Our Email System Security, Spam and Malware Policies

For Microsoft 365 email:

Miicrosoft 365 has its own rules and security filtering called Microsoft Exchange Online Protection.

You can find out more here.

 

 

For Digital Catalyst email:

Our servers will let in legitimately configured servers sending clean emails. They will dig out, detect, and reject viruses, and bounce 99.99% of spam or poorly configured emails. Our managed email system is world class and follows industry best practice. With monitoring 24/7/365, and a 100% uptime guarantee delivered on a global infrastructure, mail is something you do not need to worry about. We also offer better delivery rates for emails that you send out. On Mail Tester https://www.mail-tester.com, our customers' score a perfect 10/10. Try your mail server now...

 

Inbound and Outbound: SSL

SSL is enforced for all incoming and outgoing emails. SSL scrambles all data as it transfers and then decodes it at the other end. This is the same technology you use when doing internet banking or online shopping.

Using SSL stop hackers and malware from sniffing your information in transit.

 

Outbound: Security and Delivery of Sent Email

We build trust with your recipient's mail servers by using the following techniques to guarantee the sender is real.

 

Feature 1: SPF

With SPF, we increase the delivery rates of your sent email by building trust with your customers' mail servers. SPF protects your customers from receiving emails that pretend to be you. It advises their mail server to hard reject any email that does not actually come from your server address range (one or several IPs).

Hackers and spammers use this technique a lot to fake emails and many mail servers cannot deal with this type of attack effectively. By increasing the trustworthiness of our servers (i.e. yours) we increase the inbox arrival rates of legitimate emails sent to your customers. Everybody wins.

 

Feature 2: DKIM

With DKIM we bolster delivery rates to the most difficult services like Hotmail and Outlook.com which normally block automated mail such as that from newsletter services, electronic forms, or system based notifications (user registrations,  password resets, automated messaging).

This is done by providing a public and private key pairing to prove each and every sent email has not been intercepted/modified during transit.

 

Feature 3: DMARC

Domain-based Message Authentication Reporting and Conformance (DMARC) is a free and open technical specification that is used to authenticate an email by aligning the SPF and DKIM mechanisms. By having DMARC in place, domain owners large and small can fight business email compromise, phishing and spoofing.

 

Feature 4: Bulk Sending Rules

As spam rules are tightened which have forced ISPs to block bulk sending of email, we can configure special email rules to enable your organisation to appropriately bulk send emails that still comply with the spam laws. Talk to us if you need to handle this.

 

Inbound: Multi-Pass Email Filtering Before Email Arrives At Your Inbox

We perform a multi-layer spam and antivirus filtration for every single email that arrives. All steps occur before arrival in your inbox. 

Our mail server system automatically updates virus and scanning technology definitions hourly giving customers protection from new viruses within minutes. Compare that to most desktop and server antivirus programs, which check for new virus signatures once per day and sometimes once per week.

 

Feature 1: Blacklist

When an email arrives the servers look for the senders IP from an aggregated blacklist system and may bounce or allow the email based on the sender IP status. If a large number of emails arrive simultaneously from a single IP or are addressed to users that do not exist in our system in what looks like a spam attack, our servers block the email. If the sending address is from a domain in our system but the mailbox does not exist (Phish), the servers block the email.

   

Feature 2: CloudMark Fingerprinting

Each email is then passed to CloudMark's Advanced Message Fingerprinting analysis which uses algorithms to detect spam, viruses, and phishing across all languages and character formats. These algorithms are updated every 60 seconds based on global feedback.

   

Feature 3: Sniffer 

Each email is then scanned with ARM Research Labs Message Sniffer which uses pattern recognition and machine learning technology to detect spam and malware. It searches the entire message for spam and malware features, including:

  • unusual headers and coding styles
  • unusual code fragments and structural artefacts
  • odd message source behaviours
  • obfuscation techniques
  • binary and image signatures
  • odd email and URL targets

 

Feature 4: Attachments

Each email is then scanned for attachments that might execute compromising code including program files, script files and shortcut links and where detected sends a "bounced" email notification.

 

Feature 5: Email Normalisation

Each email is then scanned for formatting vulnerabilities that can hide viruses from scanners. If found it "normalises" the formatting so that it can be re-scanned. This is often used to sneak past Microsoft Outlook security flaws.

 

Feature 6: Decompression Of Attachments

Each email is then scanned for any compressed attachments such as .zip files. They are temporarily unzipped and scanned for viruses. If an attachment (such as a password-protected .zip file) cannot be decompressed, our system passes the file on to scan the original file for virus signature and heuristics that occur within compressed attachments.

 

Feature 7: Virus Scan

After the steps 4, 5 and 6 a complete email anti-virus scan is run over the whole email and its uncompressed attachments.

 

Feature 8: Spam Management and Quarantine Control

Custom rules can then be implemented to override the block or allow of specific email addresses or even whole domains. This can be done for a single mailbox or applied for your entire organisation.

 

Only after getting through all of the above filters will email be delivered to your inbox.