in to the cloud decryption platform.

E-mail not only brings convenience to people, but also brings great security risks. E-mail system is an important link in network security, which cannot be solved by simple technical means. We should combine management with technology, base on advanced technical means, rely on perfect management system and laws and regulations, and rely on the coordination and cooperation between operators and mail service providers to standardize the e-mail activities of all social subjects in order to achieve ideal goals.