Rock Solid Email Server Attack Protection
Before a message even enters our filtering systems it must first pass through a primary layer of defenses. Mailprotector's inbound managed email security systems guard against direct and indirect SMTP spam filter based attacks by using a complex system of compliance checking and behavior monitoring.
Our external systems act as an application layer firewall that protects your email server various threats, including:
Denial of Service Attack (DoS)
A denial of service attack is an attempt by an individual to create more traffic than a system can handle by bombarding it with bogus data. Many times this type of attack can be a Distributed attack, which means it can come from thousands of zombie machines.
A direct Denial of Service attack would be considered rare unless your company has reason to be targeted by malicious individuals with extensive programming resources. What happens most often is that another type of automated attack or Internet-wide virus creates a Denial of Service condition on a non-secure email server.
Dictionary Harvest Attack (DHA)
Also known as a "Directory Harvest Attack", the DHA is becoming a much more frequent occurrence. The most important commodity for a spammer is a valid email address. As users become more cautious about the disclosure of their email address, valid addresses are becoming harder to come by.
In a typical DHA the spammer will use a "dictionary" of hundreds of thousands of common names and name combinations to continually query a non-secure email server. The spammer will not attempt to send a message, but simply ask the receiving server if it will accept a message for the particular address. The spammer then waits to see if an error message is returned. If one is not, then the spammer now has a valid email address that can be used and sold to other spammers.
Many times the mere quantity of requests from a DHA attack can create a Denial of Service condition on the target mail server.
Because Mailprotector uses the Valid Address List we can uniquely protect your systems from this type of attack. Other providers try to use real-time address verification against your systems. Unfortunately, this just passes the entire attack to your email server.
Email Server Vulnerabilities
As with any application directly exposed to the Internet, the open SMTP port (25) is a security vulnerability. Most IT administrators are familiar with the many worms and trojans that infect systems through firewalls on port 80. What many dont realize, however, is that the email server is just as vulnerable. It doesnt take much research to find the number of patches and upgrades constantly issued to fix email server security holes. The problem is that most administrators tend not to update these email systems quite as often.
Since all of your email will be coming from Mailprotectors network blocks, you can close your email server to all inbound SMTP traffic except for our networks and enjoy a much greater level of protection than with other solutions.