Spambrella inbound email threat protection filters all inbound email for spam, viruses, malware, phishing attacks, and more. Spambrella provides the same high level protection for small and medium-sized enterprises as our large global enterprise customers.
Spambrella examines hundreds of thousands of attributes in every email to accurately detect text, image and attachment based spam or phishing emails, while automatically adapting to new threats as they appear. Our email threat protection technology removes all malicious and inappropriate content that could negatively impact an organisation, before it reaches user inboxes.
Our interface logs all inbound emails which pass through a company’s systems, enabling complete message traceability for users.
Email is scanned for any viruses, malware or other malicious content such as phishing, spoof email addresses etc. As a result, a company can provide protection to the intended recipients while protecting the professional reputation of its organisation.
An email content filter with flexible rules engine
Address issues regarding confidential, malicious or inappropriate email content that is being sent or received.
Establish a variety of filters, depending on a company’s needs—and block emails based on the size of the email, the type of attachment, the sender or recipient, the country of origin or destination, and the content within the subject line, body or header. This content filtering feature is completely configurable to each company’s needs and harnesses a range of proprietary technologies that determine whether or not each individual email may be allowed in or out of the organisation.
Also customize rules for a number of different situations. The Rules Engine allows emails to be filtered based on a series of select variables, such as message size, country of origin, and destination. The rules can be directed either to the user only, or a group of users chosen by the company administrator or even the entire organisation. Users are also able to edit and order rules to their own preferences providing an administrator has granted them permissions to do so.
As a 100% cloud-based solution, there’s no hardware or software to install or to worry about updating. By filtering mail at the Internet level before it reaches the network, Spambrella can save organizations considerable amounts on administrative tasks, bandwidth, end-user filtering, and even disk space on servers. We know time is valuable, so Spambrella offers market leading technology without the management and deployment headaches. Administrators can simply login to the online console and manage all users and account settings from one single secure platform.
Muti Layered Anti-virus Scanning
The Spambrella advanced threat detection technology enables our anti-virus engines to provide clients with an unrivalled protection from viruses and other email-borne threats. All messages are meticulously scanned by our sophisticated virus engines, operating at the highest levels of accuracy, performance and effectiveness ensuring all known viruses are captured and blocked. For increased protection,
Spambrella additionally employs heuristics scanning technology to discover email threats currently unknown to the system and protects against these in real time.
Threat Protection Technology
Spambrella leverages the advanced power of Targeted Attack Protection, Proofpoint’s Industry Leading email analysis solution, to provide small to mid-sized enterprises with URL Defense and Attachment Defense, the only service that effectively detects, catches and analyzes malicious URLs and attachments targeting this market.
Data Loss Prevention and Content Filtering
Spambrella eliminates the risk inherent in individuals making security and disclosure policy decisions by implementing a user-transparent, centrally based, policy-driven data loss prevention filter. Users simply send email, and the appropriate action is automatically taken. Also the solution offers a powerful, customizable rules engine. This facilitates both content and event-based email management whilst providing highly sensitive levels of control regarding email traffic. The service allows users to control where messages are sent to and how they should be filtered depending on specified rules with full visibility and control of features.
Auto User Provisioning (SMTP discovery), by default will automatically add unregistered users to the service when three valid messages are received from that unique address (within 30 days), or one valid message has been sent outbound from your email server via the Spambrella Platform. (These settings can be customised by an Administrator). SMTP Discovery can be enabled/disabled from your Organisation’s Spam settings tab in the Spambrella interface.
When a new account is detected, it will be added to the Discovered list under the SMTP Discovery tab in the Users & Groups section of the user interface. Every Thursday, a notification email will be sent to the Organisation Admin with a list of the newly discovered accounts. From this email, the Org Admin can choose to add these accounts as new End Users, or mark them as invalid. By default, if a discovered account is not marked as a new user by the Org Admin within 3 weeks, a new End User will be created for that account, unless the option ‘Expired Addresses Default to New User’ is disabled under the Organisation SMTP Discovery settings. In that case, the account would be marked as invalid. Please note that any accounts on that invalid list will not be able to receive mail once they are added to the invalid list.
Question: How often is the SMTP Discovered list updated?
Answer: The SMTP Discovered list is updated with newly discovered non-registered email addresses 4 times a day.
This also depends on organization settings in place for SMTP Discovery. For example, the default value for “Inbound Detection Threshold” is 3. Therefore a non-registered SMTP address will not be reported until it has been identified 3 times. Once it meets this threshold it is added to the SMTP Discovered list. This occurs 4 times per day.
As SMTP Discovery can automatically create users for mail sent to valid addresses including both primary addresses and aliases, it is advised to manually add addresses to existing aliases to avoid the creation of multiple accounts.
When moving from one filtering service to another, or setting up for the first time, there are steps to include when setting up Spambrella that may be forgotten outside of our standard steps.
Remember to add in our IP ranges into your firewall.
