Published on October 7, 2007
Email Security: Email Security Contents: Contents Email Security Challenges Emerging Threats Explanation and demonstration of email security technologies By Joe Green Summary Email Security: Email Security Email communication is absolutely essential for most companies and individuals. The problem is that it is increasingly used as a method of attack by outsiders and a source of information loss. Spam Viruses Phishing Spyware Email Security Challenges: Email Security Challenges It is a difficult balance of access and control You must maintain essential business communication Customers Vendors Partners Policy and regulatory compliance Managing information leaks Keeping current updates to your security technology Measuring the effectiveness of solutions Planning for the future Emerging Threats: Emerging Threats Increase in spam Volume Sophistication Increase in Phishing Spyware, Keystroke loggers, and Trojans spread by email Targeted attacks See our whitepapers http://www.esoft.com/solutions/white_paper.cfm Joe Green: Joe Green Email Security Demonstration What is Bayesian Filtering?: What is Bayesian Filtering? A 240 year old mathematical algorithm adapted to fight spam Creates a database of words, phrases and email attributes with an associated probability of being in a spam message Each database is unique to the user network How does Bayesian filtering work?: How does Bayesian filtering work? The ThreatWall examines messages that flow through your system that have been marked as spam or ham (not spam) As the database is built, words, phrases and elements are assigned a probability of being associated with spam or associated with ham (not spam) The database can change over time as new messages are examined All incoming messages are compared to the database, words and phrases are matched for at total score Bayesian filter example: Bayesian filter example Joe, I understand you are discounting the esoft VPN client softpak. I never had any of my customers subscribe to it previously, however now, I have a couple of customers that need something like it. What do you recommend as a replacement? Does the Greenbow VPN client work well? Any help would be appreciated as I am finding a growing need for VPN client software. Thanks Larry Larry Waters Bit Byte Data, LLC 503-628-3210 [email protected] www.bitbytedata.com Summary: Summary There is a often a delicate balance between security risks and valid communications. Threats will continue to increase in volume and sophistication. New technology and constant updates are absolutely necessary to combat these threats. Solutions must be easy to install and manage. ThreatWall and InstaGate offer feature-rich, expandable and affordable solutions for your growing security needs. Thank You!: Thank You! Download the presentation using the link on our SpamFilter SoftPak web page: www.esoft.com/products/softpak_spam.cfm Additional Slides Anti-Spam terms Header Example Quarantine Notification Aberdeen Messaging Security Report Offer **NEW** SpamFilter Training Guide Appendix:Anti-Spam Terms: Appendix: Anti-Spam Terms RBL (Realtime Blackhole List) – List of known and suspicious email servers Rule based scoring – Database of typical spam behaviors, keywords and other indicators White/Black lists – Custom lists to allow or deny messages through based on the sender domain or email address Address Verification – Make sure the recipient and sender and valid email accounts Appendix:Anti-Spam Terms: Appendix: Anti-Spam Terms Bayesian Filtering – Advanced statistical analysis of email to determine the probability of spam based on historical evidence SPF (Sender Policy Framework) – Verify email server is legitimate for the domain Historical Averaging – Learns good and bad senders Outlook Plug-in – User tool to train Bayesian Filter good and bad email messages for improved filtering User Quarantine Notification – Email with clickable links so users can manage their own quarantine Automated Quarantine Maintenance – Expire messages from the quarantine automatically for simplified management *go back Sample detailed message headers: Sample detailed message headers From: "Russ Valdez" <[email protected]> To: [email protected] Cc: [email protected] Subject: Your account #4V7744 Mime-Version: 1.0 Content-Type: text/plain; X-Envelope-From: [email protected] X-Spam-Report: Spam detection software, running on the system "ThreatWall", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hello, We tried contacting you awhile ago about your low interest morta(ge rate. You have qualified for the lowest rate in years. [...] Content analysis details: (10.8 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_BY_IP Received by mail server with no name 10 DCC_CHECK Listed in DCC (http://rhyolite.com/anti-spam/dcc/) 0.8 INVALID_MSGID Message-Id is not valid, according to RFC 2822 X-Spam-Status: Yes, hits=10.8 required=5 X-Spam-Level: ++++++++++ X-Spam-Id: 20050107/[email protected]:[email protected]:22.214.171.124 X-Spam-Flag: YES Email notification message: Email notification message Aberdeen Security Report : Aberdeen Security Report As you are likely aware, the Aberdeen Group is a well-respected industry analyst organization that covers the security arena. Their reports are highly sought after by security professionals trying to get a better handle on the latest threat types, as well as network security solutions. For a limited time, eSoft customers and channel partners may obtain their upcoming security report (estimated to be $399 at time of publishing), for spending 15 minutes filling out the Aberdeen survey that will help fuel the report. Please visit the following link, if you are interested! Aberdeen survey..