Browse

Blog

Halon chosen for growth acceleration program Scale Global

Halon has been chosen to participate in the growth acceleration program Scale Global. During the period of September 2017 to January 2018, Halon and seven other companies will get help with the transition from nailing the product to scaling their business. The program rests on three pillars; workshops, coaches and Silicon Valley.

Each company is paired with a coach, and Halon will be working together with Stefan Lindeberg, CEO of ZeroPoint Technologies and former CEO of Netnod. Other coaches include Mengmeng Du (Spotify, Acast), Alfred Ruth (Vidoplaza, Angel investor), Alexander Hars (Let’s Deal), Louise Grandinson (MAG Interactive, Disney) and Johan Sköld (Qamcom, Chalmers Ventures).

The program is organized by Chalmers University of Technology, with support from Vinnova. The companies have been chosen according to several criteria, such as having global potential, having annual sales of at least 10 MSEK and/or manage at least 10 employees. Out of 70 nominees, Halon was chosen along with Adfenix, Parakey, Wint, Greenbyte, Minatjänster.se, Senion and Kitab Sawti.

The companies will be working together on a number of workshops, one of them being a one-week stay in Silicon Valley, having meetings with partners at AndreessenHorowitz and True Ventures, Gustaf Alströmer (partner at Y Combinator), Cindy Alvarez from Microsoft and Maxime Prades of Algolia, to mention a few.

Time-of-click protection against ransomware, malware and phishing

Time-of-click protection adds an extra layer of security to protect email users from accessing malicious content. Attacks including malware, ransomware and phishing are becoming more common and more sophisticated with every day, along with users keeping more sensitive information. 

With an additional time-of-click protection, Halon will classify links in email every time it’s clicked, before allowing or denying the user to visit it. This means that if the scammer waits two minutes or two months with infecting the site, the user will still be protected when he or she chooses to click the link. It’s the extra layer of security that won’t allow you to visit infected websites by way of a link in an email protected by Halon.

Features

  • On-premise or hosted cloud
  • Front/backend architecture for high availability
  • Multi-tenant with companies and users
  • Supports branding
  • Multiple detection engines
    • CYREN
    • Sophos
    • Google Safe Browsing
    • ISITPHISHING.org
    • Spamhaus
    • SURBL
    • URIBL
    • PhishTank
  • Optional click history
  • Black/whitelisting

Time-of-click protection is an add-on to Halon SMTP software, and we recommend that you extend your license to include it. Pricing is set per user, with volume-based discount. If you are already a Halon customer, contact your sales representative, or send us an email for your quote.

Meet “classy” and “cody”, Halon 4.2 and 4.3

We have done two new releases of Halon since last time we updated the blog with release matters. In Halon 4.1 “teamy”, released just before this summer, we introduced modules. A month later we followed up with 4.2 “classy” that added proper object orientation to the language (which works great in combination with modules). It spawned a few rewrites of our script examples (modules) to reflect this awesomeness. We initially added instance and class methods and variables (static), and in 4.3 “cody” we added the private keyword to functions and variables as well.

class HelloWorld
{
	private $name = "Dr Who?";
	constructor($name)
	{
		$this->name = $name;
	}
	function sayHello()
	{
		return "Hello ".$this->name";
	}
	static function ...()
	{
		...
	}
}

We’ve created a lot of modules and script examples. Some of those, such as the PostgreSQL and MongoDB modules, rely heavily on byte packed data structures. In order to better support those, we’ve added built-in functions such as pack() and unpack(). Upcoming modules and rewrites will also benefit from the new TLSSocket() class.

Here are some new additions to our module collection:

Other notable features from the changelog includes

  • FreeBSD 11.1 and new quarterly packages
  • sha2 hash functions
  • Added status and NDR codes to Reject, Defer and Deliver functions
  • SetTLS support CA name verification
  • DLP engine now support file hashes of SHA2-256 and SHA2-512
  • Added $sourceip variable to post-delivery script to easily determine which IP address that was used to send the mail
Geek out corner

One major change that only we can see and fully appreciate is the (both automated and manual) code migration to C++11 (and forward), using the truly awesome clang-tidy tool.

