Last week in part 1 we looked at some rather extreme measures for keeping that demeritorious duo, spam and viruses, off our servers. Today we'll look at how to secure your users' email clients. The reason for employing layers of security at both the server and client level is simple, Grasshopper; do not depend solely on border defenses or the succulent soft underbelly of your network will remain at risk.
First Choose a Sensible Mail Client
I'm sure you've heard it a million times — “Don't use Outlook or Outlook Express.” It's darn good advice. Outlook is useful on an intranet, when you need the full scheduling, contacts, document sharing, and other groupware features. For Internet mail — well, its record speaks for itself. For those who really must use it, see Resources for tips on making Outlook not quite so insecure.
If all you need is a POP or IMAP mail client for Windows, Eudora, Pegasus, and Mozilla Mail are excellent choices. They are far less open to exploits, and they use generic mailbox formats instead of the “seekrit” proprietary formats of Outlook/Outlook Express. This makes disaster recovery and importing/exporting a lot easier, because the files can be read as plain text.
The Linux world is also full of excellent mail readers — Kmail, Balsa, Evolution, and Mozilla Mail, as well as the powerhouses Mutt and Pine for the