Category Archives: Newsletter

July Newsletter – Diving into Malware, What are the Risk and How Can I Prevent it?

 

mxtoolbox

Last month’s Newsletter covered the topic of Malware and Blacklists, this month we want to dive into malware a bit more to really understand it. Malware is known as malicious software and simply means that code (scripts, active content, and other software) are downloaded, executed etc on your computer to cause major problems. These problems include but are not limited to disruption of services, gathering information that can lead to loss of privacy or exploitation, gain unauthorized access to system resources, and other abusive behavior. Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, scareware, crimeware, most rootkits, and other malicious and unwanted software or program. (Wikipedia.com)

How do I get it?

Malware, spyware, and other junk software typically makes it onto a computer for a number of reasons:

  • Downloading something you really shouldn’t have, from an untrustworthy source.
  • Thought you were installing a “reputable” application but it actually bundles “optional” features that are actually malware.
  • You’ve already managed to get yourself infected, and the malware installs even more malware.

Trojan horses

For a malicious program to accomplish its goals, it must be able to run without being shut down, or deleted by the user or administrator of the computer system on which it is running. This concealment is also how malware gets installed in the first place. Malware is often lurking behind a “reputable” source but disguised as something innocuous or desirable. This technique is known as the Trojan Horse.

Backdoors
Once a system has been compromised most malware softare will install a backdoor. This allows for other malware or harmful things to be easily installed in the future. This method is typically used by a malicious individual to gain secure remote access to a computer, while attempting to remain hidden from view.

All of these reasons and more make it harder to “hand remove” the malware. Even using all of those “cleaner” programs out there (that may actually install malware on your machine…) you may not get to the root of the issue. Also note that these are just a few ways to get a malware infected machine, there are always new ways to be aware of!

How do I avoid it?
The best method for avoiding malware is to have the correct protection! Most of us have a good Anti-virus program but that is like locking the front door but leaving a window open. These days most threats are actually web browser based and your Anti-virus probably doesn’t protect you!

MxToolbox has partnered with WebRoot (May 2010 Newsletter) to offer Web Filtering to protect your network from attacks through the web browser. Our Total Security Solution includes Business Email Perimeter Security in combination with Web Security to provide additional layers of protection to combat Email and Internet threats. Webroot eliminates spyware and viruses with best-of-breed scanning engines and offers a 100% guarantee.In addition to protecting against malware you have the ability to enforce web access policies and it generates detailed reports.

Vulnerability Scanning and Spyware Detection
Webroot is the only Web Security Service to include Vulnerability Scanning, which is an extra layer of protection. This tool scans endpoints directly from the Desktop Web Proxy (DWP) to identify known vulnerabilities including operating systems, browser versions, media players, office programs, and other installed software

Blog Email Security Blog

Copyright 2011 MxToolbox Inc. 12710 Research Blvd. Austin, TX 78759

June Newsletter: Malware & Blacklist Protection with MxToolBox Total Security

Malware & Blacklist Protection with MxToolBox Total Security

Malware and blacklists are two major issues that are encountered by IT Professionals on a regular basis.  Workstations left unprotected or under protected can be infected with malicious code in the form of malware.  Malware comes in a variety of forms of hostile, intrusive, or annoying software that include computer viruses, worms, trojan horses, spyware, dishonest adware and scareware.   Malware  allows your network or workstations to be compromised and used to send spam which will likely land you on a blacklist.   A blacklist or block list is a basic access control mechanism that allows everyone access, except for the members of the black list (i.e. list of denied accesses).   Once on a blacklist, the deliver-ability of your email is diminished or completely disabled.   MxToolbox provides a Total Security Solution that permanently solves the problem of malware infections through the Internet as well as email deliver-ability issues in addition to providing emergency mail continuity.

MxToolBox offers a Total Security Solution that utilizes a Business Email Perimeter Security Solutionin combination with Web Security to provide additional layers of protection to combat Email and Internet threats.

Benefits of Email Perimeter Security
Our inbound services provide perimeter security so connections containing threat messages never reach your network. Since our service is protecting your network from this unwanted traffic, this will reduce the email related traffic by 80% on average. In return you will notice an increase in your server’s performance and lower bandwidth used for email, freeing it up for other uses. By not letting spam ever hit your server, storage is also reduced and mailboxes stay trim, so mail client performance on the desktop is improved as well. Our vendors are continually updating their filters and rules as attacks evolve, so you always have the best protection possible without worrying about patches and upgrades. Another added in benefit is an included Emergency Mail Inbound Backup with a 24/7 always available web console holding your last 30 days worth of inbound mail. As the mail passes through our servers, we copy every single message and hold it to provide your organization working email even if your server is down.

Outbound Blacklist Protection
When you purchase inbound email perimeter security you also get access to our outbound SMTP-relay service. This allows your email server to send external mail to our gateway and we’ll take responsibility for getting it to the destination mail server. By doing so we eliminate the threat ofblacklists being able to cause mail delivery interruptions and impacting your business. We monitor our outbound mail as well and will notify you if we see suspicious traffic from your server so we can work together to rectify any problems before they effect your users.

