Computer Associates, IT Security Trends, Report 2004/05 für Medienschaffende 18. November 2004, SWX Swiss Exchange, Zürich SPAM

Size: px
Start display at page:

Download "Computer Associates, IT Security Trends, Report 2004/05 für Medienschaffende 18. November 2004, SWX Swiss Exchange, Zürich SPAM"

Transcription

1 Computer Associates, IT Security Trends, Report 2004/05 für Medienschaffende 18. November 2004, SWX Swiss Exchange, Zürich SPAM Prof. Dr. P. Heinzmann cnlab Information Technology Research AG & HSR Hochschule für Technik Rapperswil Referenzen: Mike Spykerman, Typical spam characteristics - How to effectively block spam and junk mail, White Paper, Red Earth Software. Spamming countermeasures: 005c.shtml Howto gegen Schweizer SPAM: Michael Heuberger, Spamming Spamming the Internet, Hochschule Rapperswil, I-Seminar, SS Matthias Rambold, Wie wird SPAM bekämpft?, Hochschule Rapperswil, I- Seminar, WS 2001/02. Adrian Ruoss, Christian Höhn, SPAM Distributed Content Checking Honeypots, Hochschule Rapperswil, Studienarbeit Abt. Informatik, WS2004/05. 1

2 2

3 Outline Wer macht das Geschäft mit SPAM? Wie finde ich die Spammer? ( Details) Wie wehrt man sich gegen SPAM? (SPAM Abwehrmassnahmen)

4 Wie werde ich Millionär? Schon vor 40 Jahren waren in Schweizer Zeitungen Inserate für Anleitungen Wie werde ich Millionär? nach Einsendung einiger Franken erhältlich. Die lapidare Antwort bzw. Anleitung lautete machen Sie s wie ich! 4

5 200 known Spam Operations ( professional spammers) responsible for 90% of your spam operate 'offshore' using servers in Asia and South America spammer listed in ROKSO if terminated by a minimum of 3 consecutive ISPs for AUP violations spammers IP addresses are automatically sent to Spamhaus Block List ROSLO assists ISP Abuse Desks Law Enforcement Agencies (with special, sensitive information version) The Register Of Known Spam Operations (ROKSO) database collates information and evidence on the known spammers and spam gangs, to assist ISP Abuse Desks and Law Enforcement Agencies. 90% of spam received by Internet users in North America and Europe can be traced via redirects, hosting locations of web sites, domains and aliases, to a hard-core group of around 200 known spam operations. These spam operations consist of an estimated professional spammers loosely grouped into gangs ("spam gangs"), the vast majority of whom are operating illegally. Many of these spam operations pretend to operate 'offshore' using servers in Asia and South America to disguise the origin. Those who don't pretend to be 'offshore' pretend to be small ISPs themselves, claiming to their providers the spam is being sent not by them but by their nonexistent 'customers'. Some set up as fake networks, pirate or fraudulently obtain large IP allocations from ARIN/RIPE and use routing tricks to simulate a network, fooling real ISPs into supplying them connectivity. When caught, almost all use the age old tactic of lying to each ISP long enough to buy a few weeks more of spamming and when terminated simply move on to the next ISP already set up and waiting. ROKSO is a "3 Strikes" register: To be listed in ROKSO a spammer must first be terminated by a minimum of 3 consecutive ISPs for Access User Policy (AUP) violations. IP addresses under the control of ROKSO-listed spammers are automatically and preemptively listed in the Spamhaus Block List (SBL). For Law Enforcement Agencies there is a special version of this ROKSO database which gives access to records with information, logs and evidence too sensitive to publish here. 5

6 CREATIVE MARKETING ZONE Alain Ralsky (SPAM King) Aliases: Jeff Kramer, Additional Benefits, Creative Marketing Zone Inc, Sam Smith, William Window, : couple of mailing lists, making $6,000 a week 2001: Creative Marketing Zone, Inc., Nevada 2002: 250 million valid addresses 0.25% response rate 0.75% of mails opened (hidden notification code) 89 Million people have opt-out (between 1997 and 2002) up to $22,000, for single mailing to entire database stealth spam (Romanian program), detect computers that are online and then flash them a pop-up ad 2004: Hundreds of domains: aboutchpecha.com, Some statements from Alain Ralsky (Mike Wendland: Spam king lives large off others' troubles, November 22, and "I've gone overseas," he said. "I now send most of my mail from other countries. And that's a shame. I pay a fortune to providers to do this, and I'd much rather have it go to American companies. But I have to stay in business, and if I have to go out of the country, then so be it." The computers in Ralsky's basement control 190 servers located in Southfield, 50 in Dallas and 30 more in Canada, China, Russia and India. Each computer, he said, is capable of sending out 650,000 messages every hour -- more than a billion a day -- routed through overseas Internet companies Ralsky said are eager to sell him bandwidth. "I'll never quit," said the 57-year-old master of spam. "I like what I do. This is the greatest business in the world." It's made him a millionaire, he said, seated in the wood-paneled first floor library of his new house. "In fact," he added, "this wing was probably paid for by an I sent out for a couple of years promoting a weight-loss plan." In 1997 he bought a couple of mailing lists from advertising brokers and, with the help of the computers, launched a new career that soon was making him $6,000 a week. Ralsky said he includes a link on each he sends that lets the recipient opt out of any future mailings. He said 89 million people have done just that over the past five years, and he keeps a list of them that grows by about 1,000 every day. That list is constantly run against his master list of 250 million valid addresses. The response rate is the key to the whole operation, said Ralsky. These days, it's about one-quarter of 1 percent. Ralsky makes his money by charging the companies that hire him to send bulk a commission on sales. He sometimes charges just a flat fee, up to $22,000, for a single mailing to his entire database. Ralsky has other ways to monitor the success of his campaigns. Buried in every he sends is a hidden code that sends back a message every time the is opened. About three-quarters of 1 percent of all the messages are opened by their recipients, he said. The rest are deleted. Ralsky, meanwhile, is looking at new technology. Recently he's been talking to two computer programmers in Romania who have developed what could be called stealth spam. It is intricate computer software, said Ralsky, that can detect computers that are online and then be programmed to flash them a pop-up ad, much like the kind that display whenever a particular Web site is opened. "This is even better," he said. "You don't have to be on a Web site at all. You can just have your computer on, connected to the Internet, reading or just idling and, bam, this program detects your presence and up pops the message on your screen, past firewalls, past anti-spam programs, past anything. 6

7 SPAM... Mass Mailing Angebote auf ebay SPAM Mass Mailing Angebote sind beispielsweise auf ebay zu finden. Gelegentlich findet man dort auch SPAM bot Angebote. 7

8 Type of Spam Categories (% of total Spam) Other; 3% Spiritual; 4% Leisure; 6% Products; 25% Internet; 7% Health; 7% Scams; 9% Financial; 20% Adult; 19% 2003: The 2003 statistics were derived from a number of different reputable sources including: Google, Brightmail, Jupiter Research, emarketer, Gartner, MailShell, Harris Interactive, and Ferris Research. Worst of the Spam - Sporn - How well does the filter support the blocking of sporn or spammed pornography? Does it allow you to block all pornography and/or adult themes? Does it allow you to view quarantined without viewing any of the pornographic i? As much as 8% of all is pornographic in nature, what we at Spam Filter Review call Sporn or spammed pornography. 8

