Canon Paper Shredder Mail Server Security, Smtp Authentication, POP Authentication Before Smtp

Section 4 – Network Security

There are three possible scenarios that are explored:

•Data with a virus attached in the e-mail:

All file attachments except for ‘TIFF” files received in the e-mail are discarded immediately after reception.

•Viruses pretending to be TIFF files:

TIFF image files are compressed with formats such as MH, MR, and MMR. The imageRUNNER ADVANCE system compresses the ‘TIFF’ format at reception and after regenerating the image encodes the image again. When processed correctly, the original image is discarded and a new image is created, printed, and transferred. If an error occurs during the process, the data from the ‘TIFF’ file is not transferred but is discarded, and a message notifying the user of the error is added to the e-mail text and is printed.

•Text within e-mail is a virus:

E-mail text data gives the Date, From, Message-Id, To, or Subject data written at the top of the received e-mail for printing and transfer. The e-mail text data is comprised of character strings. If binary data such as data with a virus is used in the e-mail text, the data will be damaged and data with a virus will be discarded. Even if the data with a virus is visible data with a script for- mat, it is not possible to recognize it as a script because Date, From, Message-Id, To, or Subject data is attached at the top.

4.2– Mail Server Security

When the Scan and Send on imageRUNNER ADVANCE devices is enabled, the internal mail service is enabled and supports the POP and SMTP protocols. To protect the service against attack or improper use, administrators can enable additional security features such as SMTP Authentication and POP Authentication before SMTP.

SMTP Authentication

To prevent unauthorized users from making use of the device’s internal SMTP server, administrators can enable SMTP Authentication and designate a username and password to connect to the server. In addition, administrators can enable SSL for all SMTP send and receive operations.

POP Authentication Before SMTP

As an additional layer of security, imageRUNNER ADVANCE systems support the ability for administrators to enable or disable the POP Authentication before SMTP feature. POP Authentication before SMTP forces a successful login to a POP server prior to being able to send mail via SMTP.