Archive for category ‘Technical’

Secure emailing via your website

December 14th, 2009

There is a very simple technology that allows visitors to your website to email you via your website, for instance to place an order, ask a question or to keep you updated. However, sending emails via the standard webserver SMTP service (’localhost’) is not always secure:

  1. Forms or scripts may be misused on a large scale;
  2. You, or the sender, may see an “odd” sender address in the email message (”recycler@vevida.com” is the standard sender address for a webserver) - also if the sender completes the email address as [From:];
  3. Email may be processed late, for instance if there are long queues on the webserver (due to a defect script or misuse);
  4. Sent data (including privacy sensitive information!) is sent to the SMTP service as a legible text;
  5. Email may be marked as spam due to misuse or the standard return address.

Secure emailing

Sending emails via our SMTP server ’smtp.vevida.com’ is secure, on the following two conditions:

  1. Email must be sent by TLS encryption;
  2. A valid email account hosted by VEVIDA and not forwarded must be used to log in on the SMTP server (’authenticated SMTP’).

This ensures that the correct email address is included in the email message as the sender address. Moreover, sending the SMTP transaction via the TLS encryption protocol is secure and often faster, as it bypasses the ‘localhost’ of the webserver which can be slow.

Sample scripts

The script languages ASP.NET 2.0/3.5, (classic) ASP and PHP currently offer support for ‘authenticated SMTP over TLS’. Visit our Service pages for sample scripts that you can adapt to your needs:

  1. ASP.NET 2.0/3.5 (System.Net.Mail)
  2. Classic ASP (CDOSYS)
  3. PHP (PEAR Mail)
  4. PHP (PHPMailer)

Many content management systems (CMS, such as Wordpress or Joomla, e107) and webstores (such as Zen Cart, osCommerce, VirtueMart) come with standard support.

To activate it instantly, you can often simply complete the requested data (SMTP server, email address/log-in name, password and security set-up) in the admin environment. Some PHP packages require you to install a new version of  PHPMailer which is available for downloading from the Service Page.

Also in Outlook and Thunderbird

Did you know that you can also read your IMAP email safely in Outlook, Thunderbird and other email programs? On the account set-up page enable the TLS option to receive (IMAP) and send (SMTP) emails. This will keep your login data safe from interception by third parties.

If you have any questions or comments, please go to the Support screen in MyVEVIDA or send an email to info@vevida.com.

Tags: , , , , , , ,

Betere beveiliging voor .eu en .be domeinnamen

June 20th, 2009
20 responses. Leave a comment

Sorry, this entry is only available in Nederlands.

Tags: , ,

Maximale Uptime van uw website en SEO

June 17th, 2009
19 responses. Leave a comment

Sorry, this entry is only available in Nederlands.

Tags: , , , , , , ,

Gumblar-virus contaminates tens of thousands of websites

June 9th, 2009

A Websense study demonstrates that the much discussed Gumblar virus, which steals FTP data in order to hack websites and contaminate users, is still highly active. In mid May the number of contaminated website increased explosively, from less than 3,000 in the first two weeks to over 80,000 infected websites on 17 and 18 May. By now the number of hacked websites has decreased to about 50,000 domains.

One of the contaminated PDF documents that is used for infecting visitors contains the text “Boris like horilka”. Horilka is Ukrainian for Vodka, says Gary Warner. In addition to an exploit for Adobe Reader the attackers also use a well-known exploit for Adobe’s Flash Player. Hundreds of thousands of Internet users may have visited the harmful domains.

Source: Security.nl

 1  2 Next