Email Screening: Protecting Staff from Malicious Threats

    email screening

    Email Screening: Protecting Staff from Malicious Threats

    Email Screening: Protecting Staff from Malicious Threats 1024 396 IT support Sydney | ZEN IT Support |

    Many scam attacks are attempted via e-mail, therefore it is essential to block as many of these as possible before they are delivered to staff. Whilst Microsoft and Google include e-mail scanning, their systems are generic and often easy for scammers to circumvent.

    We recommend implementing an external “e-mail gateway” that scans all e-mail prior to being delivered to your e-mail system. Our “SG1” gateway is a highly customised version of the award winning Alt-N SecurityGateway software, and for a small cost provides the best protection available against e-mail threats.

    Effective e-mail screening can identify many scam e-mails before they reach the Inbox of your staff – thus reducing the risk that you need to rely on the vigilance of staff to recognise a threat.

    Our email spam firewall: SG1, provides affordable email security with a powerful spam filter that serves as an SMTP firewall (compatible with: Microsoft 365, Gmail or your on-premise e-mail server).

    SG1 protects against viruses, phishing, spoofing, and other forms of malware that present an ongoing threat to the legitimate email communications of your business.
    SG1 has multiple analysis tools for identifying and quarantining threats from legitimate e-mail.

    Security Gateway Security
    Security Gateway Security

    Security Features

    Anti-Spam

    Multiple testing methods allow administrators to adjust spam prevention techniques to detect and block the majority of incoming spam.

    • Heuristic and Bayesian Engines. SG1 utilises a high performance, customized version of the popular open source SpamAssassin project for heuristic rules and Bayesian classification.
    • DNS and URI Blocklists use numerous third-party servers to determine spam
    • Message Certification allows for a third-party to validate a sending server, to establish whether it is considered friendly. Message Certification relies on SPF or DKIM.
    • Message Scoring can be customized to fit each domain’s needs. SG1 maintains a score for each message based on the results of its exhaustive collection of message tests. Individual tests may add to or subtract from the message score. The message score allows the decision to quarantine or reject a message to be based on the results of multiple tests.

    Anti-Virus

    Flexible configuration to perform automatic updates at regular intervals, ensuring the greatest protection. Messages with viruses may be refused or quarantined for later review on a per-domain basis.

    Anti-Spoofing

    Multiple techniques are used to verify a sender’s address to prevent spammers from forging the origin of the message.

    • Reverse Lookups can tag or refuse messages if the sending mail server or email address is forged
    • Call Back Verify allows SG1 to verify that the sending email address is valid before accepting the message

    Email Authentication

    Incorporates current authentication techniques used to validate and sign messages to minimize the receipt of possible spam messages.

    • DomainKeys Identified Mail (DKIM) associates domain names to represent a sender’s identity. Messages are sent with a digital “fingerprint,” which is then validated upon receipt to confirm the signer’s identity and to ensure the message was not tampered with during transit over the Internet
    • Sender Policy Framework (SPF) The Sender Policy Framework (SPF) is an open standard specifying a technical method to prevent sender address forgery.

    Anti-Abuse

    Multiple techniques to allow legitimate mail in while preventing unauthorized access — all configurable on a per-domain basis.

    • Relay Control prohibits messages from being accepted or delivered if they are not to or from a SG1 user.
    • SMTP Authentication can force users to authenticate with a username and password when sending mail, if desired.
    • IP Shielding allows SG1 to only accept mail from a domain if it matches a pre—defined domain/IP pair.

    Filtering

    Minimize incoming and outgoing threats by blocking or quarantining messages based on content or types of file attachments.

    • Message Content Filter allows the administrator to look for content within a message and take action based on the results.
    • Preset File Types allows the administrator to tell SG1 to block all attached video files, images, or executable files with one click.
    • Blacklists – Block threats from known email abusers.
      • Addresses — match addresses by domain or email address.
      • Hosts — match by the host name given during the SMTP session.
      • IP — match by connecting IP address
      • Blacklist Actions – allow the administrator to refuse or quarantine a message if a blacklist match occurs
    • Whitelists – Speed up message processing through the identification of friendly senders.
      • Addresses — exempt email from addresses by domain or email address.
      • Hosts — exempt email by the host name given during the email session.
      • IP — exempt email by connecting IP address.

    SIEVE Scripts

    We use the powerful industry standard SIEVE mail filtering language to augment the built-in security features of SG1 to implement custom rules to quarantine (and in some cases reject) suspicious messages based on analysis of e-mails by our security team.

    If you have any questions about SG1 or would like to deploy SG1, please contact us

    Questions are welcome!

    * This article first appeared on our sister site: https://disaster-recovery.com.au/email-screening-protecting-staff-from-malicious-threats/

      Join our Newsletter

      We'll send you newsletters with news, tips & tricks. No spams here.

        Input this code:captcha