9 "419" Scam (Advance Fee Scam) Nigeria or West African Scam large sum of money sitting in a bank account making payments through you to us At some point, the victim is asked to pay up front an Advance Fee of some sort Fake Lottery Scam (Elgordo Lottery Madrid, Microsoft Lottery) you have therefore been approved for a lump sum pay out of US$ 500, To file for your claim, please contact Ghana Gold Scam prepared to provide quantities of up to 400 kilograms of 22.karat alluvial gold monthly offer the quantity of gold required to the Buyer [or their representative] upon their arrival here in Accra kindly contact me at the numbers listed above The so-called "419" scam (aka "Nigeria scam" or "West African" scam) is a type of fraud named after an article of the Nigerian legal code under which it is prosecuted. Most "normal" spam uses bogus sender addresses. For 419 spam existing mailboxes at legitimate mail providers are used. When such mailboxes get cancelled for abuse, often similarly names mailboxes are created at the same provider. Most 419 scams originate from about a dozen fre er domains (netscape.net, yahoo.com/yahoo.*, tiscali.co.uk, libero.it, telstra.com, bigpond.com, indiatimes.com, 123.com (Chile), zwallet.com, fsmail.net, hotmail.com, etc., see addresses by domain). A small minority uses throw-away domains registered via MSN (see example), Rediffmail, XO/Concentric, Yahoo/Geocities or other webhosters (ns.sign-on-africa1.net) as the sender instead of a fre er service, particularly for fake companies and fake banks (e.g. firstcapitalft.com). 9

10 Nigeria Portal mit Scams and Frauds Beispielen (Nigeria Mail): When fraud, 419 or scams come up anywhere on the internet Nigeria will be mentioned even when the particular fraud, 419 or scam has nothing to do with Nigeria. This image that we have cut for ourselves through our actions and inactions isn't the best and that image we must change through our collective effort if we must be accorded our due respect and%20frauds 10

11 Info Grabber Personal Information (Addresses) Credit Card Information Banking Information (Phishing) Spyware / Trojan Installation Keyboard logger Bots(Zombies)

12 Cheap Rolex? Lockvogelangebote für Rolex-Uhren, Windows Software, Wettbewerbe, Gefälschte Bestellung, mit falscher MC Nummer und Junk am abgeschickt: Keine Verschlüsselung Falsche Kreditkartennummer nicht detektiert Keine -Bestätigung für die Bestellung wahrscheinlich geht es nur darum, Kreditkarten- und Personen Informatinen zu sammeln. 12

13 1. Spoof (Spam) Phishing Real site 3. Spoofed Web Site 2. Camouflaged Hyperlink Fake Pop-Up <A HREF=www.stealmyinfo.com>www.yourbank.com/myaccount</A> Ref. Gartner Group, Cannes 2004 Phishing is a spam-based scam that has grown in popularity. Phishing is not a "cyberattack," such as propagating malicious code. It is a social-engineering attack, in which attackers (or "phishers") trick users into doing something that will harm them or their companies. The phisher sends an message that looks like it comes from a legitimate source for example, an online merchant. In many cases, the message states that there is a problem with the user's account and requests that the user confirm the merchant's information by entering sensitive account information (such as a credit card number, address, user name and password) into the phisher's Web site, which resembles the merchant's site. Using this information, the phisher can steal access to the account or perpetrate identity fraud. In addition, phishing could provide attackers with access to an organization's internal systems, but it is used for identity theft in most cases. 13

14 Botnet Providing networks of zombie PCs used anonymous relays for spam to launch denial of service attacks on websites to steal confidential information about a PC's owner More than PCs per day are being taken over to spread spam and viruses (bot nets peak of new recruits was in one day) Windows viruses were detected in the first six months of 2004 October 5, 2004, Spy Act The new recruits per day peak in 2004 is due to a battle between the MyDoom and Bagle virus teams. October 5, 2004, the U.S. House of Representatives passed a bill to criminalize the act of altering PC configurations (Spy Act ), taking control and downloading software onto a PC without the owner's consent: By a vote, House members approved legislation prohibiting "taking control" of a computer, surreptitiously modifying a Web browser's home page, or disabling antivirus software without proper authorization. The Spy Act would also create a complicated set of rules governing software capable of transmitting information across the Internet. It would give the Federal Trade Commission authority to police violations of the law and to levy fines of up to $3 million in the most pernicious cases. 14

15 Sendmails Corp offers members $5 for downloading and installing the company's VirtualMDA (mail delivery agent) software pay an additional $1 for every hour of computing time that the VirtualMDA software spends blasting out s on behalf of Sendmails and its clients After downloading and analyzing the VirtualMDA software last week, Jones said he concluded that Sendmails' "primary reason for doing that service is so their clients' IP addresses don't get blocked by all the spam lists. Instead, all these cable-modem users who install the software get banned." VirtualMDA was developed as a result of marketing companies not being able to get delivered," said Haberstroh. "We were sequestered by a rather large Fortune 1000 company to create an deployment service that would basically get their delivered to the recipients whose addresses they were paying for." VirtualMDA was developed as a result of marketing companies not being able to get delivered," said Haberstroh. "We were sequestered by a rather large Fortune 1000 company to create an deployment service that would basically get their delivered to the recipients whose addresses they were paying for." Haberstroh, VirtualMDA, Sendmails and its parent company, Atriks, have not managed to keep themselves off the Spamhaus Register of Known Spam Operations. Run by a British nonprofit, the online directory contains hundreds of records of suspected spammers. 15

16 Beagle_J Mass Mailing Worm Attachment Backdoor SMTP / HTTP File Sys Beagle_J is a mass-mailing worm that opens a backdoor on TCP port 2745 and uses its own SMTP engine to spread through . Sends the attacker the port on which the backdoor listens, as well as the IP address. Attempts to spread through file-sharing networks, such as Kazaa and imesh, by dropping itself into the folders that contain "shar" in their names. 16

17 IP-Adressen von infizierten Rechnern verkaufen : C t Redaktion kauft bei Virenverbreitern ein Trojaner auf tausenden Rechnern installiert (Virus "Randex" ) Nimmt per Chat-Protokoll IRC Kontakt zu seinem "Master" auf. empfängt Befehle wie etwa, nach CD-Keys von Spielen suchen vom infizierten System aus SYN-Flood-Attacken starten weitere Software nachladen (z.b. zur Weiterleitung von Spam) verbreitet sich über den Windows-Verzeichnisdienst insbesondere in Sub-Netzen weiter Ferngesteuerte Spam-Armeen, Nachgewiesen: Virenschreiber liefern Spam- Infrastruktur, c't 5/04, S. 18. URL dieses Artikels: Links in diesem Artikel: [1] [2] [3] [4] [5] [6] [7] 17

18 an cnlab.ch Mail 3% unerkannte SPAM 3% Falsche Empfänger 30% erkannte SPAM 53% Viren 11% Juni

