Browse

Tag: security

Better spam protection in Mölndal municipality

Mölndals Stad (Mölndal municipality) has approximately 5000 employees and 10 000 students. In 2010 the IT department decided that 15 000 inboxes needed a new spam protection.

Anders Westerberg, now Head of IT Security in Mölndal, had built an open-source based solution that worked well. But for Annika Samuelsson, Head of IT development and maintenance, it was clear that they could not go on using a solution that only one person knew how to operate. Together with Anders she investigated possible replacements that could fulfill their wishes, and Halon caught their eye. The Halon software was then newly introduced to the market, and they saw an advantage in the company being open to a dialogue around how the product could be tailored to fit their needs.

The focus was of course on abiding by laws and regulations. Email sent to Mölndal municipality becomes public record and must be archived, even if it’s just spam. Stopping the email before it enters their system saves them that burden, and it’s also the procedure recommended by the organisation SKL (Municipalities and Country Councils of Sweden). Before implementing Halon, Annika and her team handled all spam quarantine, something that is now in the past. With the ”bulk” feature, an email manager will get a report on all blocked unsolicited email.

The result is very satisfying, says Annika Samuelsson

Introducing Halon was a quick process, and even though most of the work was done in-house they received some help from Halon support staff to do the fine tuning. Since becoming a customer, they have reached out a few times to address spam issues.

There have been incidents where we get spam that passes through the filter. But it’s always been very easy to get in touch with Halon and resolving the issues. Once it was actually as easy as a misunderstanding on which users that could report spam.

Mölndal municipality are subject to public procurement, and regularly has to compare their system to market competitors. But they have yet to find a product that solves their problems as effectively and smooth as Halon.

We feel very comfortable with what Halon provides us, and we would definitively 
recommend it to other governmental businesses.

Download case study (PDF).

Time-of-click protection against ransomware, malware and phishing

Time-of-click protection adds an extra layer of security to protect email users from accessing malicious content. Attacks including malware, ransomware and phishing are becoming more common and more sophisticated with every day, along with users keeping more sensitive information.

With an additional time-of-click protection, Halon will classify links in email every time it’s clicked, before allowing or denying the user to visit it. This means that if the scammer waits two minutes or two months with infecting the site, the user will still be protected when he or she chooses to click the link. It’s the extra layer of security that won’t allow you to visit infected websites by way of a link in an email protected by Halon.

Read more.

Dude, where’s my email?

Ensuring high deliverability in email is no walk in the park. As a high-volume sender of email, there are many things to take in consideration, especially with cybercriminals keeping a fast pace in innovation.

Read more.

Email Security Roundtable in Zürich, Switzerland

To email hosting and service providers in or around Switzerland, we kindly invite you to join an intimate group of Cloud and Telco VIPs for an exclusive Email Security Roundtable to introduce you to the Trusted Email Services (TES) initiative on Thursday, September 21, 2017, hosted by Open-Xchange.

TES was launched as an industry e ort to raise awareness around email security threats and promote the deployment of innovative technologies to address them, including encryption and DNS-based mechanisms such as DNSSEC, DANE and DNS filtering. The discussion will deliver an insight into how internet service providers and software companies adopting TES guidelines and best practices can secure and qualify their services, comply with recent legal requirements (GDPR) and establish enduring customer relationships.

Halon and Spamhaus in email security partnership

We are excited to announce that Halon now provides official integration with Spamhaus Technology anti-spam & threat data feeds (IP & domain blocklists). Both companies worked together to ensure that this new functionality would be simple to deploy while also scaling all the way from smaller systems to large ISP’s with millions of users and complex email flows.

Read more.

How I fooled Microsofts Safe Link technology in 5 minutes

The Safe Link technology was recently launched by Microsoft through Office 365. The goal of this technology is to rewrite all URL’s in email to a URL classification service, so at the time of user-clicks it’s possible to reclassify a URL. This method is preferred as spammers more often replace the phishing URL’s site content after a message is being scanned, hence there is a need of reclassification later. Safe link is Microsoft’s “best-effort” to do so.

“For messages in HTML, Safe links identifies any link that uses the HREF attribute. For messages in plain text, Safe Link uses custom logic to identify any text resembling a URL.”

Microsoft.com

This method should work correctly in all MUA (email clients). From the web mail to your iPhone’s Mail app. However, replacing a URL in HTML as text is difficult. Just let me demonstrate how easy it is to fool Microsoft’s Safe Link:

<a x=">" href="http://badurl.com">click me</a>
      ^--- the regex? engine stops to detect the <a> tag here, and leaves the href unchanged.

