FAQ - About E-Mail Security
1. How does OnlyLink services work? All email messages intended for a company's mail servers flow through OnlyLink for real-time pre-processing before delivery to an end-users "inbox." If junk mail or virus-infected messages are detected, the messages can be tagged, delivered to an alternate mailbox or directed to a password-protected quarantine area for review and disposition. 2. What type of anti-virus technology does OnlyLink use to filter viruses?OnlyLink SPAM filtering services incorporate virus-filtering tools from Symantic, the leader in virus protection software company. Our anti-virus capabilities deliver the ultimate defense against the ravages of viruses, worms, and other malicious code, before they have a chance to unleash their destructive payloads into your network. OnlyLink supplements core AV engines with additional processing to recognize specific MIME characteristics, message fragments, and more. 3. Does OnlyLink's processing delay message delivery? Unlike other 'store and forward' solutions using standard email server technology; with OnlyLink, messages are processed in real-time - literally within milliseconds - so there is no detectable latency. OnlyLink regularly instruments elapsed time of email flow through the process to ensure we are meeting the performance requirements of our customers. 4. How is this process secure? Is there exposure to individual email messages? Legitimate messages are not written to disk. OnlyLink's email processing technology allows messages to be processed in real-time as the packets flow through the OnlyLink servers. This ensures that OnlyLink does