Combating E-mail Abuse Brian Nisbet NOC Manager HEAnet.

Slides:

Advertisements

Similar presentations

How to protect yourself, your computer, and others on the internet

Advertisements

Basic Communication on the Internet:

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via , text message, online chat, blogs or various other.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing s are designed.

Methods for Stopping Spam James Lick

1 Aug. 3 rd, 2007Conference on and Anti-Spam (CEAS’07) Slicing Spam with Occam’s Razor Chris Fleizach, Geoffrey M. Voelker, Stefan Savage University.

1 Panda GateDefender Performa Your First Line of Defense Product Presentation Name 2008.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.

ONLINE SAFETY Online safety Money Works: Level 1 Topic 3.

 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.

UC Irvine’s New Anti-Spam Measures Keith Chong Network & Support Programming Network & Academic Computing Services UC Irvine August 9, 2005 Keith Chong.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.

August 15 click! 1 Basics Kitsap Regional Library.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.

Spam Reduction Techniques Using greylisting and SpamAssassin.

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

Managing and Avoiding Junkmail. Junk  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.

Belnet Antispam Pro A practical example Belnet – Aris Adamantiadis BNC – 24 November 2011.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Antispam GARR Michele Michelotto Hepix Karlsruhe, 11 May 2005.

1 SMTP Transport Configuration SMTP Configurations and Virtual Servers Customizing the SMTP Service.

Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.

CensorNet Ltd An introduction to CensorNet Mailsafe Presented by: XXXXXXXX Product Manager Tel: XXXXXXXXXXXXX.

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

Lecture # 34 Privacy and Security. Passwords Spam Scams Viruses and Worms (Malware) Intellectual Property and Copyright Cookies Encryption Back-Ups.

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,

The Internet Netiquette and Dangers. Outline Netiquette Dangers of the Internet.

Staying Safe Online Keep your Information Secure.

© Toronto Area Security Klatch 2007 A drop-in anti-spam solution A 15 minute speed talk by Paul Wouters.

Client X CronLab Spam Filter Technical Training Presentation 19/09/2015.

Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.

Norman Protection Powerful and flexible Protection Gateway.

E-Safety E-safety relates to the education of using new technology responsibly and safely focusing on raising awareness of the core messages of safe content,

Etiquette – a list of rules that we observe Phishing - sending an to a user falsely claiming to be a legitimate company to scam the user into providing.

Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.

Whitelist Management. The ExchangeDefender Admin Site is a powerful tool that gives you access to all of the benefits ExchangeDefender has to offer, from.

Marketing Amanda Freeman. Design Guidelines Set your width to pixels Avoid too many tables Flash, JavaScript, ActiveX and movies will not.

Spam from an ISP perspective Simon Lyall, Ihug Uniforum NZ NetForum Conference July 2003.

Silicon & Software Systems (S3)‏ Copyright © Silicon & Software Systems Limited Antispam protection IT Department 20/03/2008 Ondrej Valousek.

Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.

Source pictures for document ”Thoughts about increasing spam annoyance” by License: This material may be distributed only subject.

“SaaS secure web and gateways frequently provide efficiency and cost advantages, and a growing number of offerings are delivering an improved.

What is Spam? d min.

Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?

Security fundamentals Topic 9 Securing internet messaging.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Internet safety By Suman Nazir

11 Shades of Grey: On the effectiveness of reputation- based “blacklists” Reporter: 林佳宜 /8/16.

Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.

Cybersecurity Test Review Introduction to Digital Technology.

Advanced Guide to ing. Introduction In this guide you and explain will learn how to use ing in an advanced way. I will go through on.

Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.

Ethical, Safety and other issues when using the Internet Displays a knowledge of networking in terms of user- access Demonstrates responsible.

[1] Control Spam by the Use of Greylisting Torgny Hallenmark LDC - Computing Center Lund University, Sweden TERENA Networking.

SAP – our anti-hacking software. Banking customers can do most transactions, payments and transfer online, through very secure encrypted connections.

