Security

People who send and receive e-mail rely on their messaging systems to provide reliable and secure service. The following types of attacks can compromise the security of e-mail systems:

• Theft of or tampering with data. By "sniffing" packets or intercepting messages in transit on the network, an attacker can gain access to data or even modify it.
• Forgery. An attacker can forge messages to make them appear as if they came from someone else as a means of distributing false information or tricking users into sending them sensitive data.

E-mail systems are also susceptible to the following kinds of attacks if they are connected to the Internet:

• Denial of service. Because processing messages requires disk and CPU resources on your server and bandwidth on your Internet connection, an attacker can tie up your system or network by flooding it with mail.
• Trojan horses and viruses. Unsuspecting users can run programs they receive in messages that can infect the system, delete files, or cause other types of damage in other ways.

Microsoft Exchange Server provides a variety of features that you can use to ensure the security of your users' mail and your system. You can protect messages using advanced security (encryption and digital signatures). You can protect communication between clients and servers by configuring encrypted remote procedure calls (RPCs). You can also protect your system from intrusion from the Internet by configuring your server's hardware and software.