With regards to spam, we normally consider a bunch of completely irrelevant promoting letters, which antispam engines filter out with no hassle in any respect. Nevertheless, that is removed from essentially the most disagreeable factor that may fall into your mailbox. Generally spam is used to hold out a DDoS assault on company electronic mail addresses, and the sufferer will get bombarded with fully respectable emails that don’t elevate any suspicion of a regular antispam engine.
Registration confirmations assault
So as to carry out a mail bomb assault, attackers can exploit the registration mechanisms on the net sources of completely unrelated firms. Utilizing automation instruments, they register on 1000’s of companies from completely different international locations utilizing the sufferer’s electronic mail handle. Because of this, an enormous variety of confirmations, hyperlinks to activate your account, and comparable letters find yourself in your mailbox. Furthermore, since they’re despatched by respectable mail servers with a superb fame, the antispam engine considers them authorized and doesn’t block them.
Examples of registration affirmation emails used for DDoS assaults on company electronic mail addresses
As a goal the attackers normally select an handle that’s essential for the corporate’s work — one thing that’s used to speak with purchasers or companions; for instance, a mailbox of the gross sales division, technical help, or a financial institution’s handle to which purposes for mortgage loans are despatched. An assault can final for days, and the plethora of emails merely overload the sufferer’s mail server and paralyze the work of the attacked division.
To efficiently shield a mailbox from such an assault, a extra subtle instrument is required. As one of many approaches to safety towards mail bombs, we suggest utilizing the customized content material filtering module constructed into our up to date Kaspersky Safe Mail Gateway Specifically, within the above instance of an assault by way of registration mechanisms, the operator can block letters primarily based on the presence of the phrase “registration” in varied languages within the Topic subject (Registrace | Registracija | Registration | Registrierung | Regisztráció). Because of this, emails shall be mechanically despatched to quarantine with out reaching the inbox and overloading the mail server.
Customized mail filter settings
In Kaspersky Safe Mail Gateway model 2.1 we’ve added the next choices for filtering incoming and outgoing mail:
- by letter measurement;
- by attachment varieties and names;
- by sender — you’ll be able to specify a particular sender handle or a daily expression;
- by recipients (together with hidden ones);
- by the presence of sure textual content within the physique of the letter (key phrases and common expressions will be added to the dictionary);
- by the presence of textual content within the topic of the letter – by key phrases, utilizing masks and common expressions, indicating particular senders;
- by X-headers.
Versatile filtering of enterprise mailings
The brand new capabilities of our answer can be utilized not solely to guard towards electronic mail bombs assaults. They can be utilized, for instance, for versatile configuration of B2B-mailout filtering. Not all staff understand every kind of enterprise mailings in the identical method: for some it is sensible to delve into presents to buy digital elements; for others such commercials simply clog up their inboxes, whereas they think about varied invites to take part in conferences or conduct seminars extraordinarily invaluable.
Subsequently, fully blocking respectable enterprise mailouts isn’t an choice. However then again, it’s additionally not value permitting their uncontrolled supply: somebody will at all times be dissatisfied. Subsequently, Kaspersky Safe Mail Gateway doesn’t categorize such letters as spam, however permits you to configure their versatile filtering by senders, recipients, textual content within the topic or physique of the letter, and so forth.
You’ll be able to study extra about Kaspersky Safe Mail Gateway, a part of Kaspersky Safety for Mail Servers answer on our company web site.