On another note; while we researched pack and unpack implementations by looking at other languages’ documentation (such as PHP, Perl and Python), we found a bug in PHP, which was fixed in 7.2, and backported to 7.1.9. The overall consensus of syntax and conventions amongst languages regarding how pack and unpack should work seems to reflect and mimic Perl.

Some scripting languages like JavaScript and HSL has the notion of class constructors but no destructors. The HSL memory model uses references counted automatic garbage collection to determine when objects should be removed.

“In a language with an automatic garbage collection mechanism, it would be difficult to deterministically ensure the invocation of a destructor, and hence these languages are generally considered unsuitable for RAII [Resource Acquisition Is Initialization]” – Wikipedia on destructors

MongoDB does unlike many other databases use little endian and not big endian (network byte order) in its wire protocol. This will let you send and receive data structures in native machine endian (for most people) since both x86 and amd64 use this convention. I highly recommend reading up on the fun historic trivia about endianness.

Want more in-depth info on the new releases? Get in touch with the support team.

Dude, where’s my email?

Ensuring high deliverability in email is no walk in the park. As a high-volume sender of email, there are many things to take in consideration, especially with cybercriminals keeping a fast pace in innovation.

Make no mistake, deliverability is of highest importance to anyone sending email, let alone the high volume senders. When you get the information from your servers that a certain percent of sent emails were accepted by the receiving servers you still have no idea what happened after that. No confirmation of emails actually reaching inbox means they might just as well be laying in the spam folder. The SMTP transaction is logged as ”250 OK” as long as the server didn’t reject the email. To make matters even worse, different ISP’s may treat email differently, putting more responsibility on the sender to do their homework as neat as possible.

Pay attention to encryption, as it no longer is as security measure only for the selected few, but becoming the standard. TLS/SSL and DANE are your friends and will keep your information private.

Be protective of your IP addresses reputation, they can make or break your deliverability. ISP’s acts as proxies for recipients, meaning they will take reputation very seriously. Take in consideration that sending unsolicited email may harm your IP reputation, and authenticating your email with SPF, DKIM, and DMARC will help keep out scammers who are most often ahead of ISP’s and senders technology.

KPN chooses Halon for email infrastructure and security

Telecommunications company KPN, the largest provider of internet access services in the Netherlands, has agreed on implementing Halons email infrastructure and security software.

”As the largest ISP in the Netherlands, we believe in connecting people and enabling them to communicate with the world around. Because of that we provide full functional, secure email as a part of our portfolio. But a constantly changing internet environment and attacks becoming more and more sophisticated, managing such an email platform can become quite a hassle. We are always looking for improvements in functionality, flexibility and performance” says Martijn Thie, architect at KPN.

”In Halon we have found a great partner for that. They are not just delivering their software, but they’re really keen on working together and learning from our situation. Even before we could enable Halon for our email products, additional functionality was added to make it an even better fit with our environment. Halon SMTP is the most flexible, sophisticated and easy-to-manage SMTP server out there.” adds Martijn Thie.

”We are proud and glad to welcome KPN as a Halon customer, and help them secure their users email. With the Halon taking care of email infrastructure and security KPN can now improve the performance of their email platform” says Peter Falck, CEO and co-founder of Halon.

Email Security Roundtable in Zürich, Switzerland

To email hosting and service providers in or around Switzerland, we kindly invite you to join an intimate group of Cloud and Telco VIPs for an exclusive Email Security Roundtable to introduce you to the Trusted Email Services (TES) initiative. Date: Thursday, September 21, 2017, hosted by Open-Xchange.

TES was launched as an industry e ort to raise awareness around email security threats and promote the deployment of innovative technologies to address them, including encryption and DNS-based mechanisms such as DNSSEC, DANE and DNS filtering. The discussion will deliver an insight into how internet service providers and software companies adopting TES guidelines and best practices can secure and qualify their services, comply with recent legal requirements (GDPR) and establish enduring customer relationships.

Interested in participating? Please contact Jonas Falck at [email protected] .

Halon at WHD.usa in Las Vegas

The countdown has begun and it’s time for WHD USA and Vegas, baby, Vegas! Booth 26 will be your hotspot for all things email security and infrastructure, painted in characteristic Halon blue. Peter, Karim, Nina and Anders will be there to make sure no questions are left unanswered. And don’t miss the speed session “I can haz secure email?” by CTO Anders Berggren.