Emergency Mail
This is a stand-alone version of the Emergency Mail Backup that is featured in our Email Perimeter Security (Spam & Virus Protection) Solution.  Designed to be friendly to the budget for organizations that may have already invested in software or hardware to battle inbound spam; you can ensure that you still have the 30 days rolling backup of your mail as well as inbound mail spooling for up to 30 days if your server is unavailable for any reason!

Web Security
Web Security offers URL Filtering and Content-based Web Filtering that stop web-based threats before they reach your network.   Our Web security uses a Desktop Web Proxy (DWP) loaded on each user workstation and laptop.  This provides multiple layers of protection against Malware attacks by filtering inbound and outbound URL traffic in the cloud before results are delivered to the user’s desktop.  In order to be able to offer protection against these threats our Web Security utilizes the multiple features below to defend this largely overlooked gateway to your network.

  • Rapid Deployment and Reduced Cost
  • Fast Browsing with Minimal Latency
  • Customized End-user Policy Management
  • Seamless Authentication and Protection for Roaming Users
  • Real-time Reporting and Web Activity Logging
  • Real-Time Phishing Detection
  • Proactive Scan Ahead and Safe Search Capabilities

Benefits of Web Security and Email Perimeter Security Protection
With the proliferation of email defense products in use, many sources of online threats have shifted their attention from launching attacks through email systems and have targeted web browsers as an often unguarded entryway into a network.

MxToolBox bridges the gap in this once unprotected space by combining the two services; As a managed service provider, we know that all Internet/Web usage and email traffic is critical and that a total security solution is the best way to go.  We are one of the only companies to fully address the blacklist issue, offer world-class spam filtering and virus protection with email continuity, and Web/Internet Security all from a single-source service provider.  Our solutions also eliminate the need for future email server software & licenses or the purchase of costly firewall email appliances and subscriptions ever again!

Please contact us if you would like to learn more about how to get started on a risk-free trial of either our Email Perimeter Security or Web Security, or go for the gold and get Total Security: Email & Web Protection!

May Newsletter: Pitfalls of DNS & ISP-Hosted Free Email

MxWatch »Free Server Monitoring Products »Managed Email Services Customer Service »Friendly Email Experts
Contact Us:
(866)-MXTOOLBOX
(866)- 698-6652 
support@mxtoolbox.com


Forums  

Find updates on our BLOG

Twitter  

Join us on our FORUMS

Blog  

Follow us on TWITTER

Facebook  

Become our fan on FACEBOOK

May Newsletter: Pitfalls of DNS & ISP-Hosted Free Email


MxToolBox May Newsletter

MxToolbox receives hundreds of inquiries on a weekly basis from companies who are suffering from outbound email delivery problems resulting from blacklists.  A large number of these companies are using “free-mail” (free email) provided by their Internet Service Provider (ISP) or Domain Host.

Imagine these scenarios: “My email just does not seem to work – I have constant problems.  Every time I try sending messages to Yahoo & Gmail, they bounce-back and my provider doesn’t seem to want to help.  I downloaded the email to my phone and now I can’t see it on my PC.  I can’t get to my contacts or my calendars from anywhere but my Outlook!  I called my ISP and they said to call my host. I called my host and they said to call my ISP!  I called them both back and they said go to MxToolBox and see if your IP Address is Blacklisted.”  Does this all sound familiar?  If it does, we have great news for you — You have finally gotten to the right people!

Why do ISPs refer these customers to us?

1) MxToolBox.com is an online resource of Free Troubleshooting SuperTools as well as professional business class Email and Web Security services. Our tools and services are built and run by e-mail experts and we have been monitoring Blacklists since our inception.

2) We offer free advice to better understand the blacklists and make recommendations.

3)  We offer Long-Term, Permanent Solutions!  MxToolBox can provide you with business class Email Hosting with Enterprise Class Email Security including anti-spam, anti-virus and phishing protection along with pro-active, outbound blacklist management so you don’t experience mail rejection.  No one else is addressing the true problem.

Let’s look a little deeper in to the problem.

Many hosting providers, such as DNS Registrars / Web Hosts and ISP’s, provide the most basic email infrastructure with minimal security and only POP connections for inbound and unmonitored shared SMTP for outbound.  For many small businesses who run offices either at home or in office spaces with DSL or Cable Modem connections from their ISP, it is very common to have email rejected by the hosted email server or even by the end-recipients as a result of their local Internet connection/IP Address being blacklisted.

Some blacklist databases are actually configured to report any Dynamic IP like those handed out by ISPs.  Additionally, given that most free email providers are hosting email for anyone who wants a domain and are often providing “unlimited” email accounts, they are not concerned with what type of email is sent from those servers and are not monitoring outbound traffic to ensure that their reputation is clean. What that means for you: If you’re in that shared environment and your neighbor sends out spam, you and everyone else in the shared environment are blacklisted and you are guilty by association.  Even worse, there is nothing you can do about it.  Remember, you aren’t paying for email or email support for your free-mail, so the provider does not have budget allocated for email support.

MxToolbox Hosted Mail:

Inbound Email via MxToolBox:
MxToolBox provides premium anti-spam and anti-virus protection as well as a rock-solid hardware infrastructure to protect your inbound mail and ensure that only good, clean, spam free emails hit your inbox and that it is extremely secure.  We provide the capability for both POP connections to grab your email from our servers and download to your PC; and/or the preferred method of today, IMAP , which allows you webmail access from anywhere in the World, as well as the ability to access mail from your local software client (i.e. Outlook, Thunderbird) or your mobile smartphone and always see the same information no matter where you login to your email!

