News Stay informed about the latest enterprise technology news and product updates.

Step 8: Establish controls for Internet SMTP traffic

Step-by-Step Guide: E-mail compliance to do list, part 8

Let's face it, there's a lot of liability associated with having an open and hard-to-manage communications channel...

to the outside world.

E-mail hygiene and employee productivity issues aside, simply understanding whether Internet e-mail is being used to communicate sensitive financial data, for example -- either to legitimate external parties such as financial audit firms, or to competitors, media or other parties -- is complex and wrought with challenges.

There have been numerous cases in the media of inappropriate data being sent via Internet e-mail -- sometimes completely in error -- including confidential patient records, financial data, insider trading information and the like.

Avoiding such mishaps and breaches of compliance-related policies can involve a combination of user education, auto-signatures, content-scanning Internet gateways and auditing mechanisms; this includes the ability to report on traffic sent to and received from specific Internet domains containing certain subject keywords, message body keywords or attachments.

As a starting point, companies need to pay better attention to where their Internet e-mail is going and investigate capabilities that can respond to compliance-related investigations quickly.


 Home: Introduction
 Step 1: Establish, communicate and enforce an e-mail policy
 Step 2: Get an archival solution
 Step 3: Evaluate the big picture of e-mail storage
 Step 4: Pay special attention to PSTs
 Step 5: Establish controls and audits for distribution list/group membership
 Step 6: Establish controls for mailbox security and delegation
 Step 7: Establish controls for public folders
 Step 8: Establish controls for Internet SMTP traffic
 Step 9: Establish an e-discovery plan
 Step 10: Identify and eliminate stale objects

David Sengupta, Exchange expert
David Sengupta is a Product Manager in the Windows Management Group at Quest Software. He has also been a Microsoft MVP in the Exchange Server category for six consecutive years. Sengupta has contributed to various Exchange and Windows books, magazines and white papers from a number of publishers. He also frequently represents Microsoft on staff at Ask the Experts, Microsoft Experts Area and Peer Talk at conferences such as MEC and TechEd. David has an M.T.S. from Tyndale Seminary, Canada, a B.Sc. from University of Ottawa, Canada and MCSE (Messaging) and CCA certifications. David runs a blog on Microsoft Exchange and e-mail compliance issues at and can be reached at

Dig Deeper on Email Protocols

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.