Yes take a look at the latest CISA(Cybersecurity Infrastructure Security Agency) Infographic:
Goto CISA webpage for fullsize infographic if you want.
CISA is trying to convince you into creating segmentation in different pieces of your network. We need to go through this process to make sure you understand why this method is a good idea. You should segment the mail server (which has to be on the Internet talking to other machines) from the rest of the network because the mail server is a big target. If for some reason the mail server is compromised then a segmented network will make the attacker work a little harder to get elsewhere on the network.
Of course the easiest course of action if you Pown(hacker controls the server) the mail server is to send out emails from the mail server that look legitimate.
Which is why I want to point out the following attack – a Threatpost article:
I only point this particular headline out because the malware can be anything and can even be a relevant news item – I picked on Donald Trump with Liverpool because both have a certain following and may be clicked on by unsuspecting people. These clicks could cause problems within your network and then if not segmented all computers are susceptible to the clicking habits of this unsuspecting person.
The risk is higher in unsegmented networks. Read more about risk and how to review it in my book.
Or contact us to discuss.