Outbound Email via MxToolBox:
We provide very strong and secure connections for outbound mail via SSL or TLS to ensure reliable and secure email delivery and minimize the problems that are experienced.  Additionally, we have 24/7 monitoring of our outbound email traffic to be certain that no one is sending Spam or bulk mail through our Email servers — and as such, we have the most stellar reputation in the email business for outbound delivery. Put simply – if your email is sent via MxToolBox, it will get delivered, period!  You won’t be subject to mail bouncing due to blacklists, whether it’s at the the DNS Provider or your local ISP-provided IP Address; our concern isn’t the blacklist. We just want your email to work and it will always work with our robust business class Email Hosting Solutions . Additionally, if you want to send reliable newsletters and/or marketing updates to your clients (like we do), we can make recommendations for outstanding Email Marketing Providers who make it easy for you to create professional sign up form for your website, build your email list and stay in touch with prospects.

Please visit our Forums, our Blog, our Website or follow us on Twitter and Facebook to learn more about what MxToolBox can do for your business and what amazing things are happening in the world of email Today!

April Newsletter:  Cloud Based Web Security Mitigates Anti Virus Vulnerabilities

MxWatch »

Free Server Monitoring

Products »

Managed Email Services

Customer Service »

Friendly Email Experts

Contact Us:
(866)-MXTOOLBOX
(866)- 698-6652
support@mxtoolbox.com

Click here to Unsubscribe

Forums

Find updates on our BLOG

Twitter

Join us on our FORUMS

Blog

Follow us on TWITTER

Facebook

Become our fan on FACEBOOK

April Newsletter: Cloud Based Web Security Mitigates Anti Virus Software Vulnerabilities

In today’s world, almost every business understands the value of running anti-virus software. The problem is more than 85% of malicious malware is distributed via the Web and each variant only has an average life-span of 5-7 hours. Small and medium-sized businesses are especially vulnerable to attacks because they are less likely to have the multiple layers of protection than larger enterprises.

Anti-virus software is still essential. It works with your computer to scan the processor’s memory for patterns that could indicate an infection. With 50,000 new malware samples discovered each day, antivirus software must try to stay current by having updates installed on every users computer whenever a new virus is identified. Daily scans search for viruses and stop any newly identified infections from tainting the computer while remembering the coding to prevent the specific virus from infecting the computer again. Without antivirus to remove viral corruptions, the virus can trick your computer to become a server to send the virus to other computers. However, anti-virus software typically does not update often enough to keep up with the malware problem today.

While anti-virus software will block many of the threats that attack your system, there are additional types of threats such as malware, spy-ware, hacking, and phishing that you need protection against . Earlier this month, there was the Epsilon Data Breach that set the stage for a large scale, targeted phishing attack. Every day, businesses who are only running anti-virus software are surprised to find out that they are under-protected when faced with the consequences of a web attack which can include data loss, viruses, trojans, malware, and spyware. 82% of organizations experience regular hacking and malware attacks and, even with current anti-virus software running, 62% of these organizations have had malware successfully infiltrate their network.

Cloud-based Web Security and policy filtering is an essential part of protecting your company from the inside out. The Internet is a powerful business tool. However, if left unsecured, it can be your greatest security risk. For example, your network can be breached by an employee inadvertently clicking on a (carefully disguised) link containing malware from a legitimate website. Currently, 80% of web-borne malware is distributed through legitimate websites.

MxToolBox is an expert in email security and we do all of our spam and virus filtering in the cloud. However, we’re seeing an undeniable need for companies to protect themselves from the increasing number of attacks coming through the web. In 2007, 10,000 malware samples were discovered daily. Today 50,000 unique malware samples are discovered each day: this is double from one year ago!

At MxToolBox, we want to be part of the solution and help companies protect themselves by blocking ALL objectionable content, malicious code and malware that is rife across the Internet.

March Newsletter: Back It Up: Email Archiving and Emergency Mail

Everyone agrees:  Email is critical to business.

With so many solutions available for email back-up, how do you know that you have the right one(s) in place?   Let’s talk about two different solutions that often get confused with each other or completely mistaken as being one and the same:  Email Archiving and Email Continuity.

Compliance legislation and legal discovery rules are requiring companies in certain industries, like Health Care and Financial Services to retain electronic documents, including email, for specific periods of time leading many companies in search of an archiving solution that will keep them compliant while easy to use and implement.   All companies need to create and follow their own document retention policies.  Unless you fall into one of the specifically regulated industries, you should have a written policy in place which specifies how long you will retain copies of email messages, and automatically enforce that policy.  You should consult your legal counsel as to what your policy should be.  They will also make sure you have appropriately documented your policy.  Once you have a clear and reasonable policy in place, then companies like MxToolBox can help you implement a solution that will support your company’s policy.

Many companies like having an off-site back up of their email even if it is not required by law.   A SaaS based archiving solution will free up the server from having to maintain all those messages while holding them safe at a second location.  Furthermore, messages are easily retrieved as a result of the advanced search capabilities.  While archiving has many advantages, sometimes a quick and easy continuity solution is enough.

