|
Nemx Power Tools for Exchange Server
April 2004
We
would like to take this opportunity to share with
you some tips and let you know about additions and
improvements to Nemx Power Tools and SecurExchange
and how these can be of benefit to you in your fight
against the recent spam and virus attacks that you
may have been dealing with in the past few weeks.
Power
Tools - Concept Manager:
Concept
Manager works through the use of a Policy file very
much like anti-virus definition files. The policy
is managed and provided by Nemx and is updated monthly.
Recently we have been providing these updates weekly
due to the high volume of spam and unsolicited email.
In the past, these updates have required the download
and installation of the complete version of Nemx Power
Tools. As of today Concept Manager Policy updates
are automatically downloaded and installed to your
server as they become available. They will also continue
to be available from our web site at http://www.nemx.com/products/powertoolsinternet/download.asp
.
In
addition much effort has been placed on “fine tuning”
the policy to reduce the already low number of false
positives. We have set up a special email address
to receive any email which has been falsely triggered
or was missed by Concept Manager. This email should
be embedded within an email and can be forwarded to
analysis@nemx.com.
For
those not familiar with Concept Manager, it is an
add-on component to Nemx Power Tools that is used
to detect and filter junk mail or inappropriate content
with greater consistency, accuracy, and reliability.
It accomplishes this by understanding the meaning
or key concepts within a message, because no matter
what tricks spammers use, the meaning of the message
is always the same.
Viruses,
Viruses, and more Viruses:
The
recent Netsky and Bagle viruses has continued to increase
general email traffic by upwards of 50% in the past
few months. During the past few months there has been
a number of days where double or even triple updates
have occurred. Virus definitions for Nemx Power Tools
or Nemx SecurExchange can now be pushed to customers
on multiple update days, resulting in faster detection
for new outbreaks, a major advantage over other larger
Anti-Virus vendors. Virus definitions are still always
available from our website at http://www.nemx.com/products/securexchangeantivirus/download.asp
.
Nemx
SecurExchange Anti-Virus is an extremely cost effective
add-on to Nemx Power Tools and can be used to augment
your present virus protection by providing a perimeter
barrier around your Exchange system. It is still an
Exchange Server product and does require additional
hardware, software, proxy gateway, or port remapping.
Taking this approach offloads mailbox servers and
ensures timely virus protection. See us for special
pricing on the SecurExchange add-on.
Outlook
Rule Wizard:
Nemx
Power Tools “Action” handling has now been extended
to support modification of the subject line on any
message that has been triggered by either the Spam,
Concept, or Content Manager components. By using Subject
modification an installation can harness the power
of Outlook and Exchange Server Rules by delegating
the inspection/handling of the triggered message to
the end user and not to a local administrator. By
using Subject Modification, Outlook rules are truly
server based, by acting upon the message when the
user is not logged in, accessing email via OWA, or
running in remote mode.
Spam
Address Dictionary Attacks:
Spammers
are using a technique call “dictionary attacks” to
deliver their email which generate a high amount of
NDR reports and ultimately choking your bandwidth.
Dictionary attacks involve taking common given and
surnames and generating email with many combinations
of those names. For example taking “John” and “Smith”
as common names, the resulting email addresses could
be jsmith, johns, or john.smith to name only a few.
By sending email with these combinations of multiple
addresses results in a unusually high number of NDRs.
Nemx Power Tools Address Manager component can prevent
Dictionary attacks by allowing a threshold to be set
on number of unresolveable recipients within an incoming
email. Once the threshold is met, the message can
be deleted or routed to a user or Public Folder. The
SMTP session is then dropped, resulting in the “spammer”
generating his own NDR with no additional overhead
on the part of your Exchange Server or your administrator.
See
the following “How To” link on our website for additional
information at http://www.nemx.com/products/powertools/howto/NDRThreshold.asp
.
Nemx
Power Tools behind a Firewall or Proxy Gateway:
When
an active monitoring firewall or proxy gateway is
in front of your Exchange Server and hence in front
of Nemx Power Tools, some of the header information
of messages may be lost or modified by the firewall
or gateway. Some components of Nemx Power Tools may
see incorrect data in the header of the message, or
the IP address of the sender. This can result in missed
spam detection. Nemx Power Tools can operate behind
a firewall or gateway with no loss of functionality.
See
the following “How To” link on our website for configuration
information at http://www.nemx.com/products/powertools/howto/Firewall.asp
.
Version
4.2.12 now available:
A
new build of Nemx Power Tools and Nemx SecurExchange
are now available from our web site. Version 4.2.12
contain a number of enhancements that will make your
email battles with spam, virus, NDRs, and content
management that much easier. Here is a small sample
of some of the enhancements:
- Support for a “Do
Nothing” action.
- Subject modification
added to list of possible actions
- Deep Embedded message
handling
- Virus scanning of
OLE embedded binary structures
- Language support for
Concept Manager
- Automatic cleanup
of NDRs, replies, and other messages within Nemx
Mailboxes
We
hope that this information and How Tos will help you
in your daily battles with the effects of spam and
viruses. If you have any thoughts on how Nemx Power
Tools and SecurExchange can better your fight, by
all means please lets us know. Many of the features
in the product come from customers' suggestions, so
keep them coming!
|
