Posts

Return of the Message Center and More


As Google continues to migrate Google Message Security and Message Discovery customers from the old Postini infrastructure, our clients have been concerned about functional and performance equivalency.   While filters and settings have been comparable for a while, and Google had previously added the quarantine notification, Google today announced the new Message Center.

Specifically for users that forward some or all of their email to on-premise servers or other email services, the Message Center lets users and administrators:

  • View and search 30 days of clean/spam mail
  • Mark single or multiple messages as spam or not spam
  • Deliver messages that are not spam to the on-premise mailbox
  • Add and remove contacts for whitelisting purposes
  • Bookmark URLs for searches and individual messages

This expanded functionality coincides with a series of upgrades to the SMTP relay service in Google Apps.   These updates help administrators in several ways:

  • Multiple authentication configurations: Admins can now configure multiple sets of authentication rules. For instance, you can specify that messages sent from one IP address are always allowed, messages from another IP address are only allowed if encrypted with TLS, and messages from another IP address range require SMTP AUTH.
  • SMTP AUTH: This newly supported authentication method uses Google “application-specific passwords” to allow admins to configure clients to authenticate to the relay service. This feature is available for registered Google Apps users only.
  • IP range description field: To manage IP addresses more efficiently, admins can enter descriptions in text fields for each IP address or range that you use to set authentication rules.
  • Selective enable/disable of IP ranges: Admins can selectively enable/disable IP ranges approved for relay as needed
  • Increased rate-limits for certain customers: In special circumstances, admins may increase the rate limits of 2,000 emails/user/day and 2,000 recipients/user/day by calling customer support. Requests need justification and are reviewed on a case-by-case basis.

With these enhancements, Google continues to increase the robustness of the Google Apps Platform, and reduces the need for most GMS and GMD customers to move to other spam, virus, and archiving solutions.

 

 

 

A New Approach to Protection

Security Key
One of the challenges in today’s world is that malware can come from anywhere.  Traditionally, viruses and other malware travelled by disk or thumb drive.  As our desktop protections improved, malware appeared in infected files attached to emails, or spam.  Today, malware is more likely to come from a web site you visit — even legitimate sites have been hacked — than anywhere else.

Additionally, malware targets every platform.  Once thought immune to viruses, MACs face some of the same risks as PCs.  Our smartphones and tablets, running iOS and Android, are also under attack with malware built specifically for those platforms and the information they often hold and access.

The problem with protecting all devices, is that we have historically needed a solution for each platform.  For those with laptops, smartphones, and/or tablets, as many as three solutions may be needed — each with purchase and subscription costs as well as administrative time and costs.  Additionally, historical malware protection focuses on infected files and malicious code on each device … even though the web is the greatest source of danger.

Looking forward, we need a better way!

Instead of working to protect devices and data, let’s focus on protecting the users.  Let’s offer protection through a single system across all devices.  Let’s offer protection that not only looks for traditional viruses and malware, but prevents malicious code and activities from hacked web sites.  Let’s deploy a solution that works with they way our users work — on smartphones and tablets, as well as PCs and MACs.  And, let’s do this without breaking the bank.

Does such a solution exist?

YES!  And, we are launching it soon.  Fill in the form, below, for pre-launch information and pricing.

Special Bulletin: Message Security, aka Postini, Goes Native in Google Apps

A major change is underway within Google Apps for Business / Education / Government editions. Google is fully integrating the spam and virus protection of Google Message Security (GMS, aka Postini) into Google Apps and the cPanel.

While the transition starts in February, there are some caveats to the consolidation. As such, some organizations will want to maintain their stand-alone GMS service.

Currently, the newly integrated service provides for white list, black list, content filters, message filters, and spam sensitivity settings. The integrated service, however, does not have some of the features on which many of our customer rely. If you want/need any of the following, it is necessary to continue running stand-alone GMS for now.

  • Daily Quarantine Messages
  • Addition of Message Archive & Discovery and Message Encryption
  • Policy-Based TLS Encryption
  • Delivery Manager
  • Log Search
  • Reporting

The latter three are more of an issue for the IT folks, and TLS Encryption is transparent to the user.

The biggest user impact is the replacement of the daily quarantine message with the “Spam” label in Gmail.  Some users like the digest structure and the ability to deliver from within the message.  In using the Spam label, users can mark messages as “Not Spam” or can manage them from within the folder.

Also, until we are able to connect the Message Archive & Discovery and Message Encryption services directly to Google Apps, the stand-alone GMS environment will be needed.

If you have questions or concerns, do not hesitate to contact us.

The Impact of This Week’s Malware News

For the first time, MAC users are struggling with a serious, wide-spread, malware outbreak for Mac OS.  As reported by ZDnet, Apple is struggling to define its role as customer unaccustomed to these types of problems search for answers and help.

Also, this week, Microsoft announced that 1 in 14 Internet downloads is Windows malware.  According to ZDnet, Microsoft shared the data, gathered from anonymous security reports, to tout the security features of IE9.

Both of these events give us serious pause, as they should for you.

In today’s world, the best place for your computer to catch a virus or other malware is from web site visits and downloads.  At the same time, many webmasters are unaware that hackers have compromised their sites.

Desktop and email spam and virus protection are no longer sufficient.  Web security and active web filtering are an essential security component.  If you don’t have a web security solution in place, your are neglecting one of the largest risks to your network, systems, and data.

Fortunately, you have more web security options than you may think.  Web security no longer means committing to hardware, software, and firewall upgrades.  Cloud-based web security services offer greater protection at a lower cost, and require less administrator time.

Want to know more?  Contact us and we will schedule a call.

An Epidemic is Underway

Hopefully, you did not notice.  Hopefully, your computer has been inoculated from zero-day viruses and the viruses that follow them.  If not, today is the day to update your virus protection and deep scan your systems.

Why? A virus outbreak continues to plague the Internet.

Starting Friday afternoon EST, we began seeing an large increase in the number of Virus Outbreak warnings for our clients covered by Google Postini Services (as part of Google Apps or protecting their internal email servers).  A Virus Outbreak alert reaches us when a large number of virus infected emails are being sent and blocked.

We cover thousands of mailboxes for hundreds of companies.  In a typical day, we see about five (5)  Virus Outbreak alerts.  Since Friday, we are seeing about 400 per day, an increase of nearly 8000%.  Unprotected systems are more than vulnerable, they are targets.

If you have questions about your level of protection, or you know of a business that needs better protection from spam and viruses, please contact us.  We are happy to help.

When it Comes to Phishing, is Honesty the Best Policy?

Those of us in the anti-spam business have been scratching our heads recently as the number of messages getting through some of the best spam filters has jumped in recent weeks.  Many of these messages are phishing attempts with something in common.

The phishing messages do not attempt to hide their motive.

Huh?

That’s right.  The majority of the message is classic phishing.  Realistic sounding text (often without the grammatical issues) about account validation requirements and legitimate links to a real institution’s web sites.  The “action” link, however, is not hidden.  Recipients see that the link is to some weird URL that in no way looks like the organization supposedly sending the message.

Since spam filters are on the lookout for obfuscated URLs, having the URLs in the open seems to let the phishing messages fly just under the radar.

And clearly, those behind the phishing attack believe the enough recipients will click on the bad URL even though it doesn’t even look safe.  And, the sad fact is, they are probably right.

Recipient Beware.