Register for free with our guest code here and make sure to contact us if you want to book a meeting!

Beware of ransomware, read the cyberthreat report

Cyberthreats are real, with ransomware Petya being the latest example, following WannaCry and Locky. Take some time to read this high-quality report made by security technology company Cyren, courtesy of Halon.

Download Cyren Cyberthreat Report (pdf)

Table of contents:

  • The Rise of Ransomware
  • Ransomware by the Billions
  • Locky: Understanding 2016s Most Prolific Malware
  • How Ransomware Works
  • Evading Detection Through Adaptation
  • Ransomware-as-a-Service
  • Companion Ransomware: Two-Malwares-in-One
  • The Locky of 2017? Look Out for Jaff
  • The WannaCry “Ransomworm”
  • IT Manager Surveys in the US and UK: Ransomware is a Reality
  • An Interview with the Researchers Tracking Ransomware
  • Stopping Ransomware: Best Practices
  • Creative Ransom Demand
  • Cyren GlobalView Threat Trends Q1 2017

 

Download Cyren Cyberthreat Report (pdf)

Upcoming events: WHD USA, cPanel Conference and more

The summer is here and business go into a slower mode. But that also meads plenty of time to prepare for what we have planned for this fall. As always, there are a ton of events, and we have picked some favourites where you’ll definitely meet us. If you want to schedule a meeting, just let us know and we’ll get back to you!

WHD USA – September 11-12, Las Vegas, USA

We are still on a high from all the fun at WHD Global, but let’s look ahead. You will find Halon in booth 26, with Karim, Peter and Nina ready to give you any information you need.

cPanel Conference – September 26-27, Fort Lauderdale, USA

Many of halons customers also use cPanel, so it’s a no-brainer that we need to attend this event, celebrating 20 years of the cPanel software! Peter and Karim will walk the floor and take meetings.

OX Summit, October 12-13, Bruxelles, Belgium

We return again as a sponsor to this ever-so-rewarding event with Open-Xchange. Join the OX ecosystem in Europe’s capital for a ‘Summit like No Other’. Peter, Ohannes and Myria will wear their Halon shirts!

Nordic Domain Days, 20-21 November, Stockholm, Sweden

This new event is a part of Internet Days, and Halon will be a sponsor. Be sure to check out this domain industry event for the nordic countries as it carries a strong focus on networking between parties with interest in the region.

TES roundtable discussions

There have been several successful meeting arranged by the Trusted Email Services initiative, where Halon take part, and there is more in store! This event calendar will be updated soon, and if you are a hosting or service provider looking to attend, let us know and we will find your nearest

Job opening: Front-end web developer

‘It’s a dangerous business, Frodo, going out your door. You step onto the road, and if you don’t keep your feet, there’s no knowing where you might be swept off to.’

 

Our software, our Precious, needs one more master to care for its well-being. We invite a front-end web developer to be swept off into the wonderful world of Halon and care for all our digital interfaces. That includes the Halon software, web services and halon.io website. Your work will be according to the current brand guidelines, which you of course also will help to improve. Nothing is set in stone, and remember, even the smallest person can change the course of the future.

Halon helps hosting and service providers, as well as telcos, to offer their customers the best possible email service when it comes to security. Our scriptable SMTP software enable our customers to tailor the perfect solution regarding anti-spam, signing, encryption, routing and so on.

We are looking for someone courageous and talented, who have just started their long journey towards excellence . But make no mistake, one does not simply become a Halon front-end web developer. The position requires you being handy in the arts of:

  • HTML5/CSS/JS
  • Bootstrap and jQuery
  • WordPress and PHP

 

You must be able to stand the hardships that comes with living in Mordor, a.k.a. Gothenburg, but we will try to ease the pain by putting you in the most fabulous office. Also, you shall not pass if you don’t have a portfolio to show off your eye for detail and good taste in design.

When it comes to spoken languages, English and/or Swedish will work. Elvish is a plus.

We offer you a competitive salary, a team of companions that will have your back at all times, weekly breakfasts, Friday beers and all the laughter one could wish for.

The position is to be filled immediately, and you start with a three month paid evaluation period. Interviews are ongoing so don’t hesitate to apply.

Send your CV, portfolio (links or attached files) and ring size to [email protected]