Todays’ Agenda Private vs. Personal Information Take out your notebook and copy the following information. Private information – information that can be.

Fighting Spam in an Exchange Environment Tzahi Kolber IT Supervisor - Polycom Israel.

Anti-Spam Updates Activity Coordination Meeting March 2006 Kevin Hill.

Understand Protection LESSON Security Fundamentals.

Anti-Spam Managing Spam with Kerio Connect

An Introduction to Phishing and Viruses

Learn how to protect yourself against common attacks

Information Security 101 Richard Davis, Rob Laltrello.

Spam Fighting at CERN 12 January 2019 Emmanuel Ormancey.

Presentation transcript:

Combating Abuse Brian Nisbet NOC Manager HEAnet

Introduction SMTP was never expected to handle this. Huge volume of , huge volume of abuse. Not restricted to just spam. –Viruses –Phishing –Malware Links

General Principles “Be liberal in what you accept, be conservative in what you send.” – Jon Postel –Also, your network, your rules. Multiple areas to consider: –Technical measures –Education –Policies & Procedures –Tools

Technical Measures Realtime Block Lists –DNS based, some free, some charge. –HEAnet Anti-Spam service offers Trend Micro ERS and Spamhaus Zen service. –Spamcop - bl.spamcop.net –combined.njabl.org –Checked in order, rejected on first match. –Check early, at Connect or Mail From: –Make your own! Port 25 outbound!

Restrict SMTP connection volumes. –Make sure to reserve some for internal users. Close open relays! Rules based system/spam heuristics. –Spamassassin - –Rules need constant monitoring/adjustment. –Maintain spam corpus for checking. –Whitelists vital. –Tailor score to suit individual needs. –Mark at one score, filter at another.

Reject mail from sources that announce with a single word. Beware of mailservers claiming to be you! Authorised users only. Secure connections. Greylisting –Delaying mails and waiting for resend. –Accepts ‘known’ mail immediately. –Rather controversial. Tarpitting

Backup MX Backup MXs used to be vital. Now more likely to be a vector for abuse. Recommendation is to only use MXs you control. Need to have exactly the same filters in place. Modern Internet substantially more secure. Mailservers resend for 2 – 4 days before abandoning. Consider a virtual machine.

Anti-Virus Anti-virus on your MX a must. AV that isn’t updated, isn’t AV. –Once per hour is good, once per day is maybe ok. Block “dangerous” extensions. –Multiple lists, mainly executables. Keep updated. –SMTP is not a file transfer protocol. Quarantine and release systems are questionable.

Phishing & Links Servers and clients beginning to detect this. Also detectable with programs like Spamassassin. Main tool is education. Also change message to remove clickable links.

DKIM, SPF etc Various systems in the wild to prove the sender is who they say they are, and often to assign a reputation. Worth configuring SPF to make sure of deliverability. Much discussion about usefulness for receiving. Spammers (either intentional or bots) often are who they say they are. Websites: – –

Education Users should feel safe when online, but not too safe! –You wouldn’t give your credit card number to someone you bumped into in town? Some users will always think “Maybe this time it’s real?” Make sure you never send out a real mail that looks phishy. Never: –Ask for passwords. –Put in a link to a login page in an unsolicited mail. –Offer millions of dollars in exchange for a bank a/c number.

Policies & Procedures Abuse contacts must be published & monitored. Reports must be acted on as a matter of urgency. Systems taken offline, a/cs closed. Users and machines must be traceable. Allegedly legitimate outbound mail must comply with laws and general standars of good behaviour.

Irish law on spam is encoded in SI 535 of –Personal addresses are –Business addresses are Many SMTP server operators are more stringent than this. Decide on and publish your own code of practice. This may be part of a larger AUP.

Tools & Resources Vast number of SMTP and AV programs. –No official HEAnet recommendation. –Remember HEAnet Tech list. Spamhaus ( RIPE Anti-Abuse WG – RIPE Resource Explainer –