Emails
Restrict the reading of emails
Summary The system must guarantee that exposed email addresses can only be read by humans. Description Sometimes, corporate email addresses are exposed on the company's website or another overly public medium. These emails should only be visible to ...
Guarantee uniqueness of emails
Summary Systems using email accounts for user registration must guarantee the uniqueness of the emails. This is indicated in the RFC822 email address structure standard. Description Email addresses serve as a means of identifying and communicating ...
Hide recipients
Summary The BCC field must be used instead of the TO field when sending bulk emails. Description Using the BCC field helps to protect the privacy and confidentiality of recipients in bulk email communications. When email addresses are added to the TO ...
Inspect attachments
Summary An anti-malware tool must scan files that are attached to an email. Description Malicious emails could include attachments disguised as documents, PDFs, e-files, and voicemails. Supported In This requirement is verified in following services ...
Do not interpret HTML code
Summary The client of business emails must not display HTML code by default. Description This security practice may impact the visual appearance of legitimate HTML formatted emails. Organizations must implement this measure to provide users with the ...
Disable images of unknown origin
Summary The corporate email client must not display, by default, images whose origin is unknown. Description Images from unknown sources can lead to several security risks, including: - Malicious Content: Images may contain embedded malicious code ...
Filter malicious emails
Summary All incoming and outgoing emails must be checked with an anti-spam filter. Description The requirement to check all incoming and outgoing emails with an anti-spam filter is a proactive measure to enhance email security, protect users, and ...