Share this Page URL

Chapter 8. E-mail Security > Spoofing and Spamming - Pg. 211

E-mail Security 211 Journaling all e-mail messages means that the administrator keeps traces of all the e-mail messages that are passing through. This means that he keeps the header information, such as who sent the message, who the recipient was, and what the subject line read. With journaling, the message body and contents are not usually kept. Just like archiving, the journaling records can be stored for weeks or years, depending on how the administrator has it set up. Most e-mail systems are backed up. If the server crashes, the administrator wants to be able to get it up and running as quickly as possible, hopefully with all the data and e-mail in tact. This typically means that all e-mail on the server is copied over to a tape, CD-ROM, or some other removable storage media. The tape or CD-ROM stores all of the e-mail and can be used to quickly restore the e-mail to the server. Any removable storage media can be kept for months or years. This means that just because you have deleted an e-mail message, it might not really be deleted everywhere. It might be stored as part of a backup for years. E-mail servers must be maintained, or administered. This is the basic process of tending to the server to keep it running and updated. The administrators have total control over the e-mail server. They can typically access anybody's mailbox and read the e-mail. They might actually do this if a legal or business reason arises. However, known cases have existed in which bad-intentioned ad- ministrators have read other people's e-mail for no lawful reason. In all these cases, the best means of protection you have is once again encryption. Using PGP, you can protect your e-mail from prying eyes, even if it is stored for years. We talk all about PGP in the second half of this chapter. Spoofing and Spamming Spoofing and spamming are two completely separate e-mail phenomena. When someone spoofs