19 Mail auf dem Setziertisch 19

20 Electronic Mail ( ) Server 1 Internet Router Server 3 Mail Client Host 1 Router Send Server Host 1 Router Router Receive Server Send Server Host 1 bbb.ch aaa.com Router Relay Server An open mail relay occurs when a mail server processes a mail message where neither the sender nor the recipient is a local user. In this example, both the sender and the recipient are outside the local domain (or rather, the local IP range, for the technically inclined). The mail server is an entirely unrelated third party to this transaction. The message really has no business passing through this server. The legitimate use of a mail relay is threatened by influx of spam originating from a third party, the spammer. Abuse occurs when massive amounts of mail are relayed through an otherwise unrelated server. Most such abusive sessions are initiated by junk ers - the so-called spammers - attempting to covertly distribute their unwanted messages all over the Internet. In the past, third party mail relaying was a useful tool. These days, thanks to the spammers, open mail relays pose a significant threat to the usefulness of . ORDB.org is the Open Relay Database. ORDB.org is a non-profit organisation which stores a IP-addresses of verified open SMTP relays. These relays are, or are likely to be, used as conduits for sending unsolicited bulk , also known as spam. By accessing this list, system administrators are allowed to choose to accept or deny exchange with servers at these addresses. 20

21 Typical Server Setup Externer Mail Gateway Interner Mailserver (Exchange Server) Antivir Mailgate (port 25) SMTPD (port 2225) Spamassassin queue qmail McAffee WebShield (port 2525) Exchange (port 25) Group Shield SMTP Outlook Client Junkmail VirusScan Antivir Mailgate macht Relay Check und Virencheck (Mails mit Viren werden gelöscht) Spamassassin kennzeichnet Mails, welche als Spam klassiert werden Zweiter VirenScanner (McAffee) detektiert Viren, welche von Antivir nicht gefunden wurden (z.b. aufgrund unterschiedlich aktueller Virensignatur-Files) GroupShield untersucht Exchange Store bzw. bereits empfangen Mails (welche beispielsweise angekommen sind, bevor die Virensignaturen bekannt waren) Es wäre durchaus sinnvoll, Spam- und Virenchecking auch für ausgehende Mails zu machen: Spam-Filter Training mit guten Mails Alarmierung bei echten Mails, welche als SPAM detektiert würden Interne Spammer detektieren Verhindern, dass Viren nach aussen gesendet werden 21

22 Mail message format RFC 822: standard for text message format SMTP-Envelope (written by servers) RCPT To: header lines To: From: Subject: body the message, ASCII characters only Envelope Mail From: DATA header body blank line Die Header-Informationen werden beim normalen Client vom Client- Programm an den SMTP Prozess übergeben. D.h. beim Versand einer normalen werden die Adressen, die im Mailprogramm des Absenders in die Felder "To:" und "CC:" eingetragen wurden, nicht nur zur Generierung dieser beiden Headerzeilen benutzt, sondern auch beim SMTP-Dialog als "RCPT TO:" und Mail From: auf den Umschlag übertragen. Die Envelope enthält die für die Zustellung einer relevanten Informationen, welche vor allem durch die Mail- Server interpretiert werden. Dem Client interessieren die Envelope-Informationen in der Regel nicht. Allerdings werden manchmal gewisse Daten aus der Envelope in den Header übertragen. 22

23 Mail header additions by involved SMTP servers Each SMTP recipient adds his Domain Name (with IP Address) and a Time Stamp to the Mail Header sky.itr.ch (SMTP/POP Server) mail.iprolink.ch (SMTP Server) tslzgp157.iprolink.ch (Mail Client/SMTP) These stamps are placed on the envelope of the mail by each SMTP server. The SMTP/ESMTP IDs as well as the time stamp have local significance only (i.e. it is just the local time of the corresponding server). [see also 23

24 Return-Path: Received: from mx3.gmx.example [ ]) by ancalagon.rhein-neckar.de (8.8.5/8.8.5) with SMTP id SAA25291 for Thu, 16 Sep :36: (MET DST) Received: (qmail 1935 invoked by alias); 16 Sep :36: Delivered-To: GMX delivery to Received: (qmail invoked by uid 0); 16 Sep :36: Received: from pbox.rz.rwth-aachen.example ( ) by mx3.gmx.example with SMTP; 16 Sep :36: Received: from post.rwth-aachen..example (slip-vertech.dialup.rwth-aachen.example [ ]) by pbox.rz.rwth-aachen.example (8.9.1/8.9.0) with ESMTP id RAA28830 for Wed, 16 Sep :35: Message-ID: Date: Wed, 16 Sep :33: From: Heinz-Gustav Hinz Organization: RWTH Aachen X-Mailer: Mozilla 4.05 [de] (Win95; I) To: Karl-Heinz Schmitt MIME-Version: 1.0 Content-Type: text/plain; charset=iso Content-Transfer-Encoding: quoted-printable Subject: Re: Hallo Nachbar! References: Reply-To: X-Resent-By: Global Message Exchange X-Resent-For: X-Resent-To: Die Return-Path Zeile sollte, wenn sie existiert, ganz am Anfang der stehen. Sie enthält den Envelope-From (also die Absenderangabe aus dem SMTP-Umschlag). Diese kann allerdings bei SMTP beliebig angegeben werden. Die "eigentlichen" Zustellvermerke sind die "Received:"- Headerzeilen, die jeweils vor dem Weiterschicken einer vom Mailserver vorne angefügt werden. Die oberste "Received:"- Zeile wurde vom eigenen Mailserver (bzw. dem des Providers) erzeugt. Eine "Received:"-Zeile gibt immer an, wer die Mail von wem empfangen hat. Gewisse Received-Zeilen können je nach verwendetem Mail- Server sehr speziell aussehen (vgl. Received: (qmail...) und Delivered-To: GMS..., bei welchen es sich um eine Spezialität des GMX-Mailers handelt. Die Message-ID ist eine eindeutige Kennung der (vergleichbar einer Seriennummer). Sie sollte aus einer unverwechselbaren Zeichenfolge vor dem (meistens Datum und Benutzerkennung in einer kodierten Form) und einem Rechnernamen hinter dem bestehen. Häufig wird die Message-ID bereits vom Mailprogramm des Absenders erzeugt; ansonsten tragen die meisten Mailserver sie nach, soweit sie fehlt. Alle mit "X-" beginnenden Headerzeilen sind nicht standardisiert und können von verschiedenen Programmen (oder auch Benutzern) beliebig eingefügt werden. 24

25 Anzeigen von Header Informationen Outlook Express 4, 5, & 6 (Windows) While viewing the message, click the File menu, then click Properties. On the Details tab, you will need to right click, choose select all (this should highlight all the text). Then right click again, and choose copy. You must then paste the headers into the forwarded message (click the Edit menu, then choose Paste) Microsoft Outlook 98 & 2000 (Windows) Double click the message to open it in a new window. Go to the View menu and choose Options. Copy the text in the Internet Headers window by right clicking and choosing Select All, then right clicking again and choosing Copy. Then paste the headers when you forward the message (click the Edit menu and choose Paste). Netscape Mail & News (Win, Linux & Mac) Click the Options menu, choose Show Headers, then select All. (Note: Some older versions of Netscape may not be able to show the complete headers) The header information is like the envelope around an telling the senders address, the time it was sent, and where it was sent from. header information is includes the "To" and "From" data about an . More importantly, it also contains a lot of other information about the source of and . Knowing how to get to the header is important if you ever want more information about where the came from. Many programs hide much of the header information because most of the time you don't need it. This tutorial will teach you how to read and view the full header of s in different programs. What the header information "means" is beyond the scope of this tutorial. Most spam these days is sent with a fake return address. To figure out where the spam really came from the following web form is a tool to let you find out which provider an IP address is assigned to: 25

