 |
Kerio Server-Side Anti Spam Features
Directory Harvest Attack protection
Directory Harvest Attacks abuse the design of the SMTP protocol.
When one mail server attempts to deliver a message to another
mail server, it first inquires whether the recipient address
exists on the target mail server. If it exists, the target mail
server sends a confirmation; if not, the server responds with
negative answer. Spammers take advantage of this communication
by submitting multiple requests with different combinations of
first and last names. By harvesting valid responses, spammers
get very precise list of valid email addresses suitable for
future spamming.
To fight directory harvest attacks, Kerio MailServer tracks the
number of failed recipients during a conversation with the
sending mail server. If a predefined threshold is met, the
offending mail server will be blocked for a period of one hour.
Spam Repellent
Spam Repellent helps fight off spam zombies and viruses by
delaying replies during the SMTP handshake.
Since spam mailers and viruses are very impatient when it comes
to SMTP communication, they don't wait if the replies from a
target mail server are not timely, and simply move on to try
another target. By injecting an artificial time delay of a
couple of seconds into the SMTP handshake, Kerio MailServer may
filter up to 60-70 percent of spam and viruses without ever
receiving the messages for analysis.
Spam Assassin
Spam Assassin is a powerful anti-spam engine integrated into
Kerio MailServer that identifies junk email. Combining several
technologies, Spam Assassin ensures that bulk spam email is
properly captured and legitimate email is reliably delivered.
Heuristic engine
Using the heuristic engine in Spam Assassin, each email message
is analyzed against multiple anti-spam rules and gives it a
numerical rating based on which rules were matched. If the
message rating exceeds the spam threshold, the message is marked
as spam and then filtered according to the user's wishes.
Bayesian filter
To further increase the success rate and tailor the spam filter
to the individual needs of every company, Kerio MailServer
allows Outlook and WebMail users to easily train the Bayesian
filter in Spam Assassin for every email message that is
miscategorized. The Bayesian filter can also be trained by
dragging and dropping email in or out of Kerio's Junk E-mail
folder in Apple Mail or any other IMAP email client. Spam
Assassin then compares incoming messages to spam messages
reported by other users, and sees how similar they are to those
reported messages.
Underlying technology
Spam Assassin is an anti-spam technology from the open-source
Apache Spam Assassin Project.(www.spamassassin.org).
Dual filtering policies
Dual filtering policies give administrators the ability to tag
messages with low spam score as spam and forward them to user's
Junk Email Folders, whereas messages with really high spam score
can be automatically discarded without ever reaching user's
mailbox. Discarding emails with high spam scoring can help save
hard drive space and reduce the amount of emails that endusers
need to audit.
SURBL blocking
Similar to RBLs, SURBL (Spam URI Realtime Block Lists) will
block messages that contains URIs (usually Web sites) in the
message body that links to known spam hosts.
Real time blacklist support
Checks sender's IP address for each incoming SMTP connection. If
the IP address is in the database of open-relay servers
identified as spammers, the incoming email is refused.
SPF verification
Just like Caller ID, SPF (Sender Policy Framework), an emerging
standard for domain authentication, helps counter forged "From"
addresses in email. Using SPF in Kerio MailServer provides
better guarantee that the email came from the domain that it
asserts it came from.
SPF requires the owner of an Internet domain to modify DNS
records and specify which servers are authorized to transmit
e-mail for that domain.
Microsoft Caller ID verification
Using Microsoft Caller ID anti-spam technology, Kerio MailServer
checks whether an incoming email is actually being sent by the
authorized mail server for that domain (hence the name, Caller
ID). Kerio MailServer will decline all email messages with
forged "From" addresses.
As a side effect, publishing own Caller ID also helps companies
protect their reputation by eliminating the possibility of
having their domain name hijacked for spam purposes.
To try Caller ID, just visit
www.kerio.com/callerid and enter a mail domain in the search
field.
Sender's domain verification
Rejects emails when sender's email address is using an invalid
or fake domain name.
Custom filtering by address, subject, content or size
Can reject emails from notorious spammers not known to public
blacklists. Allows for the creation of a custom blacklist. An
efficient measure to fight against empty "From" fields in spam
emails.
SMTP authorization by user name and password
Requires users to authenticate before sending email through SMTP.
SMTP authorization by IP address
Limits SMTP relay access to specified range of IP addresses.
Relay access is usually allowed for users within local area
networks (LAN).
"Sent email per hour" quota
Limits number of emails that one user (IP address) can send
within a specific time period. Significantly reduces the risk of
mail server abuse if spammer has accidentally acquired trusted
user access rights.
"Concurrent connection" limit
Limits number of concurrent SMTP connections made from one IP
address (one user). Protects mail server resources by limiting
mail load. Prevents the use of specially designed spam programs
that create multiple connections to increase the number of
emails being sent to SMTP server.
|
| |
| |
|
 |
Kerio Overview
For small to medium businesses, schools,
government and non-profits that need Exchange features, Kerio
MailServer offers an easy to use, cost effective Microsoft Exchange
alternative.
Kerio WebMail
Since Kerio WebMail offers most of the groupware
features of "fat" email clients, it makes it a great alternative to
Microsoft Outlook.
Kerio Archiving and Backup
Helping organizations achieve email archiving compliance
and protection against liabilities, Kerio MailServer archives all
incoming and outgoing messages as they are delivered.
Kerio Mobile
Kerio MailServer provides push email and wireless
groupware data synchronization for the most popular smartphones and
smartphone operating systems, including Windows Mobile, Symbian,
Palm, BlackBerry and Apple iPhone.
Kerio Antivirus Protection
With two different anti-virus engines running
simultaneously, Kerio MailServer provides double the protection
against viruses.
Kerio Antispam
A combination of content-based Spam Assassin and
sender-based anti-spam tools in Kerio MailServer significantly
reduces the amount of unwanted email, helping to limit the legal
hassles and security risks associated with spam.
|
|
15-May-2008,
Innovative Technology Solutions announces Hosted Kerio MailServer Groupware Suite.
