Alibaba Mail Security Enhancement
Alibaba Mail security features include secure mobile phone, IP login restrictions, two-factor authentication, third-party client security password, etc. If the following security enhancement schemes are met, please enable them as far as possible.
It is recommended that enterprises periodically check for gaps in the following scenarios. For some employees who have been informed of security risks but have not done a good job of security protection as required by the company, they can reclaim some permissions of login, sending and receiving.
Login Security
You are advised to retain the optimal rights for daily use of accounts and retain non-essential rights for services. For example, disable the SMTP service. Strengthen the security protection for necessary usage scenarios and enable the security functions provided by Alibaba Mail. Proceed the regular inspection and safety promotion within the enterprise to maintain constant safety.
Third-party Email Client(use SMTP/IMAP/POP protocol to login)
1. Accounts that need to use the third-party client
It is strongly recommended that you enable the third-party client security password. The third-party client security password is an independent password used exclusively on the third-party client. After the security password is enabled and generated, you must use the password to log in to the third-party client. Otherwise, the login fails. After enabled, it can be used for a long time. If it is no longer used, delete it from the Settings on the Webmail.
Advantages:
1) The security password is a highly complex string by default;
2) The client only needs to configure the account secret information once, which will be hidden, and there is no need to configure repeatedly and record separately, reducing the risk of disclosure;
3) Support to generate multiple independent security passwords for different clients, so that users who have the habit of using third-party email clients can continue to use them without interfering with each other.
How to enable the third-party client security password | |
No | Method |
1. Enable by the admin | How to Enable The Third-party Client Security Password by Email Admin? |
2. Enable by the employee | How to Open and Use The Third-party Client Security Password? |
2. Accounts that use the third-party client not very often or not use at all
We strongly recommend turning off standard protocols. For the account that only uses Alibaba Mail client or has not been used for a long time, you can disable the standard protocol and disable the use of third-party clients, and at the same time block the possibility of hacking the password and accessing the mailbox through the password alone. If all the accounts does not use the third-party client, you can directly enable the switch to disable the use of the third-party client in the domain management page.
How to Disable the Third-party Client Access | |
No | Method |
a. Can be disabled for account | How to Turn-off /Open the POP3 or IMAP Protocol for Accounts? |
b. All personnel prohibited | How to Enable or Disable the Third-party Client Access Feature? |
About the Alibaba Mail Client
It is strongly recommended to enable two-factor authentication. If you log in to Alibaba Mail client after opening, you will be required to use other factors other than the account password for secondary authentication, which can prevent hackers from using Alibaba mail client to log in after the password is known to them. You can restrict and disable the login permission of the end that does not require daily login.
Alibaba Mail Client Usage Security | |
No | Method |
a. Two-factor Authentication | |
b. Access Restriction | What Is Access Restriction of Owned Client and How to Enable It? |
About the Password Security
It is recommended to maintain the password strength. Email is a kind of open product, and the open means that the global mailbox service supports a common standard protocol to access its own service by default, which is expressed in the form that users including hackers can use Outlook, Foxmail or script to access any mailbox. The standard protocol (SMTP\POP\IMAP) only supports an authentication mode of "account + password", which is not enough to better protect the security of the account. If the account is exposed on the public network and the password is not changed for a long time, the password is easily misused. The effective way to maintain password strength is to change passwords regularly and update strong password rules regularly.
How to Keep Strong Password? | |
No | Method |
1 | |
2 | How to Set Which Keywords Cannot be Used as Email Passwords? |
Analysis and Processing of Abnormal IP Login Records
1. Log in by user
It is the user who logged in, but due to the change of the service IP or network IP of the login terminal.
2. Not log in by user- Security Enhancement
Based on the login IP address (region), time, and login method (IMAP/POP3) displayed in the login record, it can be determined that it is not the user or a colleague with permission. Please change the email password as soon as possible, enable the security function of the email as required (two-factor authentication, disabling standard protocols, and prohibiting third-party client login), blacklist abnormal IP addresses, and check whether there are abnormal settings and abnormal emails in the email box. Abnormal emails can be deleted or withdrawn.