26 SPAM / Massmail Detektion und Filterung 26

27 SPAM Abwehrmassnahmen Technisch Sending Mailserver Receiving Mailserver Client SPAM-Filter Service Betreiber Mailbox Betreiber Organisatorisch, Verhalten Anwender Einsatz seiner Mail-Adresse Reaktion auf SPAM-Mails Gesellschaft Rechtslage Wirtschaftslage Kostenfolgen

28 Technische SPAM Abwehrmassnahmen Akzeptiere nur Mails von lokalen Clients (no relaying) Client Authentication Verzögerungstaktik (Teergrube) Sendender Server Internet Router Router Router Router Empfangender Server Filtering (Sender, Inhalt, Tag) bbb.ch Router Ablehnung von Mails (Blacklists) Nachfragen beim Sender (SPF, Greylisting) Filtering (Sender, Inhalt, Blacklist Spammer Anzahl gleiche Mails / DCC) Avoid grabbing Identify and abort dictionary attack Identify and abort address-harvasting attack ( tag handling) Boundary Defense Nonaccept a message (simply decline to accept it, rather than receiving it at all) Disable relaying, verify, expand Header Analysis (Reading headers by ) Validity of the sender (using reverse lookup ) Consistency between the sender and the from fields Tactics used by known spammers that are highly unlikely to be found in normal messages Content Analysis A set of rules to search for known spammer tactics A set of rules to search for known chain letters, hoaxes and urban legends The ability to look for words and phrases in a targeted words list (for example, porn, financial services) The ability to do contextual analysis The ability to tune the product for the environment Sensing or Reporting put accounts in all the places spammers love to harvest addresses (SPAM Honeypot) create consortia or user groups to develop and share anti-spam rules Blacklist and White Lists create a white list of domains that are always allowed to receive , no matter what the content is URL-Blacklist 28

29 Sender Authentication Initiatives Initiative Initiator How It Works Domain Keys Yahoo! Public key infrastructure (PKI) and DNS Caller ID Microsoft XML records stored in DNS Sender Policy Framework (SPF) Sender ID Meng Wong (Pobox) Concise text records stored in DNS Source: Gartner Group, Cannes 2004 There are four sender authentication initiatives: Domain keys: Uses PKI and DNS. A domain owner generates a public and private key pair, makes the public one available via DNS, and configures that domain's outbound mail servers to sign messages with the private key. Inbound mail servers would then need to check that signature against the public key. This initiative is at the early draft stage. Caller ID: Uses XML records stored in DNS, which list the IP address ranges that send s legitimately from a particular domain. This initiative is at a relatively early stage. Caller ID for is the third major authentication specification to emerge, after SPF (Sender Permitted From) and Yahoo Domain Keys. These multiple specifications will impede adoption, as will the need to introduce new intra-enterprise practices and technology upgrades. The various authentication initiatives will accelerate the spread of domain-to-domain authentication among early technology adopters and regulated industries. SPF: Uses concise text records stored in DNS. It can designate which servers are sending from a domain legitimately by using IP address ranges, or established mail exchange (MX) records. Inbound mail servers that are configured to parse SPF return one of several possible responses, and system administrators can decide what to do with the result. Sender ID: The convergence of Microsoft's Caller ID for proposal and Meng Wong's SPF. Microsoft has submitted this to the IETF. SPF is the only initiative that has been adopted. A significant number of domains publish SPF records, including AOL. It has been injected into the open source "wild," which means its growth is viral. The number of open-source mail servers that support SPF is increasing, and it is being adopted into antispam software. 29

30 Sender Policy Framework (SPF) SPF records are TXT records in DNS mail server, or anti-spam filter, that supports SPF checking does a DNS text query for the address supplied in the SMTP (Simple MailTransfer Protocol) MAIL FROM command. Response may by No published SPF records Pass Fail Sender cannot be confirmed as legitimate or illegitimate Lookup error The check is neutral or incomplete, which should be treated as if there was no SPF record A domain s SPF records indicate which servers are allowed to send on behalf of that domain that is, which servers can send purporting to be from an address at that domain. SPF records can be constructed loosely to indicate that these particular servers are definitely legitimate, but mail from other servers may or may not be legitimate, or they can specify that all servers can legitimately send from that domain. Publishes where correct mail from <domain> should originate MARID closed sept 04 because of Microsoft license violations - Switch nutzt SPF nicht weiter 30

E-MAIL FILTERING FAQ

E-MAIL FILTERING FAQ V8.3 E-MAIL FILTERING FAQ COLTON.COM Why? Why are we switching from Postini? The Postini product and service was acquired by Google in 2007. In 2011 Google announced it would discontinue Postini. Replacement:

More information

COMBATING SPAM. Best Practices OVERVIEW. White Paper. March 2007

COMBATING SPAM. Best Practices OVERVIEW. White Paper. March 2007 COMBATING SPAM Best Practices March 2007 OVERVIEW Spam, Spam, More Spam and Now Spyware, Fraud and Forgery Spam used to be just annoying, but today its impact on an organization can be costly in many different

More information

Quarantined Messages 5 What are quarantined messages? 5 What username and password do I use to access my quarantined messages? 5

Quarantined Messages 5 What are quarantined messages? 5 What username and password do I use to access my quarantined messages? 5 Contents Paul Bunyan Net Email Filter 1 What is the Paul Bunyan Net Email Filter? 1 How do I get to the Email Filter? 1 How do I release a message from the Email Filter? 1 How do I delete messages listed

More information

Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. 2001 2014 EdgeWave. All rights reserved. The EdgeWave logo is a trademark of EdgeWave Inc. All other trademarks and registered trademarks are hereby acknowledged. Microsoft and Windows are either registered

More information

Collateral Damage. Consequences of Spam and Virus Filtering for the E-Mail System. Peter Eisentraut 22C3. credativ GmbH.

Collateral Damage. Consequences of Spam and Virus Filtering for the E-Mail System. Peter Eisentraut 22C3. credativ GmbH. Consequences of Spam and Virus Filtering for the E-Mail System 22C3 Introduction 12 years of spam... 24 years of SMTP... Things have changed: SMTP is no longer enough. Spam filters, virus filters are part

More information

Comprehensive Anti-Spam Service

Comprehensive Anti-Spam Service Comprehensive Anti-Spam Service Chapter 1: Document Scope This document describes how to implement and manage the Comprehensive Anti-Spam Service. This document contains the following sections: Comprehensive

More information

Software Engineering 4C03 SPAM

Software Engineering 4C03 SPAM Software Engineering 4C03 SPAM Introduction As the commercialization of the Internet continues, unsolicited bulk email has reached epidemic proportions as more and more marketers turn to bulk email as

More information

Typical spam characteristics

Typical spam characteristics Typical spam characteristics How to effectively block spam and junk mail By Mike Spykerman CEO Red Earth Software This article discusses how spam messages can be distinguished from legitimate messages

More information

eprism Email Security Suite

eprism Email Security Suite FAQ V8.3 eprism Email Security Suite 800-782-3762 www.edgewave.com 2001 2012 EdgeWave. All rights reserved. The EdgeWave logo is a trademark of EdgeWave Inc. All other trademarks and registered trademarks

More information

eprism Email Security Suite

eprism Email Security Suite FAQ V8.3 eprism Email Security Suite 800-782-3762 www.edgewave.com 2001 2012 EdgeWave. All rights reserved. The EdgeWave logo is a trademark of EdgeWave Inc. All other trademarks and registered trademarks

More information

Do you need to... Do you need to...

Do you need to... Do you need to... TM Guards your Email. Kills Spam and Viruses. Do you need to... Do you need to... Scan your e-mail traffic for Viruses? Scan your e-mail traffic for Viruses? Reduce time wasted dealing with Spam? Reduce

More information

eprism Email Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide

eprism Email Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide eprism Email Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide This guide is designed to help the administrator configure the eprism Intercept Anti-Spam engine to provide a strong spam protection

More information

Email. Daniel Zappala. CS 460 Computer Networking Brigham Young University

Email. Daniel Zappala. CS 460 Computer Networking Brigham Young University Email Daniel Zappala CS 460 Computer Networking Brigham Young University How Email Works 3/25 Major Components user agents POP, IMAP, or HTTP to exchange mail mail transfer agents (MTAs) mailbox to hold

More information

Ipswitch IMail Server with Integrated Technology

Ipswitch IMail Server with Integrated Technology Ipswitch IMail Server with Integrated Technology As spammers grow in their cleverness, their means of inundating your life with spam continues to grow very ingeniously. The majority of spam messages these

More information

Exim4U. Email Server Solution For Unix And Linux Systems

Exim4U. Email Server Solution For Unix And Linux Systems Email Server Solution For Unix And Linux Systems General Overview, Feature Comparison and Screen Shots Exim4U Email Server Solution For Unix And Linux Systems Version 2.x.x October 12, 2012 Copyright 2009

More information

Spam blocking methods and experiences

Spam blocking methods and experiences Spam blocking methods and experiences Linuxdays Luxembourg 2003 christian mock http://www.tahina.priv.at/~cm/talks/spamblocking.{sxi,pdf} version 1.3 contents how spam is sent

More information

Analysis of Spam Filter Methods on SMTP Servers Category: Trends in Anti-Spam Development

Analysis of Spam Filter Methods on SMTP Servers Category: Trends in Anti-Spam Development Analysis of Spam Filter Methods on SMTP Servers Category: Trends in Anti-Spam Development Author André Tschentscher Address Fachhochschule Erfurt - University of Applied Sciences Applied Computer Science

More information

An Overview of Spam Blocking Techniques

An Overview of Spam Blocking Techniques An Overview of Spam Blocking Techniques Recent analyst estimates indicate that over 60 percent of the world s email is unsolicited email, or spam. Spam is no longer just a simple annoyance. Spam has now

More information

Spam Filtering A WORD TO THE WISE WHITE PAPER BY LAURA ATKINS, CO- FOUNDER

Spam Filtering A WORD TO THE WISE WHITE PAPER BY LAURA ATKINS, CO- FOUNDER Spam Filtering A WORD TO THE WISE WHITE PAPER BY LAURA ATKINS, CO- FOUNDER 2 Introduction Spam filtering is a catch- all term that describes the steps that happen to an email between a sender and a receiver

More information

ModusMail Software Instructions.

ModusMail Software Instructions. ModusMail Software Instructions. Table of Contents Basic Quarantine Report Information. 2 Starting A WebMail Session. 3 WebMail Interface. 4 WebMail Setting overview (See Settings Interface).. 5 Account

More information

Avira Managed Email Security AMES FAQ. www.avira.com

Avira Managed Email Security AMES FAQ. www.avira.com Avira Managed Email Security AMES FAQ www.avira.com Can AMES be used immediately after an account for our organization has been set up in the MyAccount user portal? Using your account requires a change

More information

Solutions to Spam. simple analysis of solutions to spam. Thesis. Submitted to Prof. Dr. Eduard Heindl on E-business

Solutions to Spam. simple analysis of solutions to spam. Thesis. Submitted to Prof. Dr. Eduard Heindl on E-business Solutions to Spam simple analysis of solutions to spam Thesis Submitted to Prof. Dr. Eduard Heindl on E-business technology in partial fulfilment for the degree of Master of Science in Business Consulting

More information

Managing Your Email Reputation

Managing Your Email Reputation Managing Your Email Reputation For most companies and organizations, email is the most important means of business communication. The value of email today, however, has been compromised by the rampant

More information

Anti Spam Best Practices

Anti Spam Best Practices 39 Anti Spam Best Practices Anti Spam Engine: Time-Tested Scanning An IceWarp White Paper October 2008 www.icewarp.com 40 Background The proliferation of spam will increase. That is a fact. Secure Computing

More information

Antispam Security Best Practices

Antispam Security Best Practices Antispam Security Best Practices First, the bad news. In the war between spammers and legitimate mail users, spammers are winning, and will continue to do so for the foreseeable future. The cost for spammers

More information

www.pandasecurity.com 100% Malware-Free E-mail: A Guaranteed Approach

www.pandasecurity.com 100% Malware-Free E-mail: A Guaranteed Approach 100% Malware-Free E-mail: A Guaranteed Approach 2 100% Malware-Free E-mail: A Guaranteed Approach Panda Security's Mail Filtering Managed Service Guarantees Clean E-mail Table of Contents Table of Contents...

More information

escan Anti-Spam White Paper

escan Anti-Spam White Paper escan Anti-Spam White Paper Document Version (esnas 14.0.0.1) Creation Date: 19 th Feb, 2013 Preface The purpose of this document is to discuss issues and problems associated with spam email, describe

More information

eprism Email Security Appliance 6.0 Release Notes What's New in 6.0

eprism Email Security Appliance 6.0 Release Notes What's New in 6.0 eprism Email Security Appliance 6.0 Release Notes St. Bernard is pleased to announce the release of version 6.0 of the eprism Email Security Appliance. This release adds several new features while considerably

More information

Email Management CSCU9B2 CSCU9B2 1

Email Management CSCU9B2 CSCU9B2 1 Email Management CSCU9B2 CSCU9B2 1 Contents Email clients choosing and using Email message header and content Emailing to lists of people In and out message management Mime attachments and HTML email SMTP,

More information

Installation Guide For ChoiceMail Enterprise Edition

Installation Guide For ChoiceMail Enterprise Edition Installation Guide For ChoiceMail Enterprise Edition How to Install ChoiceMail Enterprise On A Server In Front Of Your Company Mail Server August, 2004 Version 2.6x Copyright DigiPortal Software, 2002-2004

More information

Cloud Services. Email Anti-Spam. Admin Guide

Cloud Services. Email Anti-Spam. Admin Guide Cloud Services Email Anti-Spam Admin Guide 10/23/2014 CONTENTS Introduction to Anti- Spam... 4 About Anti- Spam... 4 Locating the Anti- Spam Pages in the Portal... 5 Anti- Spam Best Practice Settings...

