Re: [fw-wiz] Securing email by inhibiting urls



I'll check out Ironport. We looked at this earlier but there was something about it at the time that caused us to not buy it. Time to revisit...

Thanks

-----Original Message-----
From: Kaas, David D [mailto:David_D_Kaas@xxxxxx]
Sent: Thursday, August 11, 2011 12:06 AM
To: 'chughes@xxxxxxx'; 'Firewall Wizards Security Mailing List'; 'firewall-wizards@xxxxxxxxxxxxxxxxxxxxxxx'
Subject: RE: [fw-wiz] Securing email by inhibiting urls

The ironport email appliane can do this. You can strip HTML or modify URLs. Outlook tries to be friendy bt atutomativally making www. Any.com clickable.



-----Original Message-----
From: Chris [mailto:chughes@xxxxxxx]
Sent: Wednesday, August 10, 2011 08:46 PM Pacific Standard Time
To: firewall-wizards@xxxxxxxxxxxxxxxxxxxxxxx
Subject: [fw-wiz] Securing email by inhibiting urls

A company I work for has been having great difficulty in securing against email attacks. So far we have disabled access to webmail, implemented rules and processes to block freemail services like hotmail etc until the sender registers the address and of course a spam filter (BrightMail). Attachment filtering is pretty strict as well.



The threat that presents the biggest challenge is url links in emails. The common method of attack is an email from somedomain.com where they change one character or otherwise make the address look valid (ie: joe@xxxxxxxxxxxxxx or j0e@xxxxxxxxxxxxxx etc).



I was looking for a way to spot and block hyperlinks but it looks like the only option I have is to filter on these and send them to a spam bin. I’d rather yank the offending hyperlink and replace it with a message of some sort. Unfortunately BrightMail doesn’t offer that capability.



Any products that do this or ideas on a solution?



Thanks


_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards