Email security

This article on Email security provides a brief overview of the ways in which email systems may be abused, and the most effective ways to fight that abuse. We categorize the vulnerabilities according to their locality in Figure 1 of Email system, repeated here for convenience. We assume the reader is familiar with that article.

In each category, we summarize the requirements for security. These are high-level requirements, not recommendations for any specific method or technique, and not intended as a rigid standard for every system. The same level of security may be provided in some other way. For example, there is less need for passwords if every user can be authenticated by their address on a local network, secure from any outside intruder.