More information

MDaemon configuration recommendations for dealing with spam related issues

MDaemon configuration recommendations for dealing with spam related issues Web: Introduction MDaemon configuration recommendations for dealing with spam related issues Without a doubt, our most common support queries these days fall into one of the following groups:- 1. Why did

More information

ExchangeDefender. Understanding the tool that can save and secure your business

ExchangeDefender. Understanding the tool that can save and secure your business ExchangeDefender Understanding the tool that can save and secure your business OVERVIEW The purpose of this Startup Guide is to familiarize you with ExchangeDefender's Exchange and SharePoint Hosting.

More information

Comprehensive Email Filtering. Whitepaper

Comprehensive Email Filtering. Whitepaper Comprehensive Email Filtering Whitepaper Email has undoubtedly become a valued communications tool among organizations worldwide. With frequent virus attacks and the alarming influx of spam, email loses

More information

Email AntiSpam. Administrator Guide and Spam Manager Deployment Guide

Email AntiSpam. Administrator Guide and Spam Manager Deployment Guide Email AntiSpam Administrator Guide and Spam Manager Deployment Guide AntiSpam Administration and Spam Manager Deployment Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec

More information

ContentCatcher. Voyant Strategies. Best Practice for E-Mail Gateway Security and Enterprise-class Spam Filtering

ContentCatcher. Voyant Strategies. Best Practice for E-Mail Gateway Security and Enterprise-class Spam Filtering Voyant Strategies ContentCatcher Best Practice for E-Mail Gateway Security and Enterprise-class Spam Filtering tm No one can argue that E-mail has become one of the most important tools for the successful

More information

INLINE INGUARD E-MAIL GUARDIAN

INLINE INGUARD E-MAIL GUARDIAN INLINE INGUARD E-MAIL GUARDIAN Activation Guide December 8, 2008 600 Lakeshore Parkway, AL 35209 888.3InLine support@inline.com 1 InLine InGuard E-Mail Guardian Activation Guide The InLine InGuard E-Mail

More information

Intercept Anti-Spam Quick Start Guide

Intercept Anti-Spam Quick Start Guide Intercept Anti-Spam Quick Start Guide Software Version: 6.5.2 Date: 5/24/07 PREFACE...3 PRODUCT DOCUMENTATION...3 CONVENTIONS...3 CONTACTING TECHNICAL SUPPORT...4 COPYRIGHT INFORMATION...4 OVERVIEW...5

More information

Phoenix Information Technology Services. Julio Cardenas

Phoenix Information Technology Services. Julio Cardenas Phoenix Information Technology Services Julio Cardenas Email spam, also known as junk email or unsolicited bulk email (UBE), is a subset of electronic spam involving nearly identical messages sent to numerous

More information

ESET Mail Security 4. User Guide. for Microsoft Exchange Server. Microsoft Windows 2000 / 2003 / 2008

ESET Mail Security 4. User Guide. for Microsoft Exchange Server. Microsoft Windows 2000 / 2003 / 2008 ESET Mail Security 4 for Microsoft Exchange Server User Guide Microsoft Windows 2000 / 2003 / 2008 Content 1. Introduction...4 1.1 System requirements... 4 1.2 Methods Used... 4 1.2.1 Mailbox scanning

More information

Implementing MDaemon as an Email Security Gateway to Exchange Server

Implementing MDaemon as an Email Security Gateway to Exchange Server Implementing MDaemon as an Email Security Gateway to Exchange Server Introduction MDaemon is widely deployed as a very effective antispam/antivirus gateway to Exchange. For optimum performance, we recommend

More information

Enhanced Spam Defence

Enhanced Spam Defence Enhanced Spam Defence An approach to making SMTP connect time blocking a reliable method for e-mail filtering By John Jensen, Topsec Technology Ltd. As the spam problem keeps growing and the associated

More information

SPAM UNDERSTANDING & AVOIDING

SPAM UNDERSTANDING & AVOIDING SPAM UNDERSTANDING & AVOIDING Modified: September 28, 2006 SPAM UNDERSTANDING & AVOIDING...5 What is Spam?...6 How to avoid Spam...6 How to view message headers...8 Setting up a spam rule...10 Checking

More information

Countermeasures against Bots

Countermeasures against Bots Countermeasures against Bots Are you sure your computer is not infected with Bot? Information-technology Promotion Agency IT Security Center http://www.ipa.go.jp/security/ 1. What is a Bot? Bot is a computer

More information

5 Simple Ways To Avoid Getting An Avalanche of Spam

5 Simple Ways To Avoid Getting An Avalanche of Spam Customer Education Series 5 Simple Ways To Avoid Getting An Avalanche of Spam A Business Owners Guide To Eliminating The 10-15 Most Unproductive Minutes Of Each Employee s Day 5 Easy Ways to Avoid Getting

More information

Email Services Deployment. Administrator Guide

Email Services Deployment. Administrator Guide Email Services Deployment Administrator Guide Email Services Deployment Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the

More information

2014-10-07. Email security

2014-10-07. Email security Email security Simple Mail Transfer Protocol First defined in RFC821 (1982), later updated in RFC 2821 (2001) and most recently in RFC5321 (Oct 2008) Communication involves two hosts SMTP Client SMTP Server

More information

Articles Fighting SPAM in Lotus Domino

Articles Fighting SPAM in Lotus Domino Page 1 of 5 Articles Fighting SPAM in Lotus Domino For many e-mail administrators these days, the number one complaint from the users and managers is unsolicited emails flooding the system, commonly called

More information

mailfence + spamfence

mailfence + spamfence Get started with 1 mailfence + spamfence E-mails sent to yourdomain.com 2 DNS requests for yourdomain.com MX-records MX-records answers: - gw1.security.comendo.com - gw2.security.comendo.com - gw3.security.comendo.com

More information

Why Spamhaus is Your Best Approach to Fighting Spam

Why Spamhaus is Your Best Approach to Fighting Spam Page 1 of 10 Executive Summary The spam problem is evolving and while overall spam volumes are down, the problems are getting worse. No longer just a nuisance wasting resources and time, spam is now a

More information

Using WinGate 6 Email. Concepts, Features, and Configurations.

Using WinGate 6 Email. Concepts, Features, and Configurations. WinGate Feature Guide Using WinGate 6 Email Concepts, Features, and Configurations. Neil Gooden Qbik New Zealand Limited Rev 1.0 December 2004 2 Introduction...3 Basic Email Concepts... 3 Differences in

More information

Spyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc.

Spyware. Michael Glenn Technology Management Michael.Glenn@Qwest.com. 2004 Qwest Communications International Inc. Spyware Michael Glenn Technology Management Michael.Glenn@Qwest.com Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References

More information

Eiteasy s Enterprise Email Filter

Eiteasy s Enterprise Email Filter Eiteasy s Enterprise Email Filter Eiteasy s Enterprise Email Filter acts as a shield for companies, small and large, who are being inundated with Spam, viruses and other malevolent outside threats. Spammer

More information

1 Accessing E-mail accounts on the Axxess Mail Server

1 Accessing E-mail accounts on the Axxess Mail Server 1 Accessing E-mail accounts on the Axxess Mail Server The Axxess Mail Server provides users with access to their e-mail folders through POP3, and IMAP protocols, or OpenWebMail browser interface. The server

More information

It is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes.

