Rules For Securing Your Own Email:
1. You can’t secure your email if you use a cloud email service except via the tools provided by the email service
2. Your router and your firewall are all you need to secure your own email server. This requires a simple understanding of how internet addressing works.
First, understand that a domain name has no real significance in addressing. All addressing boils down to an IP NUMBER and a PORT NUMBER. The ip number, v.w.x.y, is the equivalent of a building address. The port number, z, is the equivalent of an apartment number. The two are expressed together as v.w.x.y :z.
With respect to email, the port numbers 25 and 587 are used to send email. The port numbers 143 and 993 are used to retrieve email in an IMAP fashion as opposed to 110 and 995 in a POP fashion.
So how do I block out unwanted hackers or spammers. First, my ROUTER must block out all unused ports, ie, empty apartment numbers. But it has to let through all traffic to the ports in use, ie, ports 25 and 587. This is accomplished via PORT FORWARDING, which is a function in your router to direct traffic addressing a port to its ultimate computer program, ie, destination.
Secondly, I have to use the firewall to block out the ip numbers (addresses) of unwanted visitors trying to hack my computer. These are found by inspecting the email server log. The hackers become quite obvious in the log.
Oh, wondering about my ip address? It is the ip assigned to me by my internet service provider. The isp forwards all internet traffic calling out this ip address to my router which begins sorting out what ports go to what computers I have on my local network.
What is my local network? That’s everything I have wifi-ed or physically attached to my router. And how do ports get connected to programs? Once the router directs a specific port to a specific computer, the programs (apps) have to be told what ports to “LISTEN” to.
So what has domain naming got to do with anything? First, we have to know that a domain is a fancy word to identify the digital hardware and software resources belonging to a specific owner. So I have two main domains that are identified as trcooper.com and aaarrrg.com. These names get resolved (translated) into the ip addresses where they reside(hosted) by an INTERNET DOMAIN NAME SERVER (DNS) which is nothing more than a lookup service, like a phone book or 411.
So, getting back to the actual residency of my domains, the trcooper.com main domain is on the GoDaddy computers, whereas aaarrrg.com is on my home computer. These are where my websites reside.
But what about my email server? Where does it reside? This is where SUB-DOMAIN naming comes in. My email server resides on my home computer which is identified as a sub-domain of trcooper.com and identified as mail.trcooper.com. The dns server will direct all traffic calling out mail.trcooper.com to my home computer and not the GoDaddy computer. So it’s all like a company that has multiple addresses.
The only thing I have not covered is encryption which provides the ultimate security in digital communication. Another word that goes flying around is the word “protocol”. I find this word being so widely abused that it has almost lost its meaning. Basically, it is a predefined way in which two communicants can verify they are speaking to the right person. One of the first protocols was the “ack”- “nak” , acknowledge- no acknowledge. Different strokes for different folks. Ground control to major Tom. At the current time, it appears as though a protocol called TLS (transport layer security) is replacing SSL (secured socket layer) in two-way digital communications.