Shulou(Shulou.com)06/03 Report--

Zhong Zhi E-mail security protection system is a set of operating system based on Linux, which does not need to pre-install any operating system, completely uses web interface to control all functions, and has high stability, security and expansibility, and easy to use Web management. And with anti-virus, anti-spam, address book, mail audit, mail backup, PushMail, service management, V4/V6 coexistence, online real-time update, calendar and shared folders and other features, can be widely used in large and medium-sized enterprises, government agencies, schools and other types of users.

I. characteristics

1. High stability:

 is built on a high-performance Linux system

Users with a design capacity of tens of thousands of 

 provides dual-computer backup operation capability

two。 High scalability:

 supports distributed architectures, including mail storage, fast mail delivery, POP3 and IMAP.

There is no hindrance to the expansion of  function module

Unlimited capacity of  hard disk

3. No account user restriction and highly flexible application mode:

The number of  accounts can be added at any time and there is no limit on the number of accounts.

 provides local, AD and LDAP account establishment methods.

 has account application and group management account management mechanism.

4. High security:

 has the function of email firewall, which can detect whether the user has been subjected to malicious behavior and take protective measures.

 integrates email antivirus, email text filtering, and information review.

 completely controls the permission to send e-mail and restricts the IP and flow of access.

5. Easy to manage and use:

 provides all-Web friendly management interface and multiple reports.

 Outlook like webmail uses the interface

 personal and departmental calendar planning quickly, the schedule is clear at a glance.

II. System architecture

ShareTech email security protection system is an email software system developed on the basis of ISP-level mail traffic. Using ShareTech mail software, the processor can bring twice the processing efficiency and mail transmission speed, and can run stably on a variety of virtual platforms. The system can be operated and managed at any time through a browser, greatly reducing the construction cost of the mail system, and providing three guarantees of high stability, high scalability and high security. It is suitable for wide use in government, telecommunications, finance, education, manufacturing, service industry and so on.

Third, function description:

1. Basic functions of the mail server

◎ basic setting function: quickly set the host name, domain name and DNS of the mail server, and then import the account to run immediately.

◎ multi-domain: the same email host can establish independent email systems with multiple groups of different domains at the same time. For example, if two different domains, 123.com and 789.com, are in the same mail host, then sales@123.com ≠ sales@789.com

◎ mail automatic transfer: automatically to the old mail server, transfer each user's mail to the new mail server, support SSL, Start-TLS and credentials.

◎ mailbox usage exceeds notification: when the mail capacity of a user's account exceeds the set value, the ShareTech mail system will send notification letters to users and mail managers.

◎ queue management: in the message queue, the administrator can view the number of messages waiting to be sent in the message queue and the messages in the message queue that have been sent but remain on the server for some reason.

Limit on the number of recipients of ◎ users: the mail server can set a limit on the number of recipients. For example, if the number of recipients is limited to 20, the number of recipients of a single letter cannot exceed 20, so as to prevent users from wasting bandwidth by sending a large number of messages.

◎ identity authentication function: support local account and AD account verification function.

◎ multi-domain co-signature file: on the same email host, different domain can use different co-signature file, so that managers can design conveniently and flexibly in different domain. Email manager can add disclaimer to the system according to individual information law, or use it to become the best marketing tool of the enterprise.

◎ large file hyperlink setting: provides large file link function. When the attachment sent by the user exceeds the set capacity of the system, the attachment will be automatically converted into a hyperlink, and the recipient can download the attachment file directly by clicking the link.

◎ online security encryption: provide Web (browser) interface for setting and management, with HTTPS/SSL encryption link to ensure that users'e-mail will not be picked up and recorded by interested people.

◎ SMPT Agent: provides an agent host delivery mechanism to process all outgoing mail through the agent host. For example, when the mail host IP is blacklisted, causing all outgoing mail to be blocked, all mail sent by the mail server can be first sent to the ISP's mail server, and then forwarded through this mail host.

◎ forward mail: regularly or automatically forward specific mail to a specific account.