How to Reduce the losses after theft? | |
No | Plan |
a. Change the password | |
b. Enable the security feature | What Is The Multi-factor Authentication? How to Enable The Third-party Client Security Password by Email Admin? How to Open and Use The Third-party Client Security Password? How to Turn-off /Open the POP3 or IMAP Protocol for Accounts? How to Enable or Disable the Third-party Client Access Feature? |
c. Others |
|
Email Receiving and Sending Security
About Receiving and Sending Management
For the important business of the enterprise, it is recommended to make audit and monitoring rules for the mailbox that will receive and send such business emails in advance. If the audit fails, the email cannot be sent, and the leader can pay attention to the important emails sent and received by employees at any time.
For daily encountered spam, it is recommended that in addition to submitting to Ali, the mailbox management background can also regularly add filtering rule samples. Certain types of emails that are not collected can also be directly deleted by setting filtering rules, reducing the risk that employees may be recruited due to weak security awareness.
It is recommended to set the permissions of email groups within an enterprise and set who can send emails to this group. For service groups within an enterprise, you are advised to set only members of this email group can send emails to this group. At the same time, you can set the email group audit function. The email sent to the email group can be successfully sent only after it is approved by the email group auditor.
For important services within the enterprise, you are advised to disable the automatic forwarding function for the accounts that will send such emails in advance to prevent employees from forwarding them to their own or non-enterprise email addresses.
If the enterprise requires an account that can only send and receive emails internally, the admin can turn off the permission to send and receive emails in foreign domain in advance.
How to Control Sending and Receiving Permissions in Advance? | |
No | Plan |
a. Email Monitoring | If the management of important services needs to pay attention to the emails sent and received by employees, they can set up monitoring and backup a copy of the emails sent and received by employees to their own mailbox. |
b. Email Audit | Important service mailbox (or departments can set them as required) can send emails only after being approved by the management. |
c. Email Filter | The spam can be set to deliver in the spam folder/ directly deleted/ returned according to the set filtering rules. |
d. Mail Group | You are advised to set the permissions of important mail groups required by the enterprise in advance and set who can send emails to this group. You can also set the auditor to approve before sending successfully to the mail group. |
e. Auto Forwarding | To prevent employees from automatically forwarding emails after receiving them, or even if important emails within the enterprise are automatically forwarded to employees' personal email addresses or other external mailboxes, you can disable the auto forwarding function in advance.
|
f. External Email Sending and Receiving | The enterprise requires that the account that can only send and receive emails internally shall be closed in advance.
|
About External Mails Warning
External Mails Warning is a function set by the enterprise to display the notification level based on the sender address in the receiving scenario. The administrator can customize the notification for external addresses in the domain management page, including general alert for sender name and advanced alert for sender name and sender address. It is also possible to send emails from whitelisted domains without warning.
The threat of information security has become a problem that the world is facing all the time. To this end, Alibaba Mail has always maintained continuous efforts in cloud security protection to ensure the security of the mailbox. Alibaba Mail Security specifically covers security policy, organizational security, compliance security, data security, access control, personnel security, physical security, infrastructure security, system and software development and maintenance, disaster recovery and business continuity and many other topics. But the actual information security threat involves many factors, among which the biggest threat is man-made threat. Therefore, security protection depends not only on product functions, but more importantly, we as users should understand information security knowledge and improve information security management awareness, so as to better respond to these threats.
Phishing Email Protection Security Guide
Note: Please keep in mind that any email that asks your account password and jumps to external links is a phishing email, which is untrustworthy. Please immediately report it as spam and delete it! And don't click on any links and attachments in the email!
The commonly Used Phishing Email Tricks:
Stealing official website images, using themes to attract users' attention, pretending to be senders, pretending to be trusted link addresses, scams through email attachments, scams through email images, etc.
No | Guidance |
1 | |
2 | |
3 | The Method of Confirming the Identity of The Sender of The Inexplicable Email |
Self-inspection and Self-correction
Note: Please be aware that the safety function can help us to improve the safety level of the product, and please also be vigilant to check whether there are daily negligent behaviors that may have safety risks, and check whether the product safety function is really enabled.
What to Do If the Email Account Is Suspected to Be Stolen:
Don't panic, analyze the problem rationally and solve it reasonably. See if the account is really stolen, check and correct the abnormal settings of the email account, deal with abnormal emails, and turn on the security function.
No | If it is found that the account is stolen, the possible causes of theft are analyzed | ||
1 | When the same account logs in to another site or service system, the password is obtained | ||
2 | Other sites with the same password are attacked to obtain the password library | ||
3 | Visit the website with Trojan virus | ||
4 | The email client environment is poisoned | ||
5 | Others | ||
What Should I Do If My Mailbox Is Suspected to Have Been Stolen? |