E-mail? But Secure! Premiere of the NoSpamProxy Cloud

Premiere of the NoSpamProxy Cloud

What started 15 years ago as a diploma thesis by the current head of development, Henning Krause, has long been established in the market as a veritable on-premises solution for email filtering “Made in Germany”. Now, Paderborn-based Net at Work GmbH has built a brand new cloud solution from it, which Stefan Cink, Business Unit Manager at NoSpamProxy, exclusively “unveils” to us as a premiere in a Deep Dive.

E-mail? But secure! Premiere of the NoSpamProxy Cloud

Unfortunately, the risks posed by email have not disappeared from the agenda of IT security managers. On the contrary: attacks are becoming more “(a)social” and sophisticated so that even the most intelligent scanners sometimes fail. This is where NoSpamProxy comes in because, in addition to the use of state-of-the-art filters and patterns, the focus is primarily on the reputation principle. This is also fully implemented in the cloud version, which comes without any major installation effort.

Onboarding, configuration, and protection

For onboarding, the required details such as domains, MX record, and CNAME entries must first be entered. Also, the domain key identification DKIM for the authentication between the e-mail servers is supported here on a broad basis, this improves among other things the delivery of own mails.

READ:  Prepared for Emergencies With ITSCM (IT Service Continuity Management)

After setup, the NoSpamProxy principle applies: Incoming mails must first clear various security hurdles. Besides the many filters to check the mail and of course the recipient validation, incoming mails are divided into trusted and untrusted mails. This information is based on the Level of Trust system, which in turn gathers its knowledge from outgoing emails.

NoSpamProxy Cloud thus knows who customers are communicating with and can award bonus points to known communication partners. Content filtering also plays a big role, of course. There are pre-configured settings from “soft” to “strong” for this purpose. Depending on the trust level of the attachment, the so-called CDR action takes effect, in which potentially dangerous attachments are converted to harmless PDFs and delivered to the recipient.

In advance, AV engines and sophisticated spam rules intercept the most suspicious e-mails. In this context, the NoSpamProxy project “Heimdall”, which is already in beta, is worth mentioning, as it will optionally detect and fend off attacks.

Message tracking and encryption

For the trust classification of e-mails, NoSpamProxy has added a minus range to the usual Spam Score Rating (SCL): the lower the value, the better, and thus the greater the chance of mail delivery. The product works without quarantine, does not send bounces, and therefore cannot be misused for so-called non-delivery response attacks.

READ:  Positive Trends but No Universal ICS Security

In short, the sender does not get rid of the mail and the recipient does not get it either. The message tracking data is kept for three months. This makes it possible to see which mails were rejected and for what reason.

One topic that will become increasingly important in the future for improving “eavesdropping security” is e-mail encryption, which is offered by the manufacturer as an additional service. Certificates must still be deposited manually for this purpose, but from Q1/2021 a certificate automation will provide assistance with which certificates can be rolled out automatically. NoSpamProxy also operates the public OpenKeys, where certificate information from external communication partners is stored.

Licensing

NoSpamProxy Cloud is priced at €1.50 per user per month for the basic package (anti-spam and anti-virus protection only). The optional encryption incl. certificate costs 1.50 Euro extra each. Depending on the number of users, there are corresponding quantity scales. The service is sold exclusively through qualified partners. NoSpamProxy can be put through its paces for 30 days in a test license.

Conclusion

NoSpamProxy Cloud is a service that comes at the right time, as many companies no longer want to tie themselves to on-premises or are already exclusively in the cloud. It is based on 15 years of experience in email security and several thousand installations. The reputation concept is unique and NoSpamProxy also offers many other specifications and services that are extremely innovative and cannot be found elsewhere.