Another obvious way to fool the Safe Link re-writer is to use a <form>-tag (it may not work in all email clients). You may be safe until spammers figure this out.

<form action="http://badurl.com"><input value="click me"></form>

If it’s this easy to fool, should it be done in another way or perhaps complemented with additional safeguards, preferably in the MUA (web mail, Outlook.app, etc)? I think so, and would have expected that Microsoft tried harder.

First suggestion; when rendering the email replace all links by asking the rendering engine what it has rendered

$("a").each(function () { /* all links are detected foolproof */ });

Second suggestion; Microsoft could surely use one of there own HTML parsers (like the one in the Edge engine) to detect where URL’s are located in the message in order to properly replace them, it’s probably better than a regex.

If customers are activating and paying for Safe Link they should be able to expect more value for their money and some more security.

In Halon you can do the same simple URL rewriting using this HSL code.

HSL instead of Safe Link

TES meeting at Old Trafford in Manchester

Email security was the topic of discussion at another Open-Xchange sponsored TES event held last Thursday in the fantastic setting of Old Trafford Stadium, the home of Manchester United. BT, TalkTalk and Plusnet, three of the largest ISPs in the UK, had delegates in attendance along with Halon and Cloudmark. This intimate group discussed the challenges facing email security as it stands today and how they could collaborate going forward to improve the state of affairs. You can read more about the event at the TES website.

The Trusted Email Services project is an open, non-commercial industry effort to raise awareness around current email security threats and promote the deployment of technologies to address them, particularly cryptographic techniques to secure the submission, transport and storage of E-mail messages over the Internet using the DNS root as the trust anchor.

The project specifically targets, as a primary audience, the ISPs, telecom and hosting companies in each country, organizing a series of round-table meetings where product owners and technical experts responsible for E-mail can take part in a meaningful conversation; ideally, these companies are best suited to build the critical mass that would prompt general adoption of any new practice.

The project was initiated in Autumn 2015 by Open-Xchange, the maker of Dovecot, OX App Suite and PowerDNS, with the participation of other E-mail, DNS and security vendors, such as Halon and VadeSecure. However, no product placement or sales pitch is allowed in TES, and meetings only focus on presenting the issues and discussing relevant technologies and best practices. Before discussion is opened to all participants, introductory presentations are offered by technical experts from the supporting organizations and companies (e.g. Jakob Schluyter, one of the authors of DANE TLSA, presented at the Stockholm event).

How One.com reduced email costs by up to 70%

Anders Saaby, CTO, One.com explains, “Due to One.com’s high growth rate, we needed to upgrade our existing email delivery and security infrastructure to a newer solution that scaled better in terms of performance and maintenance.

One.com typically develop their own software and systems as this enables them to offer truly differentiated services with many unique features, at very competitive prices. This usually rules out many commercial products, as they cannot properly support and integrate into One.com’s sophisticated and highly customized platforms.

“We researched and evaluated many email security and delivery platforms against our requirements,” Saaby continued. “We finally settled on Halon email platform based on price, performance, ease of use, flexibility, multitenancy support with security and its ability to scale on demand.”

Halon’s highly integrated and comprehensive platform now comprises One.com’s entire email delivery infrastructure; except for email storage and web mail.

It’s a flexible and scriptable email engine, designed to be run as part of a fault tolerant and linearly scalable cluster that integrates with surrounding modules and infrastructure. This highly differentiated platform enables demanding organizations like hosting providers and MSPs to implement ideal solutions for their specific needs.

On the inbound side, clusters of Halon nodes have replaced several layers of components including IP reputation, recipient verification integration, anti-spam and antivirus, policies, aliases and external forwards with SRS, auto replies, backup/replay and routing to the email storage servers over LMTP. All integration uses a REST API endpoint that One.com wrote. The outbound cluster integrates with the same API for SASL authorization, relay permissions and rate metrics, and ensures excellent deliverability.

Read the full One.com case study here.

Why you need to demand high deliverability and security of email

Trends come and go but fashion is always in style. 20 years of emails shows that it is a consistent way of communication, despite a relatively standstill in development. While the world sings their praise for new and sexy messaging services like Slack, gets rid of stationary phones, and transfer customer communication to Facebook chat bots, the B2B world still rely steadily on email. After three days of WebSummit in Lisbon, Portugal, I am even more convinced than before.

Read more.

I can haz secure email?

Halon CTO Anders Berggren at Netnod Autumn meeting 2016, speaking about DANE and secure email.