SPAM and Virus attacks are growing at a concerning rate
In a world where most communications are performed online, threats like viruses, Trojans, phishing or spam gain more importance when it comes to securing the transferred information. All these threats have one effect, losses. Be it time, money or data, the total value, given a financial expression, keeps growing. While the damage induced by viruses or phishing is easily comprehended by most, the impact of spam tends to be overlooked. It just takes time and too much space of our Inboxes at a fist glance. However, unsolicited emails are the preferred means of spreading viruses, worms and of enabling phishing attacks.
Spam is spreading fast all over the Internet and it gets harder and harder to avoid it. There are many methods that can be used to protect the users from these types of messages and other potential threats it can be the bearer of. Third party software, anti-virus and anti-spam bundles, authentication and validation to stop phishers, new protocols and server specific modifications and adaptations are all supporting the endeavor to eradicate spam messages. The AXIGEN Mail Server implements almost all of these into one package, enabling the system or network administrator to choose or combine the methods that he/she feels are appropriate to enforce the preferred security policy.
The AXIGEN Mail Server offers different ways to fight spam and viruses. Each of them is presented in a separate section, as follows:
All the security tools and methods the AXIGEN Mail Server has to offer are presented below. These features guarantee secure reception, transit and delivery of emails and protection for your confidential data.
- Anti-Malware and Direct Implementation
- Implementing Antivirus Applications with the Milter Extension
- Implementing Antivirus Applications with the AMAVIS Extension
- Sender Domain and IP Validation (DomainKeys and SPF)
- Message Rules (Outlook-like Rules and Server Side Message Filtering)
- Message Acceptance Policies (SMTP Firewall)
- Containing Internal Virus/Spam/Phishing
- Routing Policies for Smart Delivery and Risk Hedging
Before explaining the best practices to reduce and prevent potential risks, one needs to properly define the threats these measures are directed against:
Spamming is the abuse of electronic messaging systems to send unsolicited, undesired bulk messages. E-mail spam is the most common form of internet spamming. It involves sending unsolicited commercial messages to many recipients. Unlike legitimate commercial e-mail, spam is generally sent without the explicit permission of the recipients, and frequently contains various tricks to bypass e-mail filtering.
Phishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using unsolicited email messages to require sensitive information.
Malware or malicious software is software designed to infiltrate or damage a computer system without the owner's informed consent. Software is considered malware based on the perceived intent of the creator rather than any particular features. It includes computer viruses, worms, Trojan horses, spyware, adware, and other malicious and unwanted software.
The AXIGEN mail server includes even since installation a wide range of tools ready to deploy and use to protect your setup. Gateway products that act as scanning servers are very easy to integrate. The best example in this category is the NOD32 anti-virus scanning engine. Direct integration with open-source tools like SpamAssassin and ClamAV has also been offered by AXIGEN since the very start and are ready to use right after installation, also. Their popularity due to their reduced setup costs and great community support makes them a first choice for many of the industry's specialists. AXIGEN is able to communicate with these tools directly, reducing scanning time and increasing availability for the services provided.
The AXIGEN mail server integrates with the most popular anti-virus/anti-spam third party software through the milter interface. This comes as a separate module, extending AXIGEN's ability to communicate with scanning software. It has great support for network scanning, distributing the work load of the mail server to other machines, increasing productivity and availability. For small load servers, the scanning engine can be set up on the same machine, thus reducing costs.
AntiVirus for Milter products = AntiVirus for Sendmail:
- Kaspersky® Anti-Virus for Linux Mail Server
- avast! for Linux/Unix Servers
- Symantec Brightmail AntiSpam 6.0
- NOD32 for Linux & BSD Mail Servers
- BitDefender Mail Protection
- Avira AntiVir UNIX MailGate
With the milter extension it's easy to deploy multiple scanning engines at the same time, adding to the security of your messages and redundancy in the event that one of the implementations fails.
You can set a specific Filtering System and apply it to Server, Domain or User level. Within a Filtering system you can add and prioritize filters by assigning them different priorities. Based on the filter findings, you can add certain delivery decisions.
The most popular tools that use this deployment method are Symantec, Avast and Nod32. In the future, BitDefender and others will be supported along with the introduction of local connections to support anti-viral applications that do not support network scanning through sockets.
This extension aims to complete and in some cases replace the milter. This extension, being very similar with the milter at its roots, has support for many scanning engines and also supports scanning with multiple engines at the same time.
AMAVIS integration does not have, however, the speed and reliability of the Milter. Network scanning is also possible, although this process can be tedious to set up and is not always reliable. The AMAVIS extension excels only where the milter fails: that is, if your scanning engine does not have support for a milter implementation, there is a high chance that AMAVIS can be used instead.
Antivirus applications that integrate with AMAVIS are:
Due to lack of speed, we do not recommend applying multiple filters on the mail flow. However, this is technically possible as follows: