|
Many companies offer solutions for filtering spam emails, which makes it very difficult to decide which product
to invest in. Every solution claims that it will block over 98% of all junk email within your company.
The best way to find out about the effectiveness of a software is to download it and give it try. There
are certain features you should look for in any anti-spam product in order to make an informed decision
This white paper discusses some important features in ITA Secure Messaging and explains why
they are important for the security of your company's network.
Trick Detection
Aside from making money, a spammer's ultimate obsession is evading anti-spam filters. First generation of spam
messages were sent in plain text and therefore, simple static filters were enough to separate them from good emails.
Spammers have now become smarter and can very easily evade static filters. Therefore, it is very important that a spam
filtering solution stay one step ahead of all of the tricks used by spammers.
|
When someone asks us what is ITA Secure Messaging's strongest point our answer, without any hesitation, is Trick Detection.
|
ITA Secure Messaging's Rules Engine provides a way to include custom filters, which are plugins that provide
enhanced functionality that would normally be very difficult to achieve via normal content filtering.
Out of the box ITA Secure Messaging provides many plugins that are specifically designed to look for tricks.
Click here to learn more about tricks and how ITA Secure Messaging detects them.
Reporting
Blocking spam is just one half of the battle in winning the war against spam; the other half is reporting
that provides detailed statistics of an anti-spam solution's
effectiveness and proactive ability of blocking spam at your site.
Multiple canned reports are available in ITA Secure Messaging, including filtering data based on sender or recipient.
For example, administrators can use these features to see which employees in their organization are receiving
the most spam. Also, one can easily track the source of spam messages based on
its IP address with a WHOIS query and the origin country. Below is a list of sample reports
available within ITA Secure Messaging.
- Hourly, Daily, Monthly and Yearly reports showing email statistics
- Top spammers and their origin via a WHOIS lookup
- Top email recipients in your company
- Score distribution
- Rule effectiveness
Click here to see some sample reports.
Remote Adminstration
ITA Secure Messaging web based user interface allows administrators to modify rules, run reports,
view and restore message from a remote machine using any web browser. Administrator also have
the ability to create accounts for individual users within the company so they can view their
quarantined message and restore them if necessary right from their desktop.
More than spam filtering
ITA Secure Messaging does much more than solve your company's spam problem.
Besides solving your company's spam problem, ITA Secure Messaging can also be utilized to monitor the health of your
email server.
Security these days is of great concern to many companies. An SMTP server is extremely vulnerable to outside
attacks because:
- the port for SMTP traffic is normally not blocked by a firewall.
- it is relatively easier to guess a user id and password of a valid user. In many cases the user id is the
first part of your email address, which is publicly available.
- Besides user credentials, attackers are always looking for open relay and open proxy servers.
These attacks are normally not detected unless a proactive approach is used to determine who
is trying to connect to your email. Therefore, an intrusion detection system is an essential tool in maintaining
the security of your network.
SMTP Proxy
ITA Secure Messaging intercepts emails before your server actually gets a chance to process them. There are two ways to
accomplish this task. The picture below explains the two concepts.
ITA Secure Messaging uses the a Proxy architecture. Earlier versions of ITA Secure Messaging were designed using a staging server.
This design was later changed to a proxy architecture because of its added benefits.
Benefits of using a proxy server over a staging server
- A proxy server can intercept in-bound as well as out-bound messages. Although a staging server
can also filter out-bound messages, it will have to replicate the access control list (ACL) that exists
on the actual server in order to avoid being an open relay, which may not be practical. Therefore, most
staging servers do NOT allow out-bound emails.
- Fewer configuration changes are required on a proxy server. A staging server needs to know what domain names it should accept
messages for. Therefore, the administrator will have to specify all registered domains. If any change occurs on the
actual server, a similar change must be made on the staging server. Some staging servers also require a list of valid users
to exist on your server. These configurations are not needed in a proxy server environment.
- Emails are delivered as they come in. On the other hand, a staging server will put messages in its outbound queue
and then deliver it to the actual server.
Out-bound email filtering
It is important to filter out-bound emails along with in-bound messages. Several viruses and email worms are written
to generate extensive email traffic by sending messages to every recipient in the address book. By filtering
out-bound messages administrators can very quickly find out if any machine within their network has been infected with
such a virus. ITA Secure Messaging provides a convenient way of bypassing out-bound emails from getting filtered.
Even in the scenario where out-bound emails are excluded from filtering, any extensive network activity is
reported to the administrator.
Extensibility
ITA Secure Messaging is an extensible solution - meaning you can write your own rules and logic to steer an email
to its final destination. Let's take a scenario where a company gets support emails from their client. By writing
a very small program, which connects to ITA Secure Messaging as a plugin, you can:
- Send confirmation messages to your client notifying them that their email has been received.
- Forward email to an appropriate technical personal.
- Add the email and its answer to your company's knowledge base.
In short, with ITA Secure Messaging plugins the possibility of extending its functionality is endless.
Auto-Update
Analysts at ITA Secure Messaging are always looking for new techniques/tricks used by spammers and
update the global rules set at out main rules database. These rules are then pulled by
ITA Secure Messaging servers running at customer sites ensuring that
these sites have the most current anti-spam rules.
Summary
In short, before purchasing an anti-spam solution find out why one product is better than the other
and what are the value added features provided in each product besides an effective spam blocking mechanism.
| 
