The challenge
All organizations experience problems sending e-mail from time to time, because their e-mail servers have been distributing spam and thus got blacklisted. This is especially true for hosting providers which both have large amount of account (possibly with weak passwords) and web hosting servers with (poorly designed) scripts, which is used by "attackers" to relay spam. This of course affects all users of the e-mail server, because the IP's reputation gets compromised. It's somewhat more difficult to block spam outbound, because the sender is usually authenticated and trusted.
The solution
We've helped numerous organizations and providers solve their outbound spam problem. Some of our strongest advantages are:
- The scriptable rate control makes it possible to extract appropriate information from the message, and thus performing per-customer rate control at one centralized location, affective even for sources which is typically difficult to limit (such as script on web servers).
- The signature-based anti-spam works in both directions, and together with a spam rate measurement script, outbreaks from the inside can be detected, blocked, and triggering an alert to support personnel or directly to a system, for example changing the compromised account's password. All of this is possible only thanks to the flexible scripting language.
- The scriptable SASL (SMTP authentication) flow can be used to terminate e-mail clients outgoing connections directly in the gateway, relaying the authentication request to a backend e-mail server.
- Organizations' security policies can be enforced using the data loss prevention content filter.
- Once a message is accepted as genuine, encryption and DKIM signatures (using our libdkim++ library) can be applied for other to verify.
