Email Security

One of the keys to preventing virus outbreaks within an organization is having the latest virus signatures and detection rules in place.  Since spam is one of the primary means of spreading malware, this is especially true for email scanners and spam filters.

According to a FBI Crime and Security Survey, 65 percent of companies had been affected by virus attacks during the previous year.  This is in spite of the fact that 97 percent of the surveyed companies were using industry-leading virus protection, and following “best practices” like enabling automatic updates.  This information highlights the need for overlapping protection.  Maintainers of antivirus software respond to new threats at differing rates, and while some are more responsive than others, none are always first or always best at deploying updates.

Utilizing spam filters or other email security solutions which incorporate two or more virus engines increases a company’s chance of early protection when new threats are introduced.  It also eliminates the situation where single point of failure might arise, such as when one antivirus vendor’s update network has been compromised or is off-line.  Adding complimentary technologies like heuristic analysis and reputation filtering offers the most comprehensive protection.

Running multiple antivirus products on corporate desktops is probably not feasible because of the competition for computing resources and incompatibilities during real-time protection.  However, running multiple engines sequentially to scan incoming email at the server level can significantly reduce early exposure to malware while maintaining reasonable throughput.

Be the first to comment

Importance of PTR Records for Reliable Mail Delivery

by Christopher on September 25, 2011

Outgoing email rejections are becoming increasingly common, and while this is good news in the fight against spam, it can hurt your business if your emails are not reaching their intended targets. One reason for the increase in rejections is that growing numbers of incoming mail servers are rejecting emails from outgoing servers without a valid PTR record.

A PTR record, or pointer record, enables someone to perform a reverse DNS lookup. This allows them to determine your domain name based on your IP address. Because generic domain names without a PTR are often associated with spammers, incoming mail servers identify email from hosts without PTR records as spam. If you do not have a PTR, these same servers may identify legitimate emails from your business as spam and block them from reaching your customers.

Why Are PTR Records Important?

There is no requirement that you have a valid PTR record, but you may be unable to successfully send email to certain sites if you do not.

PTR records are most commonly used by spam filters to determine the suspiciousness of an email. Because spammers are more likely to use fake domain names and dial-up IP addresses, they are considerably less likely than legitimate organizations to have a valid PTR record. If a spam filter determines that your PTR record is generic or invalid, it is more likely to classify your email as junk mail. Blocked emails can result in lost business, damaged relationships with clients, and wasted time.

Unless you are certain that you have a valid PTR, do not assume your business is not at risk simply because you’ve received few complaints about missing emails; you may still have a problem. Because many organizations do not have matching PTR records, including those that use dynamic IP addresses, many spam filters use this criteria as part of a weighted algorithm in an attempt to reduce false-positives. Therefore, some or most of your emails may be getting through, leading you to erroneously believe your company is not being negatively affected. Unfortunately, it may take only one blocked email to seriously harm your organization.

In some cases, your email will be summarily rejected if you do not have a valid PTR record. AOL, for example, rejects email messages without valid PTRs. To avoid triggering spam filters, your PTR record should match with the host name on port 25 when the receiving server returns a verification check.

Contact your ISP to verify you have a valid PTR record or to request they create a PTR for your mail server IP address. PTR records are not created when you register your domain name; it is the responsibility of your ISP to create them. If your business uses a dynamic address and you cannot obtain a PTR, you can work around the problem by sending your outgoing mail through a server that does have a valid PTR record.

Ideally, you should stick to one PTR unless your business has a specific need for more than one. While DNS does not restrict the number of PTR records associated with each reverse DNS entry, having multiple records for a single IP address is generally a bad idea.

Be the first to comment

Just How Pervasive is Botnet Spam?

May 12, 2011

If you’re aware of key concerns in the fields of anti-spam technology and managed email security, you’ve heard about the threat of your computer being recruited into a botnet via email spam. Malware can be uploaded onto your computer with just one wrong click in a spam message. Some of it secretly hijacks your email […]

Read the full article →

Securing Email and Other Online Accounts: Avoiding Common Password Mistakes

April 24, 2011

As more people open more online accounts, the opportunities to hack into them multiply and the potential benefits become more substantial. On the other end, this means Internet users have an ever-growing need for a larger collection of strong, secure passwords. Unfortunately, the majority of people opt for the convenience of easily remembered passwords when […]

Read the full article →

Email security is more important than ever

November 20, 2010

Spam email has evolved far past the point of being merely a nuisance aiming to sell a product or service. The International Computer Security Association points to spam email messages year after year as the most prolific spreader of viruses. In fact, today’s spam, regardless how innocuous it may appear, can serve as a delivery […]

Read the full article →