The suggestions below will greatly help to minimise the chances of your server from being used as a spam relay agent but does not guarantee it will not happen.
You should still use the Queue Monitor script to monitor the outgoing queues and notify you IMMEDIATELY by email and or SMS in the event of a possible attack.
- Implement and enforce a password policy within IceWarp where passwords cannot contain the username or alias and should be at least 8 characters long, contain 2 UPPERCASE and 2 Numbers.
- Domains & Accounts > Policies > Password Policy > Password Format
- Enforce regular password changes, some users may find this annoying so changing passwords every 6 months should be sufficient.
- Domains & Accounts > Policies > Password Policy > Password Expiration
- Enforce SMTP Authentication even for local users
- Mail > Security > General > Reject if originator's domain is local and not authorized
- Only allow relay if the domain is local
- Mail > Security > Advanced > Relay only if originator's domain is local
- Mail > Security > Advanced > Reject if SMTP AUTH different from sender
- Enable and use the integrated IPS for SMTP
- Mail > Security > Intrusion Prevention
- Purchase an SSL Certificate and make sure everyone uses https when logging into WebClient and SSL ports if using an email client (995,993,465)
- Remind users NOT to use the same password for their email and other internet accounts. For example do not use the same password for Gmail, Facebook etc.
- Setup and use our FREE Queue Monitor Script that will notify you by email and or SMS in the event of a possible attack