Like Archiving, Email Continuity keeps a copy of your mail in the cloud but usually for a much shorter period of time.  It is  accessible to all users through a web client.  Think tornado shelter:  The sirens go off (i.e. natural disaster, your server takes an unexpected lunch) and everyone knows where to go.  Employees can send and receive mail seamlessly to their recipients.
MxToolBox’s continuity solution, Emergency Mail, is always on and keeps a 30 day rolling history of your mail so that employee productivity is never compromised.  All continuity solutions are not created equal.  For example, some are only point forward and require that you “push the red button” to implement them.

Email Continuity is not just for emergencies.  We have customers who use our Emergency Mail for easy web access to their email when they travel or work from home.  IT Administrators use it for scheduled server maintenance in addition to having it in case of emergency.

While both solutions offer safe keeping of your email in the cloud, they are quite different from each other in both purpose and design.  At MxToolbox, we make sure we understand the customers’ needs before before offering a solution.

January Newsletter:  The Big Picture for 2011 Security Trends

MxWatch »Free Server Monitoring Products »Managed Email Services Customer Service »Friendly Email Experts
Contact Us:
(866)-MXTOOLBOX
(866)- 698-6652 
support@mxtoolbox.com
Forums Find updates on our BLOG
Twitter Join us on our FORUMS
Blog Follow us on TWITTER Facebook Become our fan on FACEBOOK

January Newsletter: The Big Picture for 2011 Security Trends

This month we are honored to have guest BLOGGER Gerhard Eschelbeck, Chief Technology Officer from Webroot Inc. In this post, Mr. Eschelebeck provides valuable insight into the threats that companies need to be aware of in 2011 and beyond.

As many of you know, MxToolBox announced last year a new partnership with Webroot to incorporate many of their solutions into our platform of services.  Our relationship with Webroot further bolsters our commitment to provide full turn-key security both in email and web filtering for companies of any size.  We are excited to have access and direct visibility from individuals like Mr. Eschelbeck and look forward to bringing more of this type of insight and knowledge in future MxToolBox BLOG posts.


Another year is in the books so I wanted to pull out the crystal ball and talk for a moment about where the security industry seems to be heading in the coming year, and where we anticipate threats and targets.

Mobile platforms: If you’re reading this, there’s a good chance you have either an iPhone, an Android phone, or a Blackberry in your pocket, case, or on your desk right now. If that’s true, then the data on that device is the next big target for criminals, and the newest front in the war on cybercrime. Users have embraced the advantages of mobile platforms, and even though IT admins may officially consider some or all of them “unsupported” in some organizations, you can’t abandon users who will choose convenience over strict IT policy. I predict that mobile platforms will continue to grow at a rapid pace, and we’ll soon reach the threshold level where malware creators start to take notice in significant numbers. IT admins should embrace these new platforms, and take steps to protect users who insist upon having them, even though doing so may make their work harder.

Social engineering: Whether you use a single PC at home, or manage a network of 25,000 laptops and desktops at work, social engineering scams have become so convincing that it’s a wonder IT admins ever get a good night’s rest.

It doesn’t matter how comprehensive your patch and update s chedule is — when a sufficiently convincing spam email reaches a gullible employee, all bets are off. With targeted attacks becoming more common, the best defense against this threat continues to be education. Every user, from the newest administrative assistant to the C-level executives, needs training in identifying and avoiding fraudulent email and other messages, harmful file attachments, and Internet behavior that can lead to trouble.

Cloud vs. Desktop: We’ve seen demand for cloud-based services increasing across all segments of the business. In small and medium-sized businesses, we’re continuing to see strong demand for cloud-based solutions, and we expect that to continue next year. Overworked admins like the ease of administration and the performance benefits of cloud security services. And for the first time, we’re seeing consumers getting interested in the advantages the cloud brings to PC protection, including the speed that updates make it to the user of an infected computer.

At the larger end of the enterprise business segment, IT administrators must juggle the requirements of government regulations with the performance advantages that cloud services have to offer. In those cases where security regulations may not permit some kinds of data to move out into the wider Internet, we’ve se en a demand for what we call private cloud architecture — something that offers the performance benefits and features of a cloud solution, within an organization, while, at the same time, satisfying regulatory constraints on how companies move or store data.

We also can see how criminals have developed a taste for the vast volumes of sensitive data stored in the cloud, and anticipate that malware creators and other attackers will try to steal data stored in the cloud with increasing frequency.

Security Updates: More than 60 percent of malware attacks come from known vulnerabilities, so no matter whether you’re a one-person shop, or manage many thousands of desktops, maintaining not only the operating system but also the third party applications on which you (and your organization) depend should be a top priority. Besides office applications, attacks in the past year have focused on programs like Adobe Reader, Java, Flash, AutoCAD, media players, graphic design tools, and various browsers and browser plug-ins. IT departments should never let a new computer get to an employee that has anything older than th e very latest build of these critical applications.

Consolidation: While not expressly a security trend, larger companies — some in the security space, and some that have not previously played there — have been augmenting their offerings. Intel’s purchase of McAfee, for example, appears to extend their platform beyond mere chipmaking. Other acquisitions, such as Webroot’s purchase of Brightcloud and Prevx, help companies acquire capabilities that can defend against, or remediate, a specific kind of threat. HP, IBM, and Symantec have done similar things, and with each acquisition, the companies gain another part of a toolkit they can use to respond to emerging threats. We expect to see more companies in this space merge and transform themselves over the next year.