However, adding to your firewall is not enough, specifically in the case of an existing filtering service going to your mail server. Your mail server itself may have other security protocols in place, especially if using a Microsoft Exchange environment.
Like the firewall settings, your mail server may have specific IP ranges that accept mail. Please make sure to add in the Spambrella IP ranges into your current mail server security settings. This is especially important for when moving from a different filtering service and you are only accepting mail your previous providers IPs.
Note: The Spambrella logs will indicate we will be setting your mail status as “Deferred” if we cannot talk to your mail server.
For outbound mail, although you may have set-up the smarthost properly, this does not mean mail will flow to the Spambrella smarthost. If you have specific rules in place please check your rules to see if any exist that could contradict sending to the Spambrella server.
Note: Spambrella support would not be able to easily assist you on this. If mail does not flow into our server via SMTP, we would not see anything at all, even in our logs. You would need to diagnose this on your mail server, hence please check your outbound rules and logs first.
For the smoothest deployment possible, you should go through the following four phases:
This gives you access to the Administration Console, with one administrative account, one organization, and one server.
Add a small group of users and possibly add additional administrators. Set up your service
Using LDAP Discovery, Add your remaining users and domains, and set the filter configurations and access levels as required.
On-going support of your users and servers. This may require adjusting filter settings, managing users and domains, and adding new or configuring existing email servers.
Frequently Asked Questions (FAQ)
Q. What packages is Data Loss Prevention included in?
Q. How is Data Loss Prevention enabled?
Q. Do the logs report on Scan information?
Q. Can a user see the terms included in the dictionary?
Q. Does Spambrella support custom dictionaries?
Q. Is Data Loss Prevention available for customers on trial?
Q. How do I know Data Loss Prevention is enabled?
Spambrella does filter outbound email for SPAM. If a message is not delivered it will be recorded in the Email Logs and can be released to the intended recipient. Please note that similar messages of this nature are likely to be quarantined in future.
Email spoofing is the creation of email messages with a forged sender address. It is easy to do because the core protocols do not have any mechanism for authentication. It can be accomplished from within a LAN(Local Area Network) or from an external environment. Spam and phishing emails typically use such spoofing to mislead the recipient about the origin of the message.
By adding SPF (Sender Policy Framework) records to your existing DNS information, this will increase the chances that any spoofed email will be detected and is an added security measure, as all incoming emails will have the sender information validated. Please note that by adding an SPF record does not make this 100% full proof.
Here are some external articles about spoofing:
Below are the SPF records, please use the one relevant to your platform.
“v=spf1 a:dispatch-us.ppe-hosted.com ~all”
“v=spf1 a:dispatch-eu.ppe-hosted.com ~all”
Please Note: Spambrella does not block an email outright for the SPF entry. This is because there are a large number of domains that have an incorrect SPF record. We will just increase the overall spam score.
A soft fail (~all) will increase the spam score moderately (which may not quarantine a message dependent on your spam threshold specified) whereas a hard fail (-all) will increase the score aggressively and quarantine the message if triggered.
The Instant Replay feature allows users to send (or resend) an email from Spambrella to their messaging server. This may be useful in the following situations:
If a user is attempting to send an email that has already been sent, they should be aware that if the email already exists in the destination server’s database then many mail systems may not deliver the email again. This will depend on the mail system in use and how it handles duplication.
Microsoft Exchange, for example, has a default duplicate database setting of 7 days. This means if an email comes in with the same messageID and client submit time within 7 days of the original, it will delete it as a duplicate. Therefore the user who uses Instant Replay feature to resend an email less than 7 days old will not get the message.
If you are using Microsoft Exchange and wish to enable retrieving messages within 7 days of receipt of the original, please follow the instructions on how to change this setting, available here.
If you are using another email application you should investigate to see if you have the option to adjust this value.
Instant Replay Feature is available only for the customers who have subscribed to the Business or Professional packages.
Please Note: This feature cannot be used with customers using Office 365 as a mailbox. This is due to how Office 365 handles duplicate message detection.
Spambrella is available in 4 service packages [Click here to see them]
Partners – When selecting the package type you require for your customer, you are able to choose the appropriate features and modules for your needs contained within a package. Also, you can upgrade, downgrade or change a user’s license by following the instructions below:
1) Adding / Decreasing Users’ Licences.
Adjust the user Licence number to the required amount and select save button at the bottom of the screen.
2) Enable User capping.
Enabling this feature will not allow customers to add users above the number in the license field. This is useful for partners who sell an annual prepaid agreement and do not want to be billed for any users above that licensed amount, and it forces the customer to contact the partner to order more licenses and be able to add them to the system.
4) Licensing of Users.
Impostor email attacks are a growing trend and problem. Attackers will target your employees, customers, and business partners with these advanced attacks. It is now…
Why are hackers increasing levels of Office 365 phishing attacks? This article will explain some key processes how and why Office 365 phishing attacks are…
General Availability Notice We are proud to announce the release of beta user interface 6.0 which will has been rolled out for general availability to…