It is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Virus What is a virus? It is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It can also be defined as a set of codes written to cause

More information

MailFoundry Users Manual. MailFoundry User Manual Revision: MF2005071100 Copyright 2005, Solinus Inc. All Rights Reserved

MailFoundry Users Manual. MailFoundry User Manual Revision: MF2005071100 Copyright 2005, Solinus Inc. All Rights Reserved MailFoundry User Manual Revision: MF2005071100 Copyright 2005, Solinus Inc. All Rights Reserved Page 1 of 91 Chapter 1: Introduction... 4 What are Spam Profiles?... 4 Models Covered In This Manual... 4

More information

Frequently Asked Questions

Frequently Asked Questions Frequently Asked Questions Table of Contents DNS Settings... 3 MX record... 3 SPF record... 3 Configuring Outbound... 3 Smart host configuration for Exchange 2003... 3 Smart host configuration for Exchange

More information

Objective This howto demonstrates and explains the different mechanisms for fending off unwanted spam e-mail.

Objective This howto demonstrates and explains the different mechanisms for fending off unwanted spam e-mail. Collax Spam Filter Howto This howto describes the configuration of the spam filter on a Collax server. Requirements Collax Business Server Collax Groupware Suite Collax Security Gateway Collax Platform

More information

Spam DNA Filtering System

Spam DNA Filtering System The Excedent Spam DNA Filtering System provides webmail.us customers with premium and effective junk email protection. Threats to email services are rising rapidly. A Growing Problem As of November 2002,

More information

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network. Elements of Email Email Components There are a number of software components used to produce, send and transfer email. These components can be broken down as clients or servers, although some components

More information

Anti-Phishing Best Practices for ISPs and Mailbox Providers

Anti-Phishing Best Practices for ISPs and Mailbox Providers Anti-Phishing Best Practices for ISPs and Mailbox Providers Version 2.01, June 2015 A document jointly produced by the Messaging, Malware and Mobile Anti-Abuse Working Group (M 3 AAWG) and the Anti-Phishing

More information

(For purposes of this Agreement, "You", " users", and "account holders" are used interchangeably, and where applicable).

(For purposes of this Agreement, You,  users, and account holders are used interchangeably, and where applicable). Key 2 Communications Inc. Acceptable Use Policy Please read carefully before accessing and/or using the Key 2 Communications Inc. Web site and/or before opening an account with Key 2 Communications Inc..

More information

Comprehensive Email Filtering: Barracuda Spam & Virus Firewall Safeguards Legitimate Email

Comprehensive Email Filtering: Barracuda Spam & Virus Firewall Safeguards Legitimate Email Comprehensive Email Filtering: Barracuda Spam & Virus Firewall Safeguards Legitimate Email Email has undoubtedly become a valued communications tool among organizations worldwide. With frequent virus attacks

More information

PANDA CLOUD EMAIL PROTECTION 3.3.0 / Administrator s Manual / 1

PANDA CLOUD EMAIL PROTECTION 3.3.0 / Administrator s Manual / 1 PANDA CLOUD EMAIL PROTECTION 3.3.0 / Administrator s Manual / 1 Contents 1 INTRODUCTION TO PANDA CLOUD EMAIL PROTECTION... 5 1.1 WHAT IS PANDA CLOUD EMAIL PROTECTION?... 5 1.2 FUNCTIONALITIES... 5 2 PANDA

More information

IBM Express Managed Security Services for Email Security. Anti-Spam Administrator s Guide. Version 5.32

IBM Express Managed Security Services for Email Security. Anti-Spam Administrator s Guide. Version 5.32 IBM Express Managed Security Services for Email Security Anti-Spam Administrator s Guide Version 5.32 Table of Contents 1. Service overview... 3 1.1 Welcome... 3 1.2 Anti-Spam (AS) features... 3 1.3 How

More information

The Spam/Anti-Spam Battlefield. SANS Institute Masters Presentation by T. Brian Granier

The Spam/Anti-Spam Battlefield. SANS Institute Masters Presentation by T. Brian Granier The Spam/Anti-Spam Battlefield SANS Institute Masters Presentation by T. Brian Granier Objectives What is the definition of SPAM? What are the motivations for SPAMming? What tools can I use for SPAM detection

More information

SCORECARD EMAIL MARKETING. Find Out How Much You Are Really Getting Out of Your Email Marketing

SCORECARD EMAIL MARKETING. Find Out How Much You Are Really Getting Out of Your Email Marketing EMAIL MARKETING SCORECARD Find Out How Much You Are Really Getting Out of Your Email Marketing This guide is designed to help you self-assess your email sending activities. There are two ways to render

More information

Introduction. Friday, June 21, 2002

Introduction. Friday, June 21, 2002 This article is intended to give you a general understanding how ArGoSoft Mail Server Pro, and en Email, in general, works. It does not give you step-by-step instructions; it does not walk you through

More information

Emails and anti-spam Page 1

Emails and anti-spam Page 1 Emails and anti-spam Page 1 As the spammers become increasing aggressive more and more legit emails get banned as spam. When you send emails from your webcrm system, we use the webcrm servers to send emails

More information

Guideline on Spam Control

Guideline on Spam Control CMSGu2012-07 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Spam Control National Computer Board Mauritius Version 1.0

More information

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know

More information

How to Identify Phishing E-Mails

How to Identify Phishing E-Mails How to Identify Phishing E-Mails How to recognize fraudulent emails and avoid being phished. Presented by : Miguel Fra, Falcon IT Services (miguel@falconitservices.com) http://www.falconitservices.com

More information

Protecting your business from spam

Protecting your business from spam Protecting your business from spam What is spam? Spam is the common term for electronic junk mail unwanted messages sent to a person s email account or mobile phone. Spam messages vary: some simply promote

More information

XGENPLUS SECURITY FEATURES...

XGENPLUS SECURITY FEATURES... Security Features Table of Contents TABLE OF CONTENTS... 2 1. INTRODUCTION... 3 2. XGENPLUS SECURITY FEATURES... 3 3. SERVER LEVEL FEATURES... 5 4. DOMAIN LEVEL FEATURES... 8 5. USER LEVEL FEATURES...

More information

Email Marketing Glossary of Terms

Email Marketing Glossary of Terms Email Marketing Glossary of Terms A/B Testing: A method of testing in which a small, random sample of an email list is split in two. One email is sent to the list A and another modified email is sent to

More information

OIG Fraud Alert Phishing

OIG Fraud Alert Phishing U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION Washington, D.C. 20507 Office of Inspector General Aletha L. Brown Inspector General July 22, 2005 OIG Fraud Alert Phishing What is Phishing? Phishing is a

More information

white paper Glossary of Spam Terms The jargon of the spam industry

white paper Glossary of Spam Terms The jargon of the spam industry white paper Glossary of Spam Terms The jargon of the spam industry Table of Contents A Acceptable Use Policy (AUP)..................................................... 5 Alias...........................................................................