This entry was written by gerhardeschelbeck for the Webroot Threat Blog and posted on December 13, 2010 at 12:01 am. Bookmark the permalink. Follow any comments here with the RSS feed for this postPost a comment or leave a trackback: Trackback URL.

From all of us at MxToolBox, thank you for your business and your time.
Forums Find updates on our BLOG
Twitter Join us on our FORUMS
Blog Follow us on TWITTER Facebook Become our fan on FACEBOOK

MxToolBox Holiday Newsletter: Top Ten Email Related Tools 2

Last year around this time we released our first annual Top Ten Email Related Tools. We thought we would update the list a bit this year but of course some of our favorites are going to stay on the list.

If you have a favorite tool we missed, let us know! Keep in mind that this list is not in any particular order but is just a sampling of our favorites.

  1. IP Chicken – Last year we recommend Whatismyip.com…this year we decided to spice it up a bit as some of our consultants prefer ipchicken.com. They find that their clients are more likely to remember this because it is more catchy! This tool is helpful for local PC IP addresses or if you need to determine the IP of your mail server.
  2. Telnet Test – This tool deserves to stay on our all time favorites list, our techs use it hundreds of times a day! Oftentimes it is very helpful to remove your mail server from the equation to see if there is an underlying network / reputation problem blocking mail flow. Telnet enables helps you manually send a test message using the telnet command built into every operating system.
  3. Aweber – There are plenty of 3rd party mail filtering services out there, but we personally feel that Aweber is where its at. Their blog post about ‘Email Marketing Tips From Mom’ gives you an idea how original this company is! We highly advocate using any 3rd party if you are doing bulk mailing or Newsletters. We understand how important it is to get your email into your reader’s hands, read this blog post for recommended tips.
  4. Web Security – This year we wanted to add Webroot Web Security to the list. With the proliferation of email defense products in use, many sources of online threats have shifted their attention from launching attacks through email systems and have targeted web browsers as an often unguarded entryway into a network. In order to be able to offer protection against these threats, we have partnered with Webroot and are now offering Webroot Web Security to defend this largely overlooked gateway to your network.
  5. Wireshark – Last year we recommended the tool Net Stat for help in  determining if a local PC or mail server is blasting out spam. This year we want to add Wireshark to the list. This tool is designed to find wireless traffic and return it in a form that a human can read. Keep in mind that these tools will only show you activity if the trojan/virus is currently blasting spam.
  6. Traceroute – Recommended in 2009 and we will keep it on the list! Traceroute tracks the path that a packet takes from your computer to a destination address. A traceroute also shows how many times your packets are being rebroadcast by other servers until it gets to the final destination. For windows users, the command is tracert. For Macintosh OS X users, its traceroute.
  7. Google Docs – This one stands the test of time as well and we are recommending it again this year. We know that Google Docs aren’t really related to email but the way we are evolving to use this product does mean that email is included when sharing documents. Google’s new feedback systemseems to be a huge accomplishment for end users as our feature requests are being included.Last but not least, we would like to include three of our own tools which help make troubleshooting, diagnosing, and monitoring your email easier. We have been providing our free tools since 2003 and we are proud to continue giving back to the email community.
  8. Server Monitoring – Server Monitoring Takes the guessing out of server management.  If something is wrong with your email server, you need to know right away. MX Toolbox’s Free Email Server Monitoring lets you rest easy by sending you alerts when there is a problem with server performance, availability or reputation.
  9. MxToolBox Super Tool – This all-in-one tool includes a critical tool package for all system administrators: MX LookupBlacklistsSMTP DiagnosticsHeader AnalyzerSPF RecordsDNS LookupReverse LookupPort ScanWhois LookupARIN Lookup and CNAME Lookup.
  10. Blacklist Checker – The MxToolBox Blacklist Tool checks your IP against a list of over 150 Real Time Blacklists. If your mail server has been blacklisted, some email you send may not be delivered.
We hope you enjoyed our list and we will continue to build it in the future so we can bring the best email tools to you! We hope you have Happy Holidays and we will see you in 2011!

October Newsletter
Searching for the Perfect Spam Filter

From all of us at MxToolBox, thank you for your business and your time.

Forums

Find updates on our BLOG

Twitter

Join us on our FORUMS

Blog

Follow us on TWITTER

Facebook

Become our fan on FACEBOOK

 

October Newsletter – Searching for the Perfect Spam Filter – October Newsletter

 

The Search for the Perfect Spam Filter

The ideal spam filter should be able to block all spam period. Unfortunately we don’t live in a perfect world and so some amount of spam will usually make it’s way into our inboxes. Fighting spam is a perpetual exercise which sees spam filters continually updated to detect and automatically mark messages as spam. On top of the automated filters most systems require human responses from their users. Some may ask why the human response is needed? The human influence is critical, if a spam message is marked incorrectly as clean or even worse if it was a false positive, meaning it was marked as spam but was not, it can be flagged by the end user for review by the automatic filters.

