Secure Your E-mail Systems - Protecting Against Port 25 Vulnerabilities

It goes without saying that e-mail plays a critical role in any organization. This relatively new communication technology has, by many accounts, replaced the telephone as the most useful business tool available. Unfortunately, e-mail has also been a victim of its own success and presents a unique threat to the enterprise network as a whole.

Protecting networks from viruses and hackers has traditionally been the responsibility of the Firewalls, Virus Scanners, and Intrusion Detection Systems (IDS) set up by enterprises as a defense against the myriad attacks they come under each day. Virus scanners scan each PC in the network, gateway servers are guarded against attempts to gain access by locking down extraneous ports and firewalls prevent unauthorized programs from accessing the network. All these measures prevent direct attacks against the network on every port except port 25 and port 110 – the ports used by SMTP (Simple Mail Transfer Protocol) and POP (Post Office Protocol) to transmit e-mail from one server to another.

Ports are the openings in the operating system through which applications connect to each other. When a firewall receives an e-mail connection on port 25, it generally assumes that the transmission is e-mail and allows it to flow through to the e-mail server. The transmission may be a valid e-mail, it could be a virus or a spam, or it could be a job offer for an employee or something much worse. Regardless of the true intent of the “e-mail”, at this point it is incumbent upon various systems within the network to guard against these threats. Unfortunately, experience has taught us that partial success in these areas is the norm, not the exception.

Stop E-mail Threats at The Gateway

The best place to stop a threat is before it gets inside the network. Virus scanners are only as good as their latest update, and are virtually useless against new viruses that have yet to be identified. If a user does not update his virus definition list, then his machine will be infected. A pornographic spam will offend an employee when it slips through the spam filter, and the job offer from the competitor won’t go away once the recipient has printed it out on her printer. The best way to prevent these malicious attacks is to stop them before they become a problem – at the gateway.

Stopping spam and other malicious e-mail traffic at the gateway requires a coordinated effort to solve a whole host of issues. These include, but are certainly not limited to, spam, viruses, corporate policy infringements, directory harvest attacks, denial of service attacks, phishing, spoofing, and snooping. Furthermore, accuracy in identifying spam e-mails is crucial. It is much better to receive the occasional spam than accidentally filter out an important e-mail from a customer.

Historically, enterprises have turned to multiple vendors to solve their e-mail security issues. They have relied on anti virus vendors to protect them from viruses. They use a separate anti spam vendor to help cut back on the spam. Then there are the issues of content filtering, policy enforcement, encryption, and network security. Over time it has become clear that having so many vendors approaching these issues from so many directions is prohibitively expensive and time consuming for administrators to manage.

Increasingly companies are turning to hardened e-mail appliances like CipherTrust’s IronMail. According to Gartner, the globally respected IT research firm, “Instead of having several email security-related point products at the boundary, many enterprises will want only one”.

IronMail is designed specifically to guard against port 25 attacks on enterprise e-mail systems. It can be tuned to work effectively with any type of organization and has been employed for use in a wide range of industries such as healthcare, government, finance, education, manufacturing, retail, and many more. It allows organizations to stop spam and viruses, protect employees from fraud and inappropriate content, enforce corporate policies, provide secure delivery, encrypt e-mail, and provide remote access.

Find the Right Solution

Learn more about how IronMail can secure enterprise e-mail systems by visiting www.ciphertrust.com or by downloading CipherTrust’s FREE whitepaper, b>“Securing Email Systems: An Overview of IronMail, the Secure Email Gateway”. This FREE resource will provide you with the information you need to make an informed decision about securing your e-mail systems and ensuring system availability to end users.

CipherTrust is the leader in anti-spam and email security. Learn more by downloading our free whitepaper, “Securing the E-mail Boundary: An overview of IronMail” or by visiting www.ciphertrust.com.

Download Fraud Eliminator to Protect Yourself Click Here

UK Based Phishing IQ Test
Some time ago I posted a link to an American Phishing test. I'm pleased to tell you that there is now a UK Phishing Test using UK examples that might make rather more sense to us than the American one. Phishing, for those who don't know, are fake emails that supposedly come from banks etc. that are designed to get us to give out personal details, which can then be used to get money out of accounts and so on. No-one would fall for them, surely? If you're sure you're too clever then try the test and see how well you do!

Gmail Takes the Phun Out of Phishing
Google isn’t allowing itself to be put in the same situation as other e-mail providers in regard to phishing attacks. In October of last year, they implemented Yahoo’s DomainKeys e-mail source verification ( a month before Yahoo did, but that’s Google for you). Now they’re using a proprietary engine to tag suspicious messages coming in to Gmail accounts. When a Gmail user opens a suspected phishing message, the software displays a large red dialog box… Direct and Related Links for 'Gmail Takes the Phun Out of Phishing'

Netcraft: 5,600 Phishing Sites Since December
miller60 writes "Netcraft has tracked and blocked 5,600 known phishing sites since the December launch of its anti-phishing toolbar, which it has now updated with a risk rating feature that warns users about new sites with phishy characteristics, based on trends observed in known phishing scams. It has also started a service that makes the full list available of phishing sites as a continuously updated feed for service providers and companies to use in mail servers and web proxies." One bad sign: the phishing attacks I see are getting (on average) more professional in their phrasing -- it used to be easy to toss out the trawlers based on their spelling alone.

Netflix Fixes "Phishing" Security Threat
Christopher tipped me off to a Bugtraq Mailing list thread about a possible Netflix security problem involving "Phishing." This is the Wikipedia definition of phishing: In computing, phishing is the act of attempting to fraudulently acquire through deception sensitive personal information such as passwords and credit card details by masquerading in an official-looking email, IM, etc. as someone trustworthy with a real need for such information. It is a form of social engineering attack. Here's a link to an example of a phishing e-mail. This is an example of phishing HTML code: https://www.netflix.com/redirect.jsp?target=http://dummy.site.com/ This was just a warning and...

14,411 phishing attempts in April 2005
In April 2005, the number of phishing attempts rose to 14,411, says Anti-Phishing Working Group. A drop in unique phishing e-mails was reported, down to 3,930, from 4,100 in March 2005. Number of phishing Web sites hosted in China increased to 2,854 active phishing sites reported in April 2005 (22% of total). 26.3% of phishing [...]

Anti-Phishing Working Group Creates Phishing Scam Database for Members (2 June 2005)
In hopes of becoming a clearinghouse for phishing data, the Anti-Phishing Working Group has created a database of phishing scams that can be used to share information with other Anti-Phishing Working Group members; there is also an XML form that can be used to submit attack data.......

Strange "Barclays" phishing attempt
When I get these things, I usually just delete them immediately, but this strange message from “Barclays” caught my eye and I began to play with it. At first, it just seems like an obvious phishing attempt. Dear Barclays Member,This email was sent by the Barclays server to verify your email address. You must complete this process by clicking on the link below and entereing in the small window your Barclays Membership number, passcode and… Direct and Related Links for 'Strange “Barclays” phishing attempt'

Strange "Barclays" Phishing Attempt
When I get these things, I usually just delete them immediately, but this strange message from “Barclays” caught my eye and I began to play with it. At first, it just seems like an obvious phishing attempt. Dear Barclays Member, This e-mail was sent by the Barclays server to verify your e-mail address. You must complete this process by clicking on the link below and entereing in the small window your Barclays Membership number, passcode,… Direct and Related Links for 'Strange “Barclays” Phishing Attempt'

Download Fraud Eliminator to Protect Yourself Click Here