Content material filtering in KSMG 2.1 – Fin Serve

In relation to spam, we normally consider a bunch of completely irrelevant promoting letters, which antispam engines filter out with no bother in any respect. Nonetheless, that is removed from probably the most disagreeable factor that may fall into your mailbox. Typically spam is used to hold out a DDoS assault on company electronic mail addresses, and the sufferer will get bombarded with fully official emails that don’t increase any suspicion of a typical antispam engine.

Registration confirmations assault

To be able to carry out a mail bomb assault, attackers can exploit the registration mechanisms on the internet assets of completely unrelated corporations. Utilizing automation instruments, they register on hundreds of providers from totally different international locations utilizing the sufferer’s electronic mail tackle. Because of this, an enormous variety of confirmations, hyperlinks to activate your account, and comparable letters find yourself in your mailbox. Furthermore, since they’re despatched by official mail servers with repute, the antispam engine considers them authorized and doesn’t block them.

Examples of registration affirmation emails used for DDoS assaults on company electronic mail addresses

As a goal the attackers normally select an tackle that’s essential for the corporate’s work — one thing that’s used to speak with purchasers or companions; for instance, a mailbox of the gross sales division, technical assist, or a financial institution’s tackle to which functions for mortgage loans are despatched. An assault can final for days, and the plethora of emails  merely overload the sufferer’s mail server and paralyze the work of the attacked division.

To efficiently shield a mailbox from such an assault, a extra refined software is required. As one of many approaches to safety in opposition to mail bombs, we suggest utilizing the personalised content material filtering module constructed into our up to date Kaspersky Safe Mail Gateway Specifically, within the above instance of an assault by means of registration mechanisms, the operator can block letters primarily based on the presence of the phrase “registration” in numerous languages within the Topic area (Registrace | Registracija | Registration | Registrierung | Regisztráció). Because of this, emails will probably be robotically despatched to quarantine with out reaching the inbox and overloading the mail server.

Personalised mail filter settings

In Kaspersky Safe Mail Gateway model 2.1 we’ve added the next choices for filtering incoming and outgoing mail:

  • by letter dimension;
  • by attachment sorts and names;
  • by sender — you may specify a particular sender tackle or an everyday expression;
  • by recipients (together with hidden ones);
  • by the presence of sure textual content within the physique of the letter (key phrases and common expressions might be added to the dictionary);
  • by the presence of textual content within the topic of the letter – by key phrases, utilizing masks and common expressions, indicating particular senders;
  • by X-headers.


Versatile filtering of enterprise mailings

The brand new capabilities of our resolution can be utilized not solely to guard in opposition to electronic mail bombs assaults. They can be utilized, for instance, for versatile configuration of B2B-mailout filtering. Not all workers understand all types of enterprise mailings in the identical method: for some it is sensible to delve into presents to buy digital elements; for others such commercials simply clog up their inboxes, whereas they contemplate numerous invites to take part in conferences or conduct seminars extraordinarily precious.

Subsequently, fully blocking official enterprise mailouts isn’t an choice. However alternatively, it’s additionally not price permitting their uncontrolled supply: somebody will all the time be dissatisfied. Subsequently, Kaspersky Safe Mail Gateway doesn’t categorize such letters as spam, however lets you configure their versatile filtering by senders, recipients, textual content within the topic or physique of the letter, and so forth.

You possibly can be taught extra about Kaspersky Safe Mail Gateway, a part of Kaspersky Safety for Mail Servers resolution on our company web site.

Leave a Comment