Security Content Management
Nemx Home
Security Content Management


Antivirus Main Page

 


Nemx Power Tools for Exchange Server


May 2004



We'd would like to take this opportunity to share with you some tips and provide information about additions and improvements to Nemx Power Tools and SecurExchange and how these enhancements can benefit you in your fight against the recent spam and virus attacks in the past few weeks.

 

Power Tools - Concept Manager:

 

Concept Manager works through the use of a Policy file very much like anti-virus definition files. The policy is managed and provided by Nemx and is updated monthly. Recently we've been providing these updates weekly due to the high volume of spam and unsolicited email. In the past, these updates required you to download and install the complete version of Nemx Power Tools. Now, Concept Manager Policy updates are automatically downloaded and installed to your server as they become available. These updates are also available from our web site at http://www.nemx.com/products/powertoolsinternet/download.asp .

 

In addition much effort has been placed on “fine tuning” the policy to reduce the already low number of false positives. We have set up a special email address to receive any email which has been falsely triggered or was missed by Concept Manager. This email should be embedded within an email and can be forwarded to analysis@nemx.com.

 

For those not familiar with Concept Manager, it is an add-on component to Nemx Power Tools that is used to detect and filter junk mail or inappropriate content with greater consistency, accuracy, and reliability. It accomplishes this by understanding the meaning or key concepts within a message, because no matter what tricks spammers use, the meaning of the message is always the same.

 

 

Viruses, Viruses, and more Viruses:

 

The recent Netsky and Bagle viruses have continued to increase general email traffic by upwards of 50% in the past few months. During this time there has been a number of days where double or even triple updates have occurred. Virus definitions for Nemx Power Tools or Nemx SecurExchange can now be pushed to customers on multiple update days, resulting in faster detection for new outbreaks, a major advantage over other larger anti-virus vendors. Virus definitions are still always available from our website at http://www.nemx.com/products/securexchangeantivirus/download.asp .

 

Nemx SecurExchange Anti-Virus is an extremely cost effective add-on to Nemx Power Tools and can be used to augment your present virus protection by providing a perimeter barrier around your Exchange system. Like Power Tools, its an Exchange Server product and doesn't require additional hardware, software, proxy gateway, or port remapping. Taking this approach offloads mailbox servers and ensures timely virus protection. See us for special pricing on the SecurExchange add-on.

 

 

Outlook Rule Wizard:

 

Nemx Power Tools “Action” handling has now been extended to support modification of the subject line on any message that has been triggered by either the Spam, Concept, or Content Manager components. By using Subject modification an installation can harness the power of Outlook and Exchange Server Rules by delegating the inspection/handling of the triggered message to the end user and not to a local administrator. Outlook rules that inspect the subject line are truly server based, by acting upon the message when the user is not logged in, accessing email via OWA, or running in remote mode.

 

 

Spam Directory Harvest Attacks:

 

Spammers use a technique called “directory attacks” to deliver email which can generate a high amount of NDR reports and ultimately chokes your bandwidth. Directory attacks involve taking common given and surnames, generating addresses with many combinations of those names. For example taking “John” and “Smith” as common names, the resulting email addresses could be jsmith, johns, or john.smith to name only a few. By sending email with these combinations of multiple addresses results in an unusually high number of NDRs. More importantly, the spammer gets a list of valid email addresses within your environment.

 

Nemx Power Tools Address Manager component, prevents Dictionary attacks by allowing a threshold to be set on number of un-resolveable recipients within an incoming email. Once the threshold is met, the message can be deleted or routed to a user or Public Folder. The SMTP session is then dropped, resulting in the “spammer” generating his own NDR with no additional overhead on the part of your Exchange Server or your administrator.

 

See the following “How To” link on our website for additional information at http://www.nemx.com/products/powertools/howto/DirectoryHarvestAttack.asp .

 

 

Nemx Power Tools behind a Firewall or Proxy Gateway:

 

When an active monitoring firewall or proxy gateway is in front of your Exchange Server and hence in front of Nemx Power Tools, some of the header information of messages may be lost or modified by the firewall or gateway. Some components of Nemx Power Tools may see incorrect data in the header of the message, or the IP address of the sender. This can result in missed spam detection. Nemx Power Tools can operate behind a firewall or gateway with no loss of functionality.

 

See the following “How To” link on our website for configuration information at http://www.nemx.com/products/powertools/howto/Firewall.asp .

 

 

 

Version 4.2.13 now available:

 

A new release of Nemx Power Tools and Nemx SecurExchange are now available from our web site. Version 4.2.13 contains a number of enhancements that make your email battles with spam, virus, NDRs, and content management that much easier. Here is a small sample of some of the enhancements:

 

  • Support for a “Do Nothing” action
  • Subject modification added to list of possible actions
  • Deep Embedded message handling
  • Virus scanning of OLE embedded binary structures
  • Language support for Concept Manager
  • Automatic cleanup of NDRs, replies, and other messages within Nemx Mailboxes

 

 

We hope that this newsletter and How Tos will help you in your daily battles with the effects of spam and viruses. If you have any thoughts on how Nemx Power Tools and SecurExchange can better your fight, by all means please let us know. Many of the features in the product come from customer suggestions, so keep them coming!

 

 

 
 
Copyright 1996-2005, Nemx Software Corporation, All Rights Reserved. All trademarks used or referred to on this site are the
property of their respective owners. No materials on this site may be reproduced, altered, or further distributed without Nemx's prior written permission.