In todays security environment, there is never any guarantee that you cannot get hacked. Unless of course to turn the power off to all your computers and lock them in a vault on another planet. OK, I’m getting carried away but the point is that even if you did all that, there will always be someone who can figure out how to undo it and get you anyway. Any security system has to make enough layers of security to make id difficult for hackers to get through them all. A robust email security system is not only important to protect your computer and information from destruction, hacking, and theft, but also to protect your clients and friends if you do get hacked.
We sell and use Proofpoint Essentials for Email Security. Here are some of the features and our default setup. You may have need to adjust some of these but we have these defaults. You may need more or less protection. For example, we could quarantine any email that fails an SPF check rather than flag it. We chose this as a default so that users could see what was happening and take appropriate action with coligs if needed.
- SPF – SPF is a mechanism used to authorize internet servers to send email for a domain. If a domain like domain.com authorizes mail.domain.com to send email and an email from that domain comes from somewhere else, we will flag the email with a “Spoofed sender” tag in the subject. You should be careful about opening this email. If you know where it is coming from, you might want to inform the sender that their email SPF record has a problem and the email administrator needs to get it corrected.
- DMARC – DMARC is similar to the SPF above but is used to verify the reply address rather than the sender address. Same action is performed. We will add DMARC Failed to the subject and again, be careful opening it.
- DKIM – DKIM is a method to lock the contents of an email and ensure it has not been altered. It will also be flagged with a subject message “Warning DKIM failure”.
- Virus and Malware. All viruses and malware will be quarantined and can only be released by an administrator.
- filtering rules. We can create custom filtering rules that can redirect, quarantine, or take other actions base on several parameters.
- Safe Senders. You can have individual or group safe senders that bypass SPAM, SPF, DKIM, and DMARC checks. They will not bypass virus and malware checks.
- Blocked Senders. Blocked senders are quarantined immediately without being checked.
- SPAM – I personally hate leaving the decision about whether an email is spam or not is scarry. Our spam filter has adjustable sensitivity from 1 to 22. Any email flagged as SMAM can be quarantined or flagged.
- Virus and Malware
- Real time exercises. We can send