◎ provides RTF format conversion: for internal or external users to send mail in RTF format, in order to avoid the trouble of recipients, the ShareTech mail system converts it to the normal mail format in advance, and also retains the original mail format in order to avoid problems in the conversion process.

◎ service management: managers can know the current enabled status of all services through service management, including manager interface port number, user interface port number, SMTPS, POP3, POP3S, IMAP, IMAPS, DNS, personal cloud, Push Mail and other related services.

II. Mail Firewall

◎ mail firewall: there is a built-in mail firewall in the mail server. After setting the detection value, it will directly block the abnormal mail volume and the IP address of the mail.

◎ abnormal email traffic detection: senders who exceed the warning value will be blocked against the protection mechanism of sending emails to the outside by zombie viruses, or cramming emails to the email host, which prevents normal emails from entering.

◎ TRY account password: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

◎ authentication account does not match: the authentication account used to send the letter is not consistent with the sender's name in the message header, and there is a high proportion of sending junk mail.

◎ class blockade: class blockade of sender IP addresses that violate the email firewall, for example, 600 seconds for the first time, 900 seconds for the second time, and all after the third time.

III. Mail audit and filtering

◎ email content filtering: the filtering conditions can be based on sender, recipient, subject, content, capacity, attached file, message header. To filter letters and deal with the processing methods that meet the filtering criteria, such as isolating, deleting, blocking sender IP, sending notification letters, CC copies, and so on.

◎ mail audit: managers can dispose of important mail and authorized auditors according to the internal e-mail audit management rules. Auditors can carry out actions including release, return to the sender, deletion, delayed delivery and so on.

◎ personal information filtering protection: filter audit settings for emails with sensitive personal capital, and provide drop-down menu for managers to directly select check ID card number, credit card number, phone number, mobile phone number, date of birth and other personal information.

◎ audit: forbids sending and receiving mail on specific accounts. For example, a regulated account cannot send any mail to the Internet or receive mail from the Internet except for a specific domain.

4. Mail recorder

◎ mail record: all mail data can be recorded completely, whether sent out or sent in, and provide a friendly management search interface to provide managers with quick query.

No backup of internal ◎ messages: when the recorder is enabled, you can set exception rules, such as not recording internal messages or setting user accounts that do not record messages.

◎ email record search: provide email record query (Mail Log) and email log search, which can be queried according to date, sender account number, recipient account number, sender IP, subject, processing and other conditions.

E-mail anti-virus

◎ Clam AV antivirus engine: provides core embedded fully integrated Clam AV antivirus engine, adopts the architecture integrated by the mail core, and can detect more than 5 million kinds of viruses, worms, × × programs. Etc., automatically update virus files through the Internet every day.

◎ virus mail processing mode: built-in free Clam AV anti-virus software, managers can do two-way anti-virus filtering for letters, the handling of poisoned letters, can be recorded to the quarantine area, change the extension or email notification prompts.

VI. Spam management

◎ multiple spam identification engines: provide a variety of spam identification mechanisms, such as IP address credit rating, Bayesian filtering, automatic learning mechanism, automatic whitelist mechanism, spam feature filtering and spam fingerprint identification. Wait.

◎ spam automatic learning mechanism: after learning spam and normal mail, the automatic learning filtering engine can automatically correct the judgment mechanism of spam and normal mail, and increase the accuracy of spam identification.

◎ internal link filtering mechanism: ShareTech email system has built-in URL data, including language violence, violent websites, * *, backdoor programs, untrusted websites, illegal piracy, * *, * *, drugs, proxy filters, forwarding and online audio and video, etc., which can filter the text of letters and find illegal links.

The blacklist and whitelist setting of ◎ system: the manager defines the blacklist and whitelist of the system, and carries out special treatment for the blacklist mail.

◎ personal blacklist setting: users can customize personal blacklist and whitelist.

◎ gray list: the gray list filtering function belongs to the advanced spam analysis mechanism, which has higher accuracy than the general content analysis and provides more stringent filtering protection.

◎ IP anti-solution setting: the mail server that sets IP anti-solution is usually not the person who sends spam, so when the mail server receives the request from an external sender, it verifies whether the source IP address of the account has IP anti-solution, and if not, the mail is processed according to the setting of 'unverified processing mode'.