The ‘Mark as Spam or Junk’ button is such an important piece of anti-spam technology. However, this button comes with quite a bit of power and marking or unmarking messages as spam should not be taken lightly.

Marking Messages as Spam

Marking messages as spam is a great feature that helps train automatic systems to flag messages as spam. Note that just because you mark a message as spam it does not add the sender to a Blacklist or anything like that, it just flags the system to review the message.

Unfortunately most of the time the message is not spam but in fact a legitimate mailing or message that was requested by the end user. The correct method for newsletters or bulk mailing that you do not want to receive is to use the “Unsubscribe Button” at the bottom of the email.

It is important to also note that marking Newsletters and other Bulk Mailing services as spam is very detrimental. While some think that it is a good idea to mark a Newsletter that they dislike as spam, it is eventually costing that company lots of money to resolve the issue. For companies that are utilizing proper mailing techniques such as double Opt in procedures where you have to confirm you want the mailing, it is very frustrating for the messages to be then marked as spam.

Correcting False Positives

It is worth repeating that no spam filter is perfect, there are times when a legitimate message will be marked as spam. To correct this, simply check your Junk Folder often and select the message and use your email clients function to mark the message as “Not Spam”.  This may include messages from the services that you have subscribed to, all the system needs is a little tuning to what you do want to receive.

Most spam filters are smart enough to “learn” as you mark messages but most have a long learning period in place. This is intentional and means that when you mark a message as Not Spam, the system makes a note but doesn’t make immediate changes to the filters. If the system were to obey our every whim as users, things could get out of hand very quickly as everyone has different opinions as to what is legitimate mail.

In the End

Realizing how spam filters work and how you can help or hinder the process will go a long way in the end. Your messages will get to their recipients and you will receive the mail you want to get. Working the system or using the system to disadvantage others happens, but with education hopefully those practices will cease and everyone will be happy with the email they get.

September Newsletter
Back to Spam

From all of us at MxToolBox, thank you for your business and your time.


Forums

Find updates on our BLOG

Twitter

Join us on our FORUMS

Blog

Follow us on TWITTER

Facebook

Become our fan on FACEBOOK

 

 

Back to Spam – September Newsletter

Back to Spam

Most companies make use of some type of Spam and Virus Protection which does a remarkable job of neutralizing unsolicited and detrimental messages, so how is it that spam still exists and thrives to wreak havoc? Below are some of the five most common pitfalls that allow spam to continue, and what you can do about it:

Zombie Workstations
Either via an inbound spam message that was missed, a website exploiting a bug in a browser, or an infected file being transported onto your network by a user, workstations are very prone to being infected with malicious code in the form of a virus, malware, trojan, or the like. The source can be complicated to cure, but there’s a very simple fix to save the rest of us from those machines sending us spam, and getting your public IP Blacklisted to boot.

Simply configure an outbound firewall rule to only allow outbound connections on port 25 from your in-house mail server. If you don’t have a mail server, then your network shouldn’t need to make outbound connections on port 25 (or inbound ones for that matter). You may need to reconfigure some Email clients who are using port 25 to connect to their SMTP server, but most servers these days have the ability to leave port 587 open for this type of connection.

By shutting down your local network from creating outbound 25 traffic, you are removing the ability for your workstations to generate a message and deliver it without going through your gateway which you as a good sys-admin monitor and control.

Servers Acting as Open Relays
The next largest source of unintentional spam are misconfigured servers or servers with accounts that have weak passwords. By not having authentication configured correctly you can allow connections from the outside to use your server to send mail. Spammers will just troll IP addresses looking for Open Relays and exploit any hole that is left open for them to use your server to send their spam. Additionally they can find the home server for an email account and attempt to authenticate as that user with a “brute force” password attack. However brute is not a fitting adjective when you let your users set up their account with their password set to “password” or “1234” or the like.

At the very least, we recommend having a good firewall in front of your mail server to look for these types of attacks. Ideally you would have either an Edge MTA which acts as a perimeter for your main mail server or employ a cloud based solution so that you can block incoming traffic against your mail server from anybody but that trusted source which has very high levels of security in place.

Clever Trickery
Spammers are tricky devils and they learn and adapt to email defense systems to break those systems or to circumvent them. One example that demonstrates the type of adaptability that Email Security professionals have to deal with is Backscatter spam. As an operator of a legitimate email server, one of the things your server does to be helpful to other servers is generate email containg error messages when messages encounter problems. For example if somebody sends you an email to an address that doesn’t exist, it is helpful for your server to send the original sender a notification Non-Delivery Report (NDR) to let them know that their message wasn’t delivered.

Spammers can make use of this feature in the following way: They create a message and forge the From: field to contain the email address of their intended target. Then they send this message to an email address they know doesn’t exist on your server in your domain. Your server kindly sends back a notification to the person it thought sent the message. In fact you just delivered the message for the spammer from your server and IP address which they most likely trust. This type of spam is difficult to detect and block because it is technically an illegitimate notification.

The solution to eradicate this type of spam is to perform the test to see if the user exists during the SMTP conversation. By doing that, your server is never actually accepting the message from the sender and therefore need not generate a notification message. The sending server with a legitimate message for a non-existent address is then responsible for notifying it’s own user of the failure.

