E-mail messaging security specialist Vircom announced the release of Email Security Grader, a free online tool designed to help IT and mail administrators evaluate the security of their mail infrastructure. The Website re-groups several tests, educates users and makes recommendations for each aspect of e-mail security. Once the test is complete, ESG presents the user with an e-mail security report, including a score and a rating.
The EmailSecurityGrader.com Website allows IT and mail administrators run a full e-mail security test suite on their domain. After analysis of a domain name’s mail infrastructure, Email Security Grader performs diagnostics on MX records, reverse DNS, SPF, DNSBL, Open Relay and SMTP/POP3/IMAP authentication. The user is then presented with a report of the analysis and given recommendations for improving system security and why.
“I am very proud to see Email Security Grader go live today” said Mike Petsalis, COO at Vircom. “This project is an employee initiative, what I call a 10 percent project. It was driven by our R&D staff, engineers and IT from start to finish. The developers wanted to share their knowledge and expertise outside the scope of corporate product road map and make it available for free on the Web. Email Security Grader is the result of this effort.”
In addition to providing an e-mail security tool, ESG offers community-building discussion forums where users can interact with the developers to exchange ideas, and debate and improve the tests and scoring algorithms of the test suite. Vircom offers a range of deployment options, proprietary anti-spam technology, complete Windows infrastructure integration, and products including modusMail, modusGate, modusGate VM and modusGate Appliance.
The IMAP Connection and Authentication Test checks whether the IMAP service responds on port 993 or 143 on the mail exchange server. If the ports are available, the IMAP server’s capabilities are examined. The Open Relay and Email Format Test examines the domain’s mail servers by using various combinations of “Mail From” and “Rcpt To” addresses, none of which should be considered valid on your system. Various invalid address formats (such as the % hack) are also tried.
“Our entire team-dev, QA, IT and Security Operations-mobilized their 10 percent to concentrate on a unified project to produce a result that reflected our very own technical know-how, abilities and passion,” said Vircom development lead Nicolas Riousset. “Most e-mail and IT administrators are running e-mail security software to protect their messaging infrastructure, yet many are integrating these solutions in insecure environments, thus compromising efficiency. ESG and Vircom are here to help and identify security flaws in their environment.”
Home Cybersecurity