Secure Your E-mail Systems - Protecting Against Port 25 VulnerabilitiesWritten by CipherTrust
It goes without saying that e-mail plays a critical role in any organization. This relatively new communication technology has, by many accounts, replaced telephone as most useful business tool available. Unfortunately, e-mail has also been a victim of its own success and presents a unique threat to enterprise network as a whole.
Protecting networks from viruses and hackers has traditionally been responsibility of Firewalls, Virus Scanners, and Intrusion Detection Systems (IDS) set up by enterprises as a defense against myriad attacks they come under each day. Virus scanners scan each PC in network, gateway servers are guarded against attempts to gain access by locking down extraneous ports and firewalls prevent unauthorized programs from accessing network. All these measures prevent direct attacks against network on every port except port 25 and port 110 – ports used by SMTP (Simple Mail Transfer Protocol) and POP (Post Office Protocol) to transmit e-mail from one server to another.
Ports are openings in operating system through which applications connect to each other. When a firewall receives an e-mail connection on port 25, it generally assumes that transmission is e-mail and allows it to flow through to e-mail server. The transmission may be a valid e-mail, it could be a virus or a spam, or it could be a job offer for an employee or something much worse. Regardless of true intent of “e-mail”, at this point it is incumbent upon various systems within network to guard against these threats. Unfortunately, experience has taught us that partial success in these areas is norm, not exception.
Stop E-mail Threats at The Gateway
The best place to stop a threat is before it gets inside network. Virus scanners are only as good as their latest update, and are virtually useless against new viruses that have yet to be identified. If a user does not update his virus definition list, then his machine will be infected. A pornographic spam will offend an employee when it slips through spam filter, and job offer from competitor won’t go away once recipient has printed it out on her printer. The best way to prevent these malicious attacks is to stop them before they become a problem – at gateway.
Stopping spam and other malicious e-mail traffic at gateway requires a coordinated effort to solve a whole host of issues. These include, but are certainly not limited to, spam, viruses, corporate policy infringements, directory harvest attacks, denial of service attacks, phishing, spoofing, and snooping. Furthermore, accuracy in identifying spam e-mails is crucial. It is much better to receive occasional spam than accidentally filter out an important e-mail from a customer.
Increase Efficiency with Intelligent Email Traffic ControlWritten by CipherTrust
Work Smarter, Not Harder
CipherTrust’s IronMail has helped some of largest enterprises in world stem flood of spam to their end users, as well as address a host of other e-mail threats. IronMail’s unique Spam Profiler tool provides maximum effectiveness by scrutinizing thousands of characteristics of every message to determine a spam score. But challenges for enterprises today do not stop at identifying and blocking spam. With spam volumes continuing to increase at an incredible rate, new challenge is to more efficiently handle huge volumes of mail, without increasing costs.
The massive growth in spam in recent years is expected to continue exponentially well into future. According to Radicati Group research, average corporate e-mail user sends 34 e-mails and receives 99 e-mails every day, a 53% increase over numbers from just one year ago. E-Marketer expects total volume of e-mail sent in 2004 to exceed two trillion messages, with steady growth rates of 13 to 15 percent annually through 2007. With this sort of massive e-mail volume traveling across Internet and reality that a vast majority is undesired, need for accurate and thorough spam protection has never been greater.
To handle additional traffic, you could add more mail servers, or you could become smarter about how you utilize equipment you already have, and double your return on investment. IronMail’s Connection Control is first and only offering to combine network-based traffic shaping and reputation services to elegantly block e-mail from senders who consistently send spam. Reputation servers and traffic shaping are both emerging technologies in fight against spam, and IronMail is first product to effectively integrate them to fight spam and stop e-mail threats. And, Connection Control even offers an opportunity for a little payback against spammers.
Connection Control takes fight to spammers by forcing them to spend extra time and money to send spam. By removing financial incentive of sending spam, IronMail forces spammers to rethink their approach or halt operations altogether. When dealing with spam assaults on their servers, network administrators can choose whether to take an offensive or defensive approach:
- Tough Defense – In defense mode, Connection Control will simply not accept messages from IP addresses flagged as violators for designated time interval. This vastly reduces number of messages requiring scanning, which lowers cost of spam defense for customer.
- Aggressive Offense – In offense mode, Connection Control turns tables on spammers by accepting a connection, but slowing flow of e-mail to a handful of messages per hour. This forces spammer to expend resources despite message having no chance of success. In this mode, Connection Control makes domains protected by IronMail very unprofitable targets for spammers.