Making e-mails more secure: Effective protection against sender fraud

18. February, 2019

You too can support a global improvement in email security by applying simple best practices according to the state of the art.

The truth is not always easy to filter into good and bad: your organisation’s email system needs active protection as well as adaptation and development to best prevent abuse. By using current standards, global e-mail security can be significantly improved. Do your part and actively prevent sender fraud!

Make misuse more difficult:  Verify sender identity

One problem with e-mails is still reliably detecting whether the sender is actually authorised to send electronic messages in the name of the domain and the sender. Spam filters have meanwhile seen enormous improvements and high hit rates. Based on content and structure alone, as well as other quantitative evaluation metrics, an immensely high number of false messages can be sorted out.

The mail system still has weaknesses that make particularly targeted spam messages very difficult to detect. The solution requires a multi-level approach that improves the overall email system security. On the sender side, the three methods SPF, DKIM and DMARC are widely used.

Three tools for more email security: SPF, DKIM and DMARC

Based on DNS records, an enrichment with additional information takes place, which enables supplementary checks when sending and receiving messages.

  • SPF (Sender Policy Framework) is an additional DNS text entry (SPF record). It defines which e-mail server is authorised to send messages. In this way, the valid server of a domain can be clearly defined and identified.
  • DKIM (DomainKeys Identified Mail) is activated on the DNS server and on the e-mail server. It provides additional integrity protection by publishing a public key of the e-mail server. Thus, it is possible to check the authenticity of the e-mail message as well as any change during transport.
  • DMARC (Domain-based Message Authentication, Reporting and Conformance) combines the two previously mentioned methods on the sender and receiver side. The information can be linked with each other and evaluated specifically for the further handling of the messages.

With only a little preparation, a big gain on the security side is possible thanks to these methods: they prevent both the forgery of e-mails from one’s own domain and the receipt of forged e-mails.

IKARUS offers active support for increasing email security

IKARUS mail.security offers different levels to send only sender-verified, secure emails – and to receive secure emails:

  • Free dispatch via IKARUS email server: This service is available to all IKARUS mail.security customers with their own e-mail server. All you need to do is activate the IP address of the sender system. Send a short e-mail to support@ikarus.at and benefit from the additional control of your sent e-mails for malware and the excellent reputation of our IP addresses.
  • Simple activation of SPF and DKIM in the DNS-record: Enter the IKARUS platform as authorised gateway for the SPF-record in the DNS of your domain (e.g. ikarus.at. IN TXT “v=spf1 ip4:91.212.136.49 include:mymailwall.com -all”). For DKIM, in addition to adjustments to your e-mail server to check the signature, only one entry in the DNS is necessary. Publish a CNAME for this (e.g. mailsecurity._domainkey.ikarus.at. IN CNAME mailsecurity._domainkey.mymailwall.com.) for our public key.
  • Additional security and protection against targeted attacks is provided by the ATP-AddOn (Advanced Threat Protection) of IKARUS mail.security: Every incoming message traffic, attachments and URLs are subjected to a multi-stage check procedure with additional signatureless malware detection, behavioural analyses and validation algorithms.

The more e-mail systems use advanced methods for sender verification, the more difficult it becomes to transmit false messages and the more trustworthy the entire communication network becomes.

Our support team will be happy to assist and advise you! Call us at +43 1 58995-400 or write to us at support@ikarus.at.

Defense in Depth
private
Qlocker 01

Ransomware Qlocker: How to restore your data (for the most part)

Two Austrian security experts analyzed the method the hackers used and found out, that they made a mistake.
Fax
Beat The Best
malicious-code
Microsoft Exchange
*IKARUS quick survey (Q1 / 2021): Cybersecurity in times of corona
Image
EndofSupport-Windows7

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 (0) 1 58995-0
Sales Hotline:
+43 (0) 1 58995-500

SUPPORT HOTLINE

Support hotline:
+43 (0) 1 58995-400

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm

Remote maintenance software:
AnyDesk Download