Tracy, M.
, Jansen, W.
and Bisker, S.
(2002),
Guidelines on Electronic Mail Security, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD
(Accessed April 20, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Guidelines on Electronic Mail Security
Published
Author(s)
Miles C. Tracy, , Scot Bisker
Abstract
[Superseded by SP 800-45 Ver. 2 (February 2007): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=50953] Electronic mail (email) is perhaps the most popularly used system for exchanging information over the Internet. After Web servers, mail servers are often the most targeted and attacked hosts on an organization's network. Various types of mail content and attachments have also proven to be effective in introducing malicious code into a system through the email client. Thus, it is essential to secure mail servers and clients as well as the network infrastructure that supports them. This document has been developed to assist federal departments and agencies, state agencies, and commercial organizations in installing, configuring, and maintaining secure mail servers and mail clients . It presents generic security principles and covers details specific to the various components of a mail system. It also includes examples that address two of the more popular mail server applications running respectively on Unix and Microsoft Windows operating systems: sendmail and Exchange.Citation
Special Publication (NIST SP) - 800-45
Report Number
800-45
NIST Pub Series
Pub Type
NIST Pubs
Superceded By Publication
Keywords
email, mail client, mail server, security
Citation
Created September 10, 2002, Updated October 12, 2021