Malware, Trojans & Viruses
These three words strike fear into all system administrators. You know that if your workstations become infected with malware, a trojan or a virus you have hours of work ahead of you identifying and eradicating the source.

Malware spreads spam by infecting a computer by secretly accessing a computer system without the owner’s informed consent. The infection can spread through several sources including computer viruses, worms, trojan horses, spyware, dishonest adware, crimeware, most rootkits, and other malicious and unwanted software. In the end you are left with a barely working machine that could be blasting out spam and spreading the infection further.

Trojans are malware that appear to perform a desirable function for the user prior to run or install but instead facilitates unauthorized access of the user’s computer system. It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems. Once executed machines are often turned into zombie bots that send out spam.

Viruses are computer programs that can copy themselves and infect computers. A virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.

New Spam Tactics
Filter providers continue to hone their techniques in this constant game of cat and mouse. The latest trend is a shift to email worms. “The worm arrives via emails with the subject line ‘Here You Have’ or something similar, and the messages contain a link to a site that will download a malicious file to the victim’s PC. The malware then drops itself into the Windows directory with a file name of CSRSS.EXE, which is identical to a legitimate Windows file.” (Slashdot)

Wrap up
A few years ago the worse spam you saw was “image spam“, this type of spam tricked the filters because it was a .jpg or .gif file that was at that time allowed by most servers as a non-threat. However, each day spam is evolving to become more aggressive and preys on your unassuming users. As well, many sources of online threats have shifted their attention from launching attacks through email systems and have targeted web browsers as an often unguarded entryway into a network. To combat all of these threats, it is highly recommended to include a Business Perimeter Security Solution in combination with Web Filtering.

August Newsletter
Sailing the Email Marketing Seas

From all of us at MxToolBox, thank you for your business and your time.

Forums Find updates on our BLOG
Twitter Join us on our FORUMS
Blog Follow us on TWITTER Facebook Become our fan on FACEBOOK

August 2010 – Sailing the Email Marketing Seas

Sailing the Email Marketing Seas

We talk to a lot of people who have ended up on Email Blacklists and who are looking for help getting off of them. The two most common ways to get yourself blacklisted is to either get a workstation infected with malware or to try to do Email Marketing yourself.

For the purpose of this article, email marketing is any email that you are trying to send out to a large number of recipients for whatever reason. Newsletters, Mass Mail / Bulk Mail, automatic reminder notifications, they are all basically the same to a recipient mail server, and we get asked by many people running their own mail servers what they can do to avoid getting blacklisted.

This newsletter is broken down into three sections of information.

  • Taking a Cruise – Covers the advantages of using a third party source for your email marketing.
  • Row, Row, Row Your Boat – Tips and tricks to maximize your results when sending out bulk mail yourself from your own email server.
  • The Bermuda Triangle – Highlights all of the horrible things that can happen if you choose to email from your server.

Email Marketing is Not Bad
Before we detail the problems you might run into, we want to state for the record that we are not against email marketing or harbor any opinion against organizations which make use of it as a tool to grow their business, communicate with their customers, or promote their products online. However after we discuss the pitfalls ahead, you might think again about hitting send on an email campaign from your server.

Taking a Cruise

When asked for quick advice from administrators on how they can safely send bulk mail, our short answer is almost always, “don’t try to send bulk mail yourself.” Because email is so important for day to day business communication, we strongly recommend using a specialized service designed for email marketing so that your business mail systems are not compromised.

Take the complications which usually arise when you try to do this yourself and combine them with the value added features that specialized services offer and it’s almost always cheaper in the end to have somebody else do the heavy lifting. Here are some examples of why this usually ends up being true.

Maintenance
Using a 3rd party mailing service can help streamline many of the processes that you would have had to do manually with your own mailing list. Typically these services will offer specialized tools for managing user lists and help by automatically unsubscribing users whose addresses bounce multiple pieces of mail.

Zero to Hero
Sudden surges in email flow raise lots of red flags to Email Service Providers (ESPs). If your server usually sends 100 emails per day but sends 10,000 in one hour, then all sorts of different countermeasures can be deployed to ward off spam. Dedicated mass email companies can deliver high volumes of email without triggering red flags because they always deliver high volumes of email.

Copy Cat
ESPs are no dummies. When they see identical messages they know they are bulk mail. When you send an identical message to more than one person in a short period of time, it can very likely be treated as junk. Dedicated services get around this is by having a strong reputation. ESPs learn to recognize professional bulk mailers and give them some leeway. They also usually space out deliveries over time as a courtesy.

Alice Doesn’t Live Here Anymore
Sending an email to a closed account or with a typo in it can be frustrating when you send one, but it is a sure sign of bulk mail when you send 10 close together. Email marketing services and software pay close attention to bounce back messages which signify closed accounts because ignoring these can have devastating effects at who will accept emails from you.

CAN-SPAM
Not only are you being a nuisance if you send mail that people don’t want, but you might be breakingthe law. Professional email marketers are usually very cautious to stay within regulations. Doing so is prudent not only for getting caught, but for getting your email accepted. Building CAN-SPAM compliance yourself takes time and energy.

