Messaging service providers have many different security issues to watch for and a multitude of security threats to protect against. While the list of security challenges continues to grow, there are a select number of really critical issues -- let’s call them our “Top 3” -- that are center-stage for messaging leaders like Openwave Messaging.
1) Ensure Validity of Incoming Mail
Solving the issue of detecting and preventing SPAM while allowing all valid email messages through is a key focus for any large-scale email system. Because the SPAM detection and prevention issue is huge, it’s no surprise that there are many products and services available to combat this problem. Having served the messaging industry for decades, we learned long ago that when unwanted traffic is out of control, it greatly hampers the function of core messaging services, including email and voicemail, and makes these features unattractive and much less useful, both for the carrier and end users.
2) Choose the Right Approach to Block Unwanted Traffic
MAAWG reports that approximately 90% of email is identified as abusive and blocked, which means that for the end user the email service is usable. There are varying approaches used for reducing unwanted traffic. A typical 3-pronged approach includes; 1) Blocklists that limit the IP addresses allowed to send email to a system, 2) Good filtering software that automatically checks the content of the messages for viruses plus tries to identify add remove SPAM messages, and 3) A set of specific additional rules and functions implemented to try to catch unwanted traffic the intended recipient does not want.
The complexity of modern messaging and the types of message sent means systems are pushed to their limits at times and it’s a battle between the email service managers using the anti-abuse systems and the spammers/bad guys. We need to remember also that all the time the mail system is trying to deliver valid and wanted email service to the users. It’s a constant balancing act.
The adoption and growth of IPv6 is changing the landscape and rules. Blocklists are not going to work well as going forward. Discussions are in progress as to how to use reputation and white lists as well as other systems in this new massive IP address space world. As part of this the number of potential source systems for email (both valid and invalid) are escalating. The risk of getting spammed by your household appliances, such as your fridge may not be that far away!
Openwave Messaging continues to work with many vendors in this area to ensure that customers have the best options available. We just announced a partnership with Commtouch to address the growing email security problem. Click here to read the announcement.
3) Just Stopping Spam is not Enough
While spam avoidance is important from a security perspective, its not enough for email providers. Access to mailboxes is critical. If the users mailbox is compromised (whether they know it or not) problems can escalate for both the user and the provider. A comprised email account can affect the operator’s reputation and can even circumvent the systems put in place to thwart the spam messages. Having a platform that protects against brute force attacks while enforcing good password security is obvious, but there are limits to what can be done in this area. In many cases, due to the type of service offered by email providers, comprised accounts can create other “child” accounts. Even when a mailbox owner is not directly impacted by a compromised account, this can become a big problem, creating what we call “bad guys” local to the system.
Secure web page tools such as simple captcha’s and security questions have helped reduce the vulnerability, but users generally have bad password discipline. No security system is perfect either and tools like captcha can and have been broken by attackers. Proactive reporting and management systems are required to ensure that operators know what is happening on the system, to help track what unusual patterns and logins occur.
A hidden problem in this area is the issue of what to do if a compromised user/account (either PC or mail account) is identified. Telling users about the problem and getting them to resolve it generates a whole different set of challenges. If handled well, it can turn a customer into a strong advocate for the operator’s service. If done badly it’s likely a user will move their email service and possibly all their business elsewhere.
In many cases, the sheer nature of email and other messaging protocols mean that it’s hard to stop such attacks, but good reporting and filters can often track and limit a carrier’s exposure. The Openwave Messaging platform continues evolving and adding features to help in this area, but this is still an arms race and the systems must provide clean and fast email access for users while protecting them at the same time.
In summary, mail platform security is complex and needs to be treated with care and respect. While there is no single answer to the problems that exist, there are a certainly areas to pay close attention to and our Top 3 is a good place to start.
By Mark Ellis, CTO - Americas, Openwave Messaging