◎ spam handling and notification: will notify recipients in the list of spam quarantines, and provide a variety of disposal methods, such as downloading, adding whitelist, blacklist, etc., to facilitate users to retrieve messages from the quarantine area at any time.

7. Mail account management

◎ account establishment mode: provide a variety of account establishment modes, including manual account establishment, batch import, serial number establishment, automatic transfer, account establishment and AD server account integration. Wait.

◎ AD account integration: provide AD server account authentication function. In addition to logging in to the account, you can also synchronize organization, group account and other data into the mail server, allowing enterprises to integrate authentication and authorization of the same account.

◎ LDAP account authentication: after the account is established in the ShareTech mail system, all login accounts will be authenticated by the LDAP host.

Automatic transfer of ◎ mail account: automatically transfer the account of the old mail host to the new mail server without the intervention of the manager and reduce the trouble when the manager transfers the mail account.

◎ group account management: provide the setting of the group account personnel in the enterprise, and set up the group account according to the requirements of the task. When sent to the group account, all the people belonging to the group account will receive the same email, which increases the convenience of mail handling.

◎ department management: establish a department according to the actual operation of the organization, such as Engineering Department, Business Department, etc., and can give the department a group account, and all personnel belonging to this department will receive the same email.

Automatic application for ◎ mail account: users who need an email account can enter the application account page at WebMail and send the application, which can be used immediately after being examined and approved by the manager.

◎ password expiration management: after enabling this function, the mail server will ask the user to change his password within a set period. When the password expiration date is approaching, the system will send a "notification letter" to this account to remind the user to change his password as soon as possible.

8. Mail logs and reports

◎ mail log: complete mail log, which records user WebMail login and administrator usage in detail. You can query email, SMTP, list, event, audit, blockade, shared folder, account application, system on the management interface. And support full-text search function.

◎ SMTP log: detailed SMTP communication records, so that the communication process of each letter is fully presented, to find the best tool when the mail can not be sent or received.

◎ blocking log: senders, source IP addresses and protocols that are blocked by the email firewall will be recorded.

◎ log retention time: set log retention time according to demand or hard disk capacity.

◎ traffic statistics: provides multiple and easy-to-read statistics-including traffic rankings and personal traffic reports.

◎ diversified report: graphical report interface, managers can choose pie chart or bar chart style, report category includes mail quantity ranking, letter type distribution, spam source, audit processing method, audit isolation / deletion, inbound / outgoing ranking. Wait.

IX. Mail and system backup mechanism

◎ backup mode: data can be backed up by Samba, FTP or USB

◎ backup data retention method: for backup data, it can be retained by the way of fixed folder + fixed number of copies or by generating new folders according to the date.

◎ backup content selection: specify the items to back up, such as system settings, logs, quarantine messages, messages, bulletin board data, or shared folder archives. ◎

◎ system restore: provide system restore mechanism, the manager regularly back up to the designated network hard disk, FTP server, if the mail host has an unexpected situation, you can immediately restore the system configuration files.

X. Mail system management

◎ IPV4/V6 dual-band system: built-in IPV4/V6 dual-band DNS server to provide complete DNS service functions, such as DNS checking, reverse checking, A, AAAA records, etc., to solve the inconvenience and trouble of managers setting up DNS servers.

◎ real-time system information: including real-time system time, system resources, mail flow statistics, mail system services, system backup and hard disk-related use. . Wait.

◎ historical system resources: display historical system resource queries, such as CPU, RAM, hard disk read and write speed, network traffic and system load, etc.

◎ authority management function: manage the mail server according to the division of powers and responsibilities of the enterprise department, define the management functions that can be operated by the primary manager and the secondary manager after logging in to the management interface, achieve hierarchical authorization and reduce the chance of confidential data leakage.

◎ sharing contact authorization: the account of the shared contact is managed by the license. After logging in to WebMail, you have the right to add, delete and modify the sharing contact section.

