I recently highlighted 5 Reasons Why Hackers Want to Break into Your Email Server to underscore how enticing a target the humble email server is to hackers.  The least damaging repercussions of a hacked email server range from the loss of bandwidth to being leveraged for the distribution of spam; meanwhile, the leaking of company secrets, extortion are some of the more serious consequences that could result.

To help email administrators along this vein, I’ve compiled a short list of excellent resources to help them better secure and protect the Microsoft Exchange servers under their charge.

Exchange 2010 Security Guide

Written by the Microsoft team, I consider the Exchange 2010 Security Guide to be a requisite read for Exchange Administrators.  While a little dated, a large part of the comprehensive article covers ‘evergreen’ best practices on topics such as security patching and enforcing of passwords.  As such, I consider this a great place to get started.  Other important aspects that are covered include suggestions to decouple Windows usernames with SMTP addresses, as well as how to create a new Exchange Server role with the Security Configuration Wizard.  [Exchange 2010 Security Guide]

Continue reading Securing Your Microsoft Exchange 2010 Server