Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Modern Anti-Spam Protection - Rejection, no sorting

NoSpamProxy Protection blocks spam, phishing and malware the intelligent way.

The gateway solution helps you to protect your systems and end users from email threats. This is even achieved with a unique ease-of-use for the end user.

  • Login to see the comments

  • Be the first to like this

Modern Anti-Spam Protection - Rejection, no sorting

  1. 1. Modern Anti-Spam with NoSpamProxy Protection Rejection – No Sorting Thomas Stensitzki
  2. 2. Introduction Thomas Stensitzki Principal Enterprise Consultant Granikos GmbH & Co. KG MCSM Messaging, MCM: Exchange 2010 MCSE, MCSA, MCITP, MCTS, MCSA, MCSA:M, MCP E-Mail: Web: Blog:
  3. 3. Spam in numbers ~88% of received messages are spam ~4% of received messages have malicious content Postini: Only 12% of received emails are legitimate (Feb 2013) Microsoft: 94% spam, 600 million emails a week Trend Micro: Spam ratio varies by country
  4. 4. Spam ratio per country (Jan 2014 – Feb 2015) > 80% 50% - 80% 20% - 50% < 20% Source: TrendMicro
  5. 5. Damage and cost Loss in end-user productivity Restrained mobile access to company resources Loss of communication Loss of network bandwidth Waste of storage - Mailbox databases - Archive storage (expensive) Example for loss of productivity: 30 spams per day = 5 minutes x 220 working days per year 2 working days per year and employee Page  5
  6. 6. Rejection No interruption of end-user routine False positives easy to handle Self learning connections and domain trusts No waste of mailbox database storage No waste of archive storage RFC compliant rejection (NDR) Reduced administrative intervention Sorting (classic approach) Interuption of end-user working routine Manual action by end-user required Waste of mailbox database storage Waste of archive storage Risk of large number of unhandled spam messages Comparison Page  6
  7. 7. Rejection Delivered Blocked Sound email OK Spam nuisance OK Sorting (classic approach) Delivered Blocked Sound email OK danger Spam nuisance OK Comparison Scanning – Assessment – Rejection Sound senders are sent a NDR Spammers are unable to deliver Risk of false positives is defused - Sound senders can react on NDR Receiving – Assessment – Processing - Deletion, Quarantine, Marking Depending on product False Positives - Danger of important information being lost without sender and recipient knowing about it
  8. 8. Solution NoSpamProxy® Protection – Mail Gateway Rejection instead of sorting - The alternative approach to spam protection Sound emails are identified - Self learning mechanism to identify desired connections and handling domain trusts Customizable to business needs - Detailed rule set of filters and actions for incoming and outgoing messages Scalable Anti-Spam Solution CYREN Premium Anti-Virus integrated in product Component of Net at Work Mail Gateway
  9. 9. Legal considerations Applicable in Germany: § 206 StGB: „It is a criminal offence to suppress an entrusted communication“ Once an email has been received, its deletion or filtering by a third party is an offence - That is the primary reason why even spam must be archived NoSpamProxy does not accept spam nor does it suppress any communication entrusted to it - A regular NDR is being generated BSI*: Analogy between Spam and unsolicited advertising *BSI: Federal Office for Information Security
  10. 10. User Interface Multi-Role server with default rule set
  11. 11. Sound email Concentrating on negative spam characteristics leads to false positives Unique Level of Trust technology Bonus points for desired email connections (sender – recipient) System learns dynamically about desired connections Easy authorization of external senders - Simple send an email to the external sender to authorize incoming messages Enables applying more stringent spam filtering rules - Various filters and actions are available
  12. 12. In a nutshell Acts as a SMTP proxy Spam is identified while message is in transmission - Connection can be aborted with a 5xx error status to the sending MTA Installed as the first SMTP endpoint from the internet - Next hop can be an Edge server role or an internal Hub server role Company NetworkNoSpamProxy Protection Multi-Role Exchange Server
  13. 13. Topology example 1 Internet facing servers not domain joined Internal server domain joined One gateway server possible, but no redundancy 1 Gateway Role 1 Intranet Role AD Exchange Server Transport Role Enterprise Network NoSpamProxy Intranet Role NoSpamProxy Protection Gateway Rolle HTTPS
  14. 14. Topology example 2 AD External SMTP servers Exchange Server Transport Role Enterprise Network NoSpamProxy Gateway Role Server1/2 NoSpamProxy Intranet Role SMTP Web Service Internet facing servers not domain joined Internal server domain joined Redundant Email Servers N Gateway Role 1 Intranet Role
  15. 15. NoSpamProxy® Encryption (aka enQsig) Centralized email signing and encryption at the gateway Supports S/MIME and PGP Centralized certificate store and cert provisioning Qualified signatures applied to electronic invoices (INVOIC-Messages) Password protected emails with PDF Mail De-Mail connector and interface to Deutschland-Online Infrastruktur (DOI) Interfaces to ECM- and other email systems
  16. 16. NoSpamProxy® Large File Large files exchange via secure portal Email client integration (Outlook) Portal provided as SSL/TLS secure web server Access password protected No use of cloud storage
  17. 17. Summary No loss of Information – sender is informed No wasted working hours, no manual ploughing through quarantine Self learning processes Fully customizable set of rules IT Resource saving (bandwidth, storage, maintenance) Full legal compliance Additional modules for email encryption and file exchange - NoSpamProxy Encryption - NoSpamProxy Large File
  18. 18. Questions Email: Web: Blog: Twitter: @Granikos_DE