◎ e-mail newsletter: provide electronic newsletter sending system (e-paper) to assist enterprises to carry out e-newspaper marketing and publicity, the use of network electronic marketing, time-saving, labor-saving and environmental protection.

◎ LOGO upload: enterprises / government organizations can change the equipment name and LOGO on their own to highlight the corporate image.

◎ system management language family: WebMail and management interface that support the operation of traditional, simplified and English languages.

◎ Push Mail (mobile phone, tablet): provides a Push Mail mechanism that allows users to take their mail with them, and instantly receive the latest email messages no matter where they are through the phone or tablet.

◎ firmware regularly checks for updates: the mail server's automatic update system checks whether the version has been updated to the latest version and downloads the latest firmware to the mail server. The manager only needs to press the update button immediately or schedule time to update the firmware regularly.

◎ testing tools: convenient for managers to maintain and manage, provide a variety of friendly management tools, including Ping testing, checking computer-enabled services, test mail function, DNS query tools.

◎ high availability HA: supports the backup function of network equipment HA (High Availability), so that when a single machine fails, the backup device can continue to operate on the network.

11. WebMail operation screen

◎-friendly WebMail interface: provides an interface similar to Outlook, and users don't need to spend more time learning to get started immediately.

◎ message drag: after selecting a specific message, you can drag and move to a new folder.

◎ message Preview: automatically preview the content of the message without opening a new window.

◎ image verification: the WebMail login page provides image verification function. When the user enters the wrong account password for more than 3 times, it automatically prompts for picture verification to prevent the password from being violently cracked and effectively reduce the probability of password cracking.

◎ email theme relevance: support the standard IMAP Thread function, relate the relevant email theme together, easy to read.

◎ refers to the address book: a way in which users can quickly add contacts to the address book. Just click the star icon in front of the received message to add it to the user's address book, add data immediately, or list it as a blacklist and whitelist.

◎ calendar: provides web-based personal calendar interface, including personal calendar event maintenance, day / month / year multiple view modes, event invitation, default announcement, public calendar and other functions.

◎ mail fast filtering: fast mail filtering search allows users to filter out the letters they are looking for more quickly, and the search results will be displayed as soon as you enter the relevant text in the quick filter search box.

◎ upload multiple files at the same time: when selecting attached files, you can upload more than one file at a time.

◎ multi-level folder: create a multi-level folder to classify and manage your own mail.

◎ shared folders: WebMail can add folders or upload or download files on the API, and classify these files, which are private and which can be made public, and can be shared openly to become personal cloud hard drives.

◎ Picture Preview: in the image file of the shared folder, you can use the way of picture preview without downloading it back to the client and then viewing the image file.

◎ delay setting: ensure the quality of mail delivery, and there is room for redemption if the letter is missent.

◎ automatic reply: allows users to set the contents of their letters automatically through WebMail, so that users can not reply to letters within a specific time, and can automatically reply to the sender to inform them of the situation.

◎ automatic or regular forwarding: users can customize the mail to be automatically or regularly forwarded to the designated recipient's mailbox, so that the letter can be forwarded to the job agent when asking for leave or business trip.

◎ personal email rules: once personal email rules are enabled, users do not need to slowly file a letter. The system directly applies the user filtering rules and automatically classifies the letters.

◎ personal signature documents: personal signature documents can insert words and pictures, and the contents of the signature list you set will appear at the bottom of every letter you send.

◎ flexible theme: provide different themes, typesetting and font sizes for users to adjust according to their own needs.

IV. Environmental requirements for the construction of mail security protection system

1. Email security system server-side computer requirements: (recommended requirements)

☉ mail.iso must be installed on a 64-bit virtual machine.

The ☉ virtual machine has at least 4 gigabytes of memory, and the bigger the better.

☉ HD: number of users x Quota (user mailbox size. Unit: MB) / 2 (estimate)

Bandwidth is supported for ☉ CPU at least above Intel P4: ADSL or Direct Connect.

two。 The computer requirements of the user side of the mail security system:

☉ browsers recommend MS IE 7.0 or newer version, which is supported by both FireFox and Google Chrome

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.