Our Email System Security, Spam and Malware Policies

Our servers will let in legitimately configured servers sending clean emails. They will dig out, detect, and reject viruses, and bounce 99.99% of spam or poorly configured emails. 
Our managed email system is world class and follows industry best practice. With monitoring 24/7/365, and a 100% uptime guarantee delivered on a global infrastructure, mail is something you do not need to worry about.
We also offer better delivery rates for emails that you send out. On Mail Tester https://www.mail-tester.com, our customers' score a perfect 10/10. Try yours...

 

Inbound and Outbound: SSL

We include SSL (and strongly recommend it) for all incoming and outgoing emails. SSL scrambles all data as it transfers and then decodes it at the other end. This is the same technology you use when doing internet banking or online shopping.

Using SSL stop hackers and malware from sniffing your information in transit.

 

Outbound: Security and Delivery of Sent Email

We build trust with your recipient's mail servers by using two techniques to guarantee the sender is real. These are called SPF and DKIM.

Feature 1: SPF

With SPF, we increase the delivery rates of your sent email by building trust with your customers' mail servers. SPF protects your customers from receiving emails that pretend to be you. It advises their mail server to hard reject any email that does not actually come from your server address range (one or several IPs).

Hackers and spammers use this technique a lot to fake emails and many mail servers cannot deal with this type of attack effectively. By increasing the trustworthiness of our servers (i.e. yours) we increase the inbox arrival rates of legitimate emails sent to your customers. Everybody wins.

 

Feature 2: DKIM

With DKIM we bolster delivery rates to the most difficult services like Hotmail and Outlook.com which normally block automated mail such as that from newsletter services, electronic forms, or system based notifications (user registrations,  password resets, automated messaging).

This is done by providing a public and private key pairing to prove each and every sent email has not been intercepted/modified during transit.

 

Inbound: Seven Layer Filtering Process Before Email Arrives In Your Inbox

We perform a 7 layer spam and antivirus filtration for every single email that arrives into our system before it can arrive in your inbox. 

 

Feature 1: Gateway Scan

As soon as an email arrives, the gateway servers try to match the sending IP address to an aggregated blacklist compiled from multiple spammer tracking systems. The servers analyse the email message in comparison to other arriving mail.
   
If a large number of emails arrive simultaneously from a single IP, or are addressed to users that do not exist in our system, it could signify a spam attack, and the servers block the offending email. If the sending address is from a domain in our system but the mailbox does not exist, the servers block the email.
   

Feature 2: CloudMark Scan

Email are then scanned with CloudMark's Advanced Message Fingerprinting to detect viruses, spam, and phishing. This uses algorithms that detect spam across all languages and character formats.

These algorithms update every 60 seconds based on worldwide feedback loops and the latest antispam techniques.
   

Feature 3: Message Sniffer Scan

Email is then scanned with Message Sniffer from ARM Research Labs. Message Sniffer relies on pattern recognition and machine learning technology to detect spam and malware. It searches the entire message for spam and malware features, including:

  • unusual headers
  • message source behaviours
  • structural artefacts
  • obfuscation techniques
  • binary and image signatures
  • email and URL targets
  • unusual code fragments
  • coding styles

 

Feature 4: Restricted Attachments Scan

Emails are then scanned for types of file attachments that can execute code and be used by hackers to spread viruses. Restricted file types include, but are not limited to:

  • program files (.exe, .com, .mdb, .accdb)
  • script files (.bas, .vbs, .js)
  • shortcuts to files (.lnk, .pif)

When an email containing a restricted file attachment is detected, the system rejects the email and the sender receives a "bounced" email notification.

 

Feature 5: Normalisation Of Messages

Emails are then scanned with an anti-virus process searching for formatting vulnerabilities that can hide viruses from scanners. If the system finds any vulnerability, it corrects the formatting of the message (called "normalising" the message) so that it can be thoroughly scanned.

Normalisation protects against many known Microsoft Outlook security threats.

 

Feature 6: Decompression Of Attachments

Then emails which contain any compressed attachments such as .zip files are temporarily unzipped and scanned for viruses.

If an attachment (such as a password-protected .zip file) cannot be decompressed, our system passes the file on to scan the original file for virus signature and heuristics that occur within compressed attachments.

 

Feature 7: Virus Scan

After the steps 4, 5 and 6 are completed, we run an email anti-virus scanner process over the whole email and its uncompressed attachments. This provides maximum protection against new virus threats.

Our mail server system automatically updates virus definitions hourly giving customers protection from new viruses within minutes. Compare that to most desktop and server antivirus programs, which check for new virus signatures once per day and sometimes once per week.

 

Only after getting through all of the above filters will email be delivered to your inbox.