Government of Canada Managed Security Service (GCMSS) Annex A-5: Statement of Work - Antispam



Similar documents
Government of Canada Managed Security Service (GCMSS) Annex A-6: Statement of Work - Data Loss Prevention (DLP)

Government of Canada Managed Security Service (GCMSS) Annex A-7: Statement of Work - Security Information and Event Management (SIEM)

eprism Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide

Government of Canada Managed Security Service (GCMSS) Annex A-1: Statement of Work - Firewall

How To Configure Forefront Threat Management Gateway (Forefront) For An Server

Migration Project Plan for Cisco Cloud Security

Objective This howto demonstrates and explains the different mechanisms for fending off unwanted spam .

Serial Deployment Quick Start Guide

The Network Box Anti-Spam Solution

Visendo Suite a reliable solution for SMBs

Guardian Digital Secure Mail Suite Quick Start Guide

eprism Security Appliance 6.0 Release Notes What's New in 6.0

Hosted CanIt. Roaring Penguin Software Inc. 26 April 2011

Exim4U. Server Solution For Unix And Linux Systems

Comprehensive Filtering. Whitepaper

CipherMail Gateway Quick Setup Guide

Eiteasy s Enterprise Filter

Configuring Your Gateman Server

Solutions IT Ltd Virus and Antispam filtering solutions

POP3 Connector for Exchange - Configuration

Configuring MDaemon for Centralized Spam Blocking and Filtering

Technical Note. FORTIMAIL Configuration For Enterprise Deployment. Rev 2.1

Barracuda Spam Firewall Administrator s Guide

Websense Security Transition Guide

Barracuda Spam Firewall User s Guide

How To Protect Your From Spam On A Barracuda Spam And Virus Firewall

FortiMail Filtering Course 221-v2.0. Course Overview. Course Objectives

Feature Comparison Guide

MDaemon Vs. Microsoft Exchange Server 2013 Standard

The Leading Security Suites

Copyright 2011 Sophos Ltd. Copyright strictly reserved. These materials are not to be reproduced, either in whole or in part, without permissions.

SESA Securing with Cisco Security Appliance Parts 1 and 2

IP Reputation Exchange security research

Mod 08: Exchange Online FOPE

FortiMail Filtering Course 221-v2.2 Course Overview

Introduction. How does filtering work? What is the Quarantine? What is an End User Digest?

SPAM FILTER Service Data Sheet

Quick Start Policy Patrol Spam Filter 9

How To Set Up A Barcuda Server On A Pc Or Mac Or Mac (For Free) With A Webmail Server (For A Limited Time) With An Ipad Or Ipad (For An Ipa) With The Ip

Microsoft Exchange 2003

Service Launch Guide (US Customer) SEG Filtering

MailFoundry Users Manual. MailFoundry User Manual Revision: MF Copyright 2005, Solinus Inc. All Rights Reserved

Implementing MDaemon as an Security Gateway to Exchange Server

Reliable & Secure . Professional, Dependable, Complete Easy to Learn, Use and Grow

Installing Policy Patrol with Lotus Domino

Do you need to... Do you need to...

MDaemon configuration recommendations for dealing with spam related issues

sendmail Cookbook Craig Hunt O'REILLY' Beijing Cambridge Farnham Koln Paris Sebastopol Taipei Tokyo

Technical Note. ISP Protection against BlackListing. FORTIMAIL Deployment for Outbound Spam Filtering. Rev 2.2

Quick Start Policy Patrol Mail Security 10

Training Guide eprism Security Appliance 4.0

How To Block Ndr Spam

Intercept Anti-Spam Quick Start Guide

PineApp Anti IP Blacklisting

Security. on your terms SOFTSCAN

Services Deployment. Administrator Guide

How To Integrate Hosted Security With Office 365 And Microsoft Mail Flow Security With Microsoft Security (Hes)

Xerox Multifunction Devices. Network Configuration. Domain 2. Domino Server 2. Notes. MIME to Notes. Port. Domino. Server 1.