More information

Panda Cloud Email Protection

Panda Cloud Email Protection Panda Cloud Email Protection 1. Introduction a) What is spam? Spam is the term used to describe unsolicited messages or messages sent from unknown senders. They are usually sent in large (even massive)

More information

MailFoundry User Manual. Page 1 of 86. Revision: MF20120621 Copyright 2007, Solinus Inc. All Rights Reserved. Page 1 of 86

MailFoundry User Manual. Page 1 of 86. Revision: MF20120621 Copyright 2007, Solinus Inc. All Rights Reserved. Page 1 of 86 MailFoundry User Manual Page 1 of 86 MailFoundry User Manual Revision: MF20120621 Copyright 2007, Solinus Inc. All Rights Reserved Page 1 of 86 Table of Contents MailFoundry User Manual Page 2 of 86 Chapter

More information

PineApp Anti IP Blacklisting

PineApp Anti IP Blacklisting PineApp Anti IP Blacklisting Whitepaper 2011 Overview ISPs outbound SMTP Services Individual SMTP relay, not server based (no specific protection solutions are stated between the sender and the ISP backbone)

More information

SECURING INFORMATION SYSTEMS

SECURING INFORMATION SYSTEMS SECURING INFORMATION SYSTEMS (November 9, 2015) BUS3500 - Abdou Illia - Fall 2015 1 LEARNING GOALS Understand security attacks preps Discuss the major threats to information systems. Discuss protection

More information

More Details About Your Spam Digest & Dashboard

More Details About Your Spam Digest & Dashboard TABLE OF CONTENTS The Spam Digest What is the Spam Digest? What do I do with the Spam Digest? How do I view a message listed in the Spam Digest list? How do I release a message from the Spam Digest? How

More information

Admin Guide Boundary Defense for Email Email Anti-Virus & Anti-Spam

Admin Guide Boundary Defense for Email Email Anti-Virus & Anti-Spam Admin Guide Boundary Defense for Email Email Anti-Virus & Anti-Spam DOCUMENT REVISION DATE: October, 2010 Boundary Defense for Email Admin Guide / Table of Contents Page 2 of 34 Table of Contents 1 INTRODUCTION...

More information

Email Migration Project Plan for Cisco Cloud Email Security

Email Migration Project Plan for Cisco Cloud Email Security Sales Tool Email Migration Project Plan for Cisco Cloud Email Security 2014 Cisco and/or its affiliates. All rights reserv ed. This document is Cisco Conf idential. For Channel Partner use only. Not f

More information

Welcome! Best Current Practices on spam prevention

Welcome! Best Current Practices on spam prevention Welcome! Best Current Practices on spam prevention Champika Wijayatunga, APNIC champika@apnic.net 21 April 2006, Beijing, China In conjunction with CNNOG3 1 Overview Background: spam Problems and prevention

More information

Fighting Spam in an ISP Environment:

Fighting Spam in an ISP Environment: White Paper Fighting Spam in an ISP Environment: Challenges, Solutions and Best Practices April, 2007 Summary An ISP presents one of the most complex environments for managing spam because of the high

More information

Email Getting Started Guide Unix Platform

Email Getting Started Guide Unix Platform Edition/Issue Email Getting Started Guide Unix Platform One of the most important features of your new Web Hosting account is access to a personalized Email solution that includes individual Email addresses

More information

Avira Managed Email Security (AMES) User Guide

Avira Managed Email Security (AMES) User Guide Avira Managed Email Security (AMES) User Guide 1 Product information... 3 1.1 Functionality... 3 1.2 Licensing AMES... 3 2 Getting started with AMES... 4 2.1 Adding a new domain to AMES... 4 2.2 Logging

More information

When Reputation is Not Enough: Barracuda Spam Firewall Predictive Sender Profiling. White Paper

When Reputation is Not Enough: Barracuda Spam Firewall Predictive Sender Profiling. White Paper When Reputation is Not Enough: Barracuda Spam Firewall Predictive Sender Profiling White Paper As spam continues to evolve, Barracuda Networks remains committed to providing the highest level of protection

More information

GFI Product Comparison. GFI MailEssentials vs Barracuda Spam Firewall

GFI Product Comparison. GFI MailEssentials vs Barracuda Spam Firewall GFI Product Comparison GFI MailEssentials vs Barracuda Spam Firewall GFI MailEssentials Barracuda Spam Firewall Integrates closely with Microsoft Exchange Server 2003/2007/2010 Integrates closely with

More information

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

PROTECT YOUR COMPUTER AND YOUR PRIVACY! PROTECT YOUR COMPUTER AND YOUR PRIVACY! Fraud comes in many shapes simple: the loss of both money protecting your computer and Take action and get peace of and sizes, but the outcome is and time. That

More information

SPAM ARREST WORKS! Quick Start Enterprise Administrators. Take Control of Your Inbox. Protecting mailboxes since 2001

SPAM ARREST WORKS! Quick Start Enterprise Administrators. Take Control of Your Inbox. Protecting mailboxes since 2001 Page 1 of 6 Quick Start Enterprise Administrators Welcome to the Quick Start Guide (QSG) for Enterprise Account Customers. The aim and purpose of this guide is to provide a quick overview of what you need

More information

Broadband Acceptable Use Policy

Broadband Acceptable Use Policy Broadband Acceptable Use Policy Contents General... 3 Your Responsibilities... 3 Use of Email with particular regards to SPAM... 4 Bulk Email... 5 Denial of Service... 5 Administration of Policy... 6 2

More information

Anti-Spam Capabilities of Internet Exchange Version 3.1

Anti-Spam Capabilities of Internet Exchange Version 3.1 WHITEPAPER SERIES Anti-Spam Capabilities of Internet Exchange Version 3.1 Version 1.0 September 1998 Hong Kong Computer Center, 20/F The Peak Tower, 15/F 54-62 Lockhart Road 107 Alfaro Street Wan Chai

More information

Recurrent Patterns Detection Technology. White Paper

Recurrent Patterns Detection Technology. White Paper SeCure your Network Recurrent Patterns Detection Technology White Paper January, 2007 Powered by RPD Technology Network Based Protection against Email-Borne Threats Spam, Phishing and email-borne Malware

More information

FortiMail Email Filtering Course 221-v2.0. Course Overview. Course Objectives

FortiMail Email Filtering Course 221-v2.0. Course Overview. Course Objectives FortiMail Email Filtering Course 221-v2.0 Course Overview FortiMail Email Filtering is a 2-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed to configure,

More information

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109 K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS v.109 1 The Exchange environment is an important entry point by which a threat or security risk can enter into a network. K7 Mail Security is a complete

More information

The Network Box Anti-Spam Solution

The Network Box Anti-Spam Solution NETWORK BOX TECHNICAL WHITE PAPER The Network Box Anti-Spam Solution Background More than 2,000 years ago, Sun Tzu wrote if you know yourself but not the enemy, for every victory gained you will also suffer

More information

Symantec Hosted Mail Security Getting Started Guide

Symantec Hosted Mail Security Getting Started Guide Symantec Hosted Mail Security Getting Started Guide Redirecting Your MX Record You have successfully activated your domain within the Symantec Hosted Mail Security Console. In order to begin the filtration

More information