Better Email

Better Spam Detection

2007-07-09T12:47:00.000-07:00

Since spam isn't going away anytime soon, what is an email service provider to do? Image spam that gets through clogs mail servers with useless and dangerous emails, and then there still those spam-bots that seem to function like manure spreaders, just tossing more and more email out hoping to sprout one seed in a million.

So what is Message Partners doing about it. First, we've instituted Spam Traps. Populate your site or email posts with easily harvested addresses and configure our spam traps to block senders to these addresses. Since our spam traps use regular expression matching you can block whole classes of addresses, such as addresses that begin with numbers, or others that are popular in dictionary attacks. You should examine some of your maillogs to find addresses that are used in dictionary attacks or repetitive spam attacks. This alone will increase spam detection by a few percentage points.

Read more about Message Partners, and MPP improvements, right here.

Spam Must Be Stopped

2007-07-05T08:13:00.000-07:00

I found the recent news from Message Labs highly disturbing that detailed the growing use of social engineering spam attacks, as in cyber-thieves learning as much about their spam targets as possible, even sending fake messages to the wives of CEO's, trying to find any weak spot in a companies security so as to gain access and do damage.

And with MPP 3.4, we have vastly improved on an already excellent email protection platform. Below is one way Message Partners' can help stop spam, phishing, and virus attacks:

You can now use MPP within Procmail scripts, so say you have on local delivery a Procmail script that says ‘scan all messages,’ this gives you access to all our scanning modules such as Cloudmark or Commtouch. So say you have Procmail script send us the messages, we scan it, send the result back to Promail, then Procmail takes the appropriate action.

This would save a lot of time for the customer because if they want to use Cloudmark in a Procmail script they would have to license the Cloudmark engine, do the development work, and that can very time consuming from a business perspective and a technical perspective.

To hear the all of our podcasts, or to read more about MPP, simply click here.

Simple but Powerful API Interface

2007-07-03T14:20:00.000-07:00

With our newest release at Message Partners, MPP 3.4, we have designed an easy-to-use but powerful way to give service providers an API Interface. Here is how it works:

With MPP, You set all of the actions, including “on clean,” “on infection,” “on spam messages,” “on content violations,” every action to reject, then any script can send MPP a message via LMTP or SMTP and MPP will scan the message and then return the template response that you created from your rejection templates. Then the script will parse the response and do whatever it is instructed to do with the message.

The API interface is very simple to implement but very powerful. This gives any script access to all of the MPP scanning modules, as well as the MPP policy engine, which can make differentiated scanning decisions based on domain or email address, etc.

To hear the full podcast, simply click right here.

Better Archival For Better Email

2007-06-29T14:28:00.000-07:00

As email has evolved into an irreplaceable business tool, email retrieval has become just as necessary as safe and secure email. And then there's compliance, where saving and storing email in most industries is now the law. With the release of MPP 3.4, we have greatly advanced the save and retrieval capabilities of an email platform, an email platform that also protects and secures your email.

Here's more on our improvements: We’ve simplified our database scheme now and we’ve added some fields to make certain repetitive queries like when a domain administrator logs in, for instance, or searching all messages by specific date ranges. We’ve optimized our indexes and redesigned our databases so we do not need ‘joins’ to do these things and that makes the database scale much better, reduces the number of tables, and reduces the complexity of the SQL functionality.

To hear the full podcast, just click right here.

Spam Will Only Getting Worse

2007-06-27T09:01:00.000-07:00

Not long ago I came across an article at eWeek that points out one of the main problems with trying to stop spam and stop botnets: many of the big service providers, like Verizon, simply do not and will not try to stop botnets operating on their network.

This comes from a recent study by Trend Micro when, measuring spam, found that Verizon sent almost twice the volume of spam as the next biggest spammer.

Obviously, Verizon has to be aware of the abuse on their network, but the fact is that their business plan is not designed to stop it. It's simply much cheaper to allow the spamming continue then start cutting off customers which requires a large investment in customer-service and the inherent risks of occasionally offending a customer.

Also, Verizon's bandwidth is all symmetric pipes, and bandwidth at an ISP is overwhelmingly downstream. That means they have plenty of upstream bandwidth to spare.

So expect spamming, and botnets, to keep growing. That's why at Message Partners we have developed the most intelligent and integrated email platform available anywhere to protect your email. Check us out right here.

Scalability and Your Email System

2007-06-20T12:33:00.000-07:00

Just want to post a quick blog about scalability and your email platform. Scalability is not just about how many messages per second. It’s really more of a global view of the entire architecture. Not only is it about how many messages can you process in a second but, also, how does the quarantine structure scale, how does the archival system scale, how do the database structures scale, how does the threading model scale, how do you respond to bursts of traffic because email is a very bursty type of traffic.