If a tree falls in the woods…
What’s the point of sending out a bazillion messages if nobody gets them, or if they go to Junk, or if they never get opened? Which messages get good responses, which did not? When is the best time to send your mail? Did the version with the new images do better or worse than the one with the old ones? Get more out of your efforts by tracking where your messages are going and who is reading and who is clicking. Third parties compete with features like these and have dedicated teams working on getting the most out of each message for you. Take advantage of them.

Recommendations
There are many Email Marketing companies out there to choose from. We at MxToolBox have had experience working with and can recommend StreamSend, have worked with clients using Constant Contact, and we like MailChimp because it has a funny name. Additionally MxToolbox has recently partnered with Aweber and those folks over there will take good care of you.

Row, Row, Row Your Boat

If a 3rd party mailing service is not the right fit for your company, you can do it alone, but there are many things you’ll want to consider. While your mail server seems capable of sending lots of email, many people find out too late that lots of problems can arise when they try it.

Nobody likes Drinking from a Fire Hose
Don’t all of a sudden deliver thousands of identical messages to a server all at once. If you can trickle your messages out they will be much more warmly received.

Does Everyone want your Mailings?
This one may seem simple enough, but often times users sign up for Newsletter or Bulk Mailing without realizing it. To increase the inbox delivery rate of your messages, make sure that all recipients on your distribution lists actually want to receive the mail by providing good content that isn’t salesly or pushy and is intriguing to your audience. To help further confirm that individuals do want your mailings, we recommend using double Opt in. Obtaining permission to send your email is critical.

You Don’t Want ’em Slamming the Spam Button
When you send mass emails to people who never asked for them, they’re going to hit the spam button and this seriously adversely affects delivery. This action from the recipient will definitely get you in trouble with Email Service Providers, and could get your email and IP address blacklisted.

Don’t Hide the Unsubscribe Button
While using Opt in to confirm your recipients is highly recommended, you will also want to make sure it is easy for your users to Unsubscribe if they desire. If users can’t unsubscribe easily, they may just mark your message as spam and that hurts your reputation. We recommend making sure the Unsubscribe button is easy to spot and the process to unsubscribe is a painless as possible.

Complicated Technical Tomfoolery
There are many different means and systems out there that have been created to try to help senders verify themselves so they can be trusted by recipients. They can be very complicated and spell disaster if configured incorrectly. They each have different pros and cons and are each implemented using different techniques. Some of these tools are:

  • Reverse DNS – A DNS record for the IP address that you send mail from points to your domain. You can read more about rDNS in our forums.
  • SPF Record – We only recommend configuring this if you are extremely comfortable with your network. If this is not configured correctly it can negatively impact mail flow or cause bounced messages. We would recommend using the Open SPF Wizard to configure your SPF record.
  • Domain Keys – “DomainKeys” creates a domain-level authentication framework for email by using public key technology and the DNS to prove the provenance and contents of an email.
  • DKIM – DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit.

The Bermuda Triangle

Measures Taken Against Bulk Mailers
Administrators of email servers are free to take any actions that they choose best when trying to detect and defend against malicious attacks, spam, viruses, and bulk mail. They draw the lines of what they consider a threat and they dictate the penalties for crossing their lines with the sender having little to no recourse that they can take. Here are some of the things you can experience if you aren’t careful.

Being Blacklisted – It feels about as bad as it sounds. Your IP or domain name gets put on a list. These lists are independently operated and specialize in different fields such as Spam, Viruses, ect. Administrators can subscribe to these lists, usually for free, and then take whatever action they like. The modus operandi is to reject connections from IP addresses on a blacklist resulting in a major delivery issues for all of your mail.

Getting Graylisted – The receiving server lets you go through the trouble of transmitting your email just to return a 400 response, which means try again later, on purpose. This results in the email being delayed since your server will wait before it retries. It also means that you have to burn twice as much bandwidth and CPU to get it delivered and that’s if they only make you try 2 times.

Throttling – Usually traffic over the Internet goes as fast as the pipes being used will allow. There are complicated means of accomplishing this that go on in the background. However one side of the connection can easily set the speed limit to slow things down if they like. This can be done for resource conservation for a receiving server but could also be employed to force a  sender to use up more of a precious resource – time.

Tarpitting – Basically this just means that as your server is talking to their server, they just take a short little break between each communication. The result is that it slows down the rate of transmission. If your server is configured to only have a set number of connections open at once, it can also cause your queues to back up.

Blackhole – Hey nice email. Let me put that someplace nice…right over here in the bit bucket. Gone forever. No bounce, no nothing. Not very fun.

One Man’s Garbage – Is nobody’s treasure. Off your messages go to the junk folder to hang out with some of the worst messages ever dreamed up. Sometimes even messages that aren’t part of the campaign get junked because they come from a source of bulk mail.

Additional Resources
Moms Email Marketing Tips
Bulk Email Help

July Newsletter
A Castle in the Clouds – Google Apps

From all of us at MxToolBox, thank you for your business and your time.

MxWatch » Services » Support »
Contact Us:
(866) 698-6652 

12710 Research Blvd,
Suite 225
Austin, TX 78757support@mxtoolbox.com

You are receiving this Newsletter because you have a server on our Free Server Monitoring.

 


Forums Find updates on our BLOG
Twitter Join us on our FORUMS
Blog Follow us on TWITTER Facebook Become our fan on FACEBOOK

Did you miss the Monthly newsletter? Sign up here!