AXIGEN Efficiently Fights Viruses and Spam

 

 

Page 2 of 2

DomainKeys and SPF

Great efforts have been made to create a safe working environment while using AXIGEN as a mail server. New technologies are also part of the product. Such innovations include Domain Keys message validation and the Sender Policy Framework. These are two of the youngest and most powerful tools against phishing and SPAM attacks. They can be used to secure and further increase the server's ability to hamper unsolicited e-mail propagation. Domain Keys comes as a separate package, while SPF is bundled into the SMTP policies of AXIGEN.

Domain Keys Integration:


SPF (Sender Policy Framework) Integration:

Message Rules

With AXIGEN, every user accessing the WebMail interface can define his/her own rules to deal with SPAM, based on his/her individual needs. Administrators can define rules that apply server-wide to all mail system users, thus extending the automated implementations of SPAM detection with a conscious human decision. This enables further and complete control over what gets delivered and what doesn't, increasing the filtering abilities of the product to the maximum.

Examples
Server side rules:

• Move all messages marked as spam to a certain folder;
• Relay all emails that do not have a valid user on the server to a catch-all account;
• Delete all emails containing a certain word or group of words in the subject line.

User defined rules:

• Move all emails from x@y to a certain folder;
• Delete all emails exceeding a certain size;
• Respond to all incoming emails with out-of-office reply.

Message Acceptance Policies (SMTP Firewall)

This new concept aims to give the system administrators a very low level control over the communications between the many elements involved in the mail sending process. Based on custom defined policies within SMTP modules, it is the perfect addition to security. Acting as an email firewall, the SMTP Firewall is able to decide the fate of an e-mail, based on certain properties, sometimes blocking it all together even before it reaches the server. An experienced system administrator, with this scripting tool at his/her disposal can literally create wonders for their mail server security policy and can optimize the mail flow.

Incoming connections established via SMTP and the message flow can be easily managed using the established policies. Moreover, they allow adding headers, changing addresses and other such actions.

Examples of message acceptance rules:

• allow incoming messages from a specific domain
• deny incoming messages with attachments exceeding 3 MB
• allow authenticated users only
• accept secured connections only
• deny looping emails (when the number of Received headers exceeds 20)

The events are predefined blocks within the script that will be executed at specific moments by the server. For each event, the server calls certain methods which can have a configurable or predefined behavior. The available events at SMTP Incoming level are:

• onConnect
• onEhlo
• onMailFrom
• onRcptTo
• onDataReceived

Containing Internal Virus / Spam / Impersonating Issues

Internal threats are at times as powerful as outside threats. A certain user making a habit of sending spam messages can get an entire domain blacklisted. There are ways for system administrators to change such a situation. But most of the times, preventing them is easier. Thus, being able to control the user accounts the AXIGEN Mail Server manages is a key feature of a company’s policy.

When users fail to comply with internal policies, there are several ways system administrators have to control their email messaging activity. As spam and virus spreading prevention methods, administrators can either limit the number of emails users are allowed to send in a certain time frame, or, for more severe cases, they can completely stop the outgoing mail flow through a simple click: disabling a user’s SMTP Outgoing service. As anti-phishing method, the AXIGEN Mail Servers allows users to send emails only from the email address they have used to authenticate. Therefore, identity theft is successfully prevented.

Routing Policies

Routing policies enable administrators to define the NDR (Non-Delivery Receipt) text and the conditions when such a message is returned. As an example, NDR responses are sent when the specified recipient of an email message is invalid. They also allow system administrator to customize SMTP Outgoing actions for all or part of the relayed email communication. For example, they can

• establish a certain address where all emails from a certain domain are relayed;
• specify a username/password authentication before relaying emails to a certain address;
• requires AXIGEN to use a specific network interface when delivering an outgoing message

For most available mail servers, all emails sent from all the administered domains are sent via the same IP (the Generic IP in the below diagram). Moreover, there is no distinction between the internally used name assigned to a certain machine and the name it advertises outside the local network.


The AXIGEN Mail Server allows system administrators to assign different IP addresses to the domains our solution manages, as shown in the following diagram. If further enables them to assign more business relevant names to local machines, other than the internally used ones. The greatest advantage yielded by this unique feature is that if one of the company IPs is banned, the other domains will still be able to send emails.

Conclusion

Any of these methods can be used to protect you against current threats. AXIGEN provides system administrators with extended control over each step of the mail processing chain, allowing them a greater overall control. All of the above mentioned modules and extensions have been implemented in the product with security, availability and productivity in mind. One can use them in any combination to tailor the optimum setup, or all at once to ensure ultimate protection.

All the tools you will ever need to stop SPAM are here, where are you?