With the release of MPP 3.4, we have addressed all of those issues. To hear a podcast about our this, you can just click right here.

Companies Must Get Proactive About Security

2007-06-19T12:31:00.000-07:00

There appears to be a sea-change happening in corporate security as, with all the electronic ink being spilled over corporate security attacks, the companies are starting to take notice. In fact, it has been reported that security is fast becoming a critical part of a companies IT budget.

While in the majority, most companies are probably still trying to just hope for the best in terms of security, as I've heard quoted somewhere, Hope is not a plan. But a recent vulnerability discussion at Gartner clearly showed there is a big shift in the works.

Experts say the current rule of thumb is companies should allocate 5 percent of their development budget to testing. Other estimates go as high as 25 percent (which includes quality assurance). And while 25 percent may seem quite high (it sure seems steep to me), the fact that the very survival of TJX is now under question because of a data breach brings that into sharp focus.

And while computer threats are constantly shifting and changing, email continues to be one of the central soft spots for both extracting vital information and for mounting an attack. And we have just launched with our newest realease, MPP 3.4, that is one of our most significant leaps forward to date, adding significant functionality, speed, heightened security, and ease of use. Check us out right here.

Kill Spam Dead

2007-06-18T15:40:00.000-07:00

Just posted the newest podcast about Message Partners newest release, MPP 3.4, where our focus was to improve functionality and scalability.

We are the security platform for Service Providers and other large email providers, and 3.4 only makes us better. With MPP, you can fully customize each customers spam white and black lists, spam settings, you name it. MPP also comes with a complete compliance solution, so listen to the podcast, or simply visit our main page.

Improved Email Defenses

2007-06-14T06:06:00.001-07:00

While it's nearly a universally known fact that 9 out of every 10 emails is spam, this could lead one to conclude that such a statistic means that spam filters are actually improving, making the spammers work harder.

This in fact was confirmed by a recent quote from a security expert:

A lot of the technology that we've seen up till now has been designed to pick out the bad mails. That made sense when spam was 15% of all mail, but now that it's 85%, it doesn't make a lot of sense to be picking out nine out of 10 mails. Now, we can authenticate good messages and pull them out of the mail stream and move them to higher ground. Things like reputation systems and DKIM give us a record of good senders so we know who sends good mail and who doesn't. Some of the ISPs have been doing outbound authentication for a while and it's working. Some of the bigger legitimate companies that are using DKIM or Sender ID are saying, if you get anything from me that fails Sender ID, please drop it. They'd rather have messages with broken signatures dropped than have them hurt their reputations.

Well said, and that's exactly what my company, Message Partners, is doing, and as we are one of the main email platform suppliers for ISPs, this is good news.

And as spam costs close to nothing per millions of message sent, I imagine that means spammers will just have to keep increasing their volume. Who knows, if botnets keep growing at their current pace, spam might reach 99 out of every 100 messages sent. That's why we built such versatility and speed into MPP, so check us out right here.

Corporate Networks Harboring Spam Bots

2007-06-04T14:04:00.001-07:00

A recent study found that 42% of all computers infected with botnets are on corporate computers. So the spam you get in your inbox may actually be coming from inside your own company, although that's not what they mean when they warn of insider attacks.

That's a pretty big number, but what it doesn't tell you is the length of time the botnet might have been on the corporate LAN. But the simple fact is, getting a botnet onto a corporate system would be golden for a botnet operator, as it would allow them to faster and larger spam attacks where the spam would be originating from a known corporate signature.

That's all the more reason companies who depend on email need to invest in the top rated MPP, from Message Partners, which you can read more about right here.

Spam Still Very Dangerous

2007-06-01T07:44:00.000-07:00

I found a recent warning by Sophos about recent spammings that, while they might seem not to be a threat, they can actually take control of a user's computer if the user clicks on the enclosed link and goes to the website.

This seems on par with the recent news that it was only high-level executives that were caught up in a recent Better Business Bureau spamming scam. This is the new type of spam attack where, instead of trying to spam everybody, they carefully chose their targets, thereby staying under the radar and avoiding press coverage.

So the fact is, spamming continues to get more sophisticated, and many of the old engines simply aren't sufficient to detect and remove these newer threats. And that is exactly why Message Partners developed MPP, which makes companies independent of spam scanners (which, once a company goes with one antispam engine, it is very difficult to remove, and often requires a complete restart).

