With the increasing prevalence of phishing attacks, malware, and spam, securing your organization’s email system is more crucial than ever. External email alert act as a front line defense, providing immediate warnings about emails originating from outside your organization. In spite of having all internal and external security mechanisms, we often overlook the most vulnerable and important component of this email security concept, “The human interaction“.
Let me share with you some key points illustrated by CYBSAFE:
- 70% of data breaches involved the human element in 2023
- The average cost of a data breach in 2022 was just under $4.35 million. That’s an all-time high.
- Only 1 in 9 businesses (11%) provided a cybersecurity awareness program to non-cyber employees in 2020.
- 1 in 3 data breaches involves phishing.
- 20% of organizations faced a security breach as a result of a remote worker.
So you can see how human elements contribute a large percentage in these breaches. If you are interested to know more about importance of security awareness in end user level, you can check this article from INFOSEC.
According to TechTarget, these are some best practices for your end user’s awareness and email security:
- Train employees on email security best practices.
- Create strong passwords.
- Don’t reuse passwords across accounts.
- Consider changing passwords regularly — or not.
- Use multifactor authentication (MFA).
- Take phishing seriously.
- Be wary of email attachments.
- Don’t click email links.
- Don’t use business email for personal use and vice versa.
- Only use corporate email on approved devices.
- Encrypt email, communications and attachments.
- Avoid public Wi-Fi.
- Use email security protocols.
- Use email security tools.
- Log out.
I hope you understood by now that having an external email alert notification could be the a good practice (i.e. Don’t click email links.) for your users to be careful while dealing with external emails.
Important Note: Always be careful about external emails. No matter if the sender is known or unknown to you. You never know if the other end is compromised or not. Precaution is better than prevention.
Let’s take a look at two scenarios to get more clarity on this topic:
External Email Warning in Carbonio CE
- Login to your Carbonio CE server.
- Create the file for the warning
zextras@mail:~$ cat /opt/zextras/conf/external-email-warning
require ["fileinto", "reject", "tag", "flag", "editheader", "variables"];
# Add an external domain header to all email not coming from our own domains
if allof(
not address :domain :is ["from"] ["example.com"],
not header :contains "Subject" ["[External Email]"]
)
{
# Add a prominent external email warning header
addheader "X-External-Domain" "⚠️ EXTERNAL EMAIL ALERT ⚠️";
# Match the entire subject to get it in a match group that can be stored in a variable
if header :matches "Subject" "*" {
set "subject" "${1}";
}
# Delete the existing subject header and add a new one with the external email warning
deleteheader "Subject";
addheader :last "Subject" "⚠️ [External Email] ⚠️ ${subject} ";
}
- Now “Enable”
zimbraSieveEditHeaderEnabled
in COS or Domain level.
zextras@mail:~$ carbonio prov mc default zimbraSieveEditHeaderEnabled TRUE
- Now set the warning.
zextras@mail:~$ cat /opt/zextras/conf/external-email-warning |xargs -0 zmprov md zextras.xyz zimbraAdminSieveScriptBefore
- Restart services.
zextras@mail:~$ zmcontrol restart
- If you want to exclude any domain from this “External Email” alert, just simply add the domain at this line besides your local domain.
not address :domain :is ["from"] ["zextras.xyz","carbonio.com","valid_domain.com"],
Now you are ready setup the “External Email” warning in your Carbonio CE Server.
What The Warning Will Look Like
To strengthen your server security, you can blacklist/whitelist malicious address/domain, or may need to set disclaimer to enhance legal compliance in your Carbonio CE server.
Enhancing your email security with external email alerts in Carbonio Community Edition Servers is a smart, proactive step towards safeguarding your digital communications. By staying ahead of potential threats and keeping your inbox secure, you’re not just protecting your data – you’re ensuring peace of mind. Stay secure, stay smart!