ASAV Configuration Advanced Spam Filtering

GFI Product Comparison. GFI MailEssentials vs Barracuda Spam Firewall

Solution Brief FortiMail for Service Providers. Nathalie Rivat

English Translation of SecurityGateway for Exchange/SMTP Servers

Sophos Appliance Configuration Guide

Symantec Hosted Mail Security Getting Started Guide

Web. Anti- Spam. Disk. Mail DNS. Server. Backup

GFI Product Manual. Administration and Configuration Manual

Quick Start Policy Patrol Mail Security 9

Frequently Asked Questions for New Electric Mail Administrators 1 Domain Setup/Administration

A D M I N I S T R A T O R V 1. 0

Collax Mail Server. Howto. This howto describes the setup of a Collax server as mail server.

What is a Mail Gateway?... 1 Mail Gateway Setup Peering... 3 Domain Forwarding... 4 External Address Verification... 4

Sophos Appliance Configuration Guide

Evaluation Guide. eprism Messaging Security Suite V8.200

Spam DNA Filtering System

Comprehensive Filtering: Barracuda Spam Firewall Safeguards Legitimate

IBM Express Managed Security Services for Security. Anti-Spam Administrator s Guide. Version 5.32

Quick Reference. Administrator Guide

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

Mithi Connect Server deployment options

TREND MICRO. InterScan VirusWall 6. SMTP Configuration Guide. Integrated virus and spam protection for your Internet gateway.

Symantec Hosted Mail Security Administration Guide

Avira Managed Security (AMES) User Guide

Anti Spam Best Practices

Enhanced Spam Defence

Quick Heal Exchange Protection 4.0

Celframe - Easy Linux - Lesson 8 - Server

XGENPLUS SECURITY FEATURES...

COMBATING SPAM. Best Practices OVERVIEW. White Paper. March 2007

Using WinGate 6 . Concepts, Features, and Configurations.

PROOFPOINT - SPAM FILTER

Setting up Microsoft Office 365

Domains Help Documentation This document was auto-created from web content and is subject to change at any time. Copyright (c) 2016 SmarterTools Inc.

Transcription:

Government of Canada Managed Security Service (GCMSS) Date: June 8, 2012

TABLE OF CONTENTS 1 ANTISPAM... 1 1.1 QUALITY OF SERVICE...1 1.2 DETECTION AND RESPONSE...1 1.3 MESSAGE HANDLING...2 1.4 CONFIGURATION...2 1.5 AUTOMATIC SECURITY UPDATES...3 1.6 NETWORK PROTOCOLS...3 1.7 REPORTING...3 1.8 IMPLEMENTATION...5 1.9 CHANGE MANAGEMENT...5 REFERENCE Please refer to Annex A - Appendix C: Definitions and Acronyms for a definition of terms and acronyms utilized throughout this annex. Page: i

1 ANTISPAM (1) The Antispam is one of the GCMSS Threat Management Services. When ordered by Canada, by issuing a Task Authorization, the Antispam, as managed and implemented by the Contractor, must meet or exceed all of the requirements listed in this annex, in the balance of the SOW and elsewhere in the Contract prior to acceptance by Canada and during the entire period of the Contract. 1.1 Quality of Service (2) The Antispam detection function must not exceed the rate of one false positive detection per million emails scanned. A false positive is the incorrect detection of spam in a legitimate email. 1.2 Detection and Response (3) The Antispam must scan incoming and outgoing emails. (4) The Antispam must detect spam emails. (5) The Antispam must detect spam in email attachments including: a) Microsoft Office; b) PDF; c) Image files; and d) HTML. (6) The Antispam must support multiple languages including double-byte character sets. (7) The Antispam must have filtering systems that include but is not limited to: a) regular expressions; b) sender reputation scores; c) sender IP reputation scores; d) signature-based; e) content-based; f) message rate throttling; g) Bayesian analysis; h) message fingerprint analysis; i) check-sum analysis; j) heuristic evaluation; k) message authenticity; l) sender blacklists; m) sender whitelists; n) domain whitelists; and Page 1

o) domain blacklists. (8) The Antispam must block fragmented messages. (9) The Antispam must support email anti-spoofing including: a) Message Sender Identification; b) Sender Policy Framework; c) SenderID; d) Domain Keys Identified Mail; and e) Reverse DNS check. (10) The Antispam must offer a variety of responses including but not limited to: a) Reject the email; b) Discard the email; and c) Accept the email with a warning message in the subject and message body as well as message header. 1.3 Message Handling (11) The Antispam must support multiple email domains. (12) The Antispam must support SMTP Mail Gateway for existing email servers specified by Canada. (13) The Antispam must support LDAP-based email routing using an LDAP server specified by Canada. (14) The Antispam must support SMTP Outbound Mail Relay. 1.4 Configuration (15) When hosted under the GCMSS Threat Management Capacity, Feature Profile Type XL, the Antispam must: a) provide inbound and outbound proxy Mail Transfer Agent (MTA) services, for email gateways specified by Canada, in support of DNS MX record redirect for content scanning and then relay email to its destination email server; and b) support domain masquerading. (16) The Antispam must support configuration of blacklists to allow customized entries by (17) The Antispam must support configuration of whitelists to allow customized entries by (18) The Antispam must support configuration of the sensitivity of the heuristic analysis by Page 2

1.5 Automatic Security Updates (19) The Antispam must support automatic security updates of signatures and blacklists directly over the public Internet (i.e. no dependency of any intermediate device) at maximum every hour. (20) The Contractor must provide automatic security updates within 15 minutes of availability from their supplier. (21) The Antispam must apply security updates without rebooting within 15 minutes of receiving the updates. 1.6 Network Protocols (22) The Antispam must monitor protocols including, but not limited to: a) SMTP; b) POP3; and c) IMAP. 1.7 Reporting 1.7.1 Daily Reports (23) The Contractor must provide a daily Antispam report to Canada in tabular and graphical format that includes: a) a month to date incoming message activity summary in tabular format: i) total incoming messages; ii) number and percentage of messages stopped by reputation filtering; iii) number and percentage of spam messages detected; iv) number and percentage of virus messages detected; v) number and percentage of threat messages detected; and vi) number and percentage of clean messages accepted. b) a month to date incoming message activity summary in pie-chart format: i) number of stopped messages; ii) number of spam messages detected; iii) number of virus messages detected; and iv) number of clean messages accepted. c) a month to date incoming message activity summary in stacked column-chart format: i) day of the month in the x axis; and ii) total number of messages by type (stopped, clean, positive spam, suspected spam) stacked on the y axis. d) a month to date tabular list of incoming messages per day with totals: Page 3

i) date; ii) total incoming messages; iii) total stopped messages; iv) total positive spam messages; v) total suspected spam messages; vi) percentage of stopped messages; vii) percentage of positive spam messages; and viii) percentage of suspected spam messages. e) a month to date tabular list of the top 7 recipient domains: i) recipient domain; ii) total incoming messages; iii) total positive spam messages; iv) percentage of positive spam messages; v) total suspected spam messages; and vi) percentage of suspected spam messages. f) a month to date tabular list of the top 25 sender domains: i) sender domain; ii) total incoming messages; iii) total positive spam messages; iv) percentage of positive spam messages; v) total suspected spam messages; and vi) percentage of suspected spam messages. g) a month to date outgoing message activity summary in stacked column-chart format: i) day of the month in the x axis; and ii) total number of messages by type (clean, positive spam, suspected spam) stacked on the y axis. h) a month to date tabular list of outgoing messages per day with totals: i) date; ii) total outgoing messages; iii) total positive spam messages; iv) total suspected spam messages; v) percentage of positive spam messages; and vi) percentage of suspected spam messages. Page 4

1.8 Implementation (24) The Contractor must inventory, review, optimize and implement in GCMSS existing rules, policies, and any other configuration of the existing Antispam solution of the (25) The Contractor must document, review, optimize and implement in GCMSS configuration requirements of the Client Organization for the Antispam. 1.9 Change Management (26) The Contractor must configure the response to positive spam detection, as specified by Canada, when requested by Canada within 2 FGWDs. (27) The Contractor must configure sender blacklists, as requested by Canada, in (28) The Contractor must configure domain blacklists, as requested by Canada, in (29) The Contractor must configure sender whitelists, as requested by Canada, in (30) The Contractor must configure domain whitelists, as requested by Canada, in (31) The Contractor must configure the sensitivity of the heuristic analysis, as requested by Canada, in (32) The Contractor must configure the Antispam MTA to correctly function with the DNS MX Record redirect, as requested by Canada, in accordance with priority levels as specified by Canada. Page 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information