MPP also enables companies to run more than one spam scanner, as well as utilize both commercial and open source scanning options, which often is necessary for large email systems. MPP even let's you set different thresholds for different departments, as Sales often needs a totally different setting than Legal. Check Message Partners out right here.

Layered Email Defense

2007-05-30T08:10:00.000-07:00

Found an article posted on eWeek awhile ago most illuminating, as it had to do with layering your defenses. While this had to do with total computer security, which means firewall, perimeter, data protection, and other such stuff, you could very well say the exact same thing about email defenses.

As email is one of the central attack vectors of a company, whether in the form virus or spam attacks, the whole reason we developed MPP is so you could layer your email security. That gives a large email service provider both choices and redundancy, so if one scanner fails, another is right behind with a better trap.

You can give us a look right here.

Criminalization of Spam

2007-05-23T13:18:00.000-07:00

In what is another disturbing example of the complete criminalization of spam, Microsoft has been forced into reconsidering their their all-too predictable Patch Tuesday schedule.

The vulnerability was speeding it's way through the back-alleys of the internet, and apparently the Zero-Day Emergency Response Team (ZERT) was picking up a number of spam messages that, if opened, would expose any Windows machine to the vulnerability, which basically allows the attacker complete control over the computer.

All the more reason that service providers and large email providers absolutely must minimize any and all spam messages reaching users in-boxes. How do they do that? Very simply, with a powerful engine that enables users to plug in as many spam and virus filters as needed, either commercial or open source. Check us out at Message Partners.

Death Threat Spam

2007-05-16T13:58:00.000-07:00

As we should have figured, Spam has upped the ante once again, and the new version of spam attempting to spread malware far and wide now carries in it's subject matter an actual death threat.

This threat, which is known as the 419 death threat, is the newest form of social engineering, in that it tries to break through the spam-clutter by praying on people's fears to, in this case, make contact with an email address, which will then lead to all sorts of things, none of them good.

An example of the text in the message follows:

"Hello, I wish to let you know that i have been paid by a client to assasinate you at convenience,and i have signed a contract of $650,000 yesterday for this. I have never met you before, but they gave me the full description of your identity and contact, together with your photograph which my boys have used to trace you. The reason why they want you Dead is not disclosed to me as i was not allowed to know,but you are now not better that the dead ok."

Clearly, cybercriminals will go to any lengths to earn themselves a quick buck, but the only thing that should actually die is spam, and as I said yesterday, Message Partners tested the highest in spam detection accuracy, so isn't it about time you silenced spam completely?

System Administrator Day

2007-05-14T12:48:00.000-07:00

Many people don't realize that, the Monday after Mother's Day, in the computer world, it is System Administrator day. And instead of flowers or chocolates there is a much better gift to give them: we currently call it Postfixer.

Postfixer is perfect for any Sys Admin who is trying to juggle many different open source email tools into one functioning email system. While open source has many fantastic tools, with Postfix being one of the best, trying to get all the different applications to work together can require countless hours applying patches or writing quick-fix scripts.

And because it is Sys Admin day, we are offering Postfixer for a low price of $199 dollars. So for the price of just one new email add-on (in terms of Sys Administrator hours), you can buy the program that does it all for you. Read more right here.

Polymorphic Threats

2007-05-10T15:02:00.000-07:00

I have been reading up on recent reports about Polymorphic Threats, and how they are being used to help botnets continue their dominance. Polymorphic malware is malicious code that constantly changes itself to make it undetectable to both signature and behavioral based filters.

While these threats have been around since the 80's, and there were a series of outbreaks in the early 2000s, only lately have they entered the news again. One recent example is the "Storm Worm," of which the company, Commtouch, detected tens of thousands of variants, which is characteristic of polymorphic threats.

This means that the many of the old methods of scanning for malware simply don't work anymore, as they cannot pick up variants. Today, besides standard malware searches, a company's defense must also have something that scans for variants.

Message Partners has exactly such a system, and we have found great success using Commtouch partnered with other, more general AV and AS scanners that, while they might not look as closely, can operate much faster and weed out a majority of the easy-to-find bad stuff. Layered defenses are now a necessity. Read more about us at Message Partners.

The Botnet Threat

2007-05-09T06:35:00.000-07:00

Was recently reading an article on the biggest security concerns for system administrators, and once again, the botnet threat was in the top five. What's so scary about botnets is the fact that, as the recent publicized attack didn't seem to have any motive, experts are suggesting it was just a trial run, and that something much bigger is yet to come.

I don't see a better reason why email service providers, especially large service providers, need a high-performing email platform, and there is simply not one better than the one at Message Partners.