|
|
 |
Attack Protector
|
|
|
Attack Protector
Before a message even enters our filtering systems it must first pass through a
primary layer of defenses. Mailprotector’s inbound managed email security
systems guard against direct and indirect SMTP spam filter based attacks by using
a complex system of compliance checking and behavior monitoring.
Managed Email Security Delivering More
Our external systems act as an application layer firewall that protects your email
server from a variety of threats:
Denial of Service Attack
A denial of service attack is an attempt by an individual to create more
traffic than a system can handle by bombarding it with bogus data. Many times this
type of attack can be a Distributed attack, which means it can come from thousands
of zombie machines.
A direct Denial of Service attack would be considered rare unless your company has
reason to be targeted by malicious individuals with extensive programming resources.
What happens most often is that another type of automated attack or Internet-wide
virus creates a Denial of Service condition on a non-secure email server.
Dictionary Harvest Attack
Also known as a “Directory Harvest Attack”, the DHA is becoming
a much more frequent occurrence. The most important commodity for a spammer is a
valid email address. As users become more cautious about the disclosure of their
email address, valid addresses are becoming harder to come by.
In a typical DHA the spammer will use a “dictionary” of hundreds of
thousands of common names and name combinations to continually query a non-secure
email server. The spammer will not attempt to send a message, but simply ask the
receiving server if it will accept a message for the particular address. The spammer
then waits to see if an error message is returned. If one is not, then the spammer
now has a valid email address that can be used and sold to other spammers.
Many times the mere quantity of requests from a DHA attack can create a Denial of
Service condition on the target mail server.
Because Mailprotector uses the Valid Address List we can uniquely protect your systems
from this type of attack. Other providers try to use real-time address verification
against your systems. Unfortunately, this just passes the entire attack to your
email server.
Email Server Vulnerabilities
As with any application directly exposed to the Internet, the open SMTP
port (25) is a security vulnerability. Most IT administrators are familiar with
the many worms and trojans that infect systems through firewalls on port 80. What
many dont realize, however, is that the email server is just as vulnerable. It doesnt
take much research to find the number of patches and upgrades constantly issued
to fix email server security holes. The problem is that most administrators tend
not to update these email systems quite as often.
Since all of your email will be coming from Mailprotectors network blocks, you can
close your email server to all inbound SMTP traffic except for our networks and
enjoy a much greater level of protection than with other solutions.
After initial defensive systems have been cleared, the Attack Protector phase is
complete. A message is then handed off to our vulnerability detection processes.
|
 Next:
Vulnerability Protector |
|
|
Related Links
 
|
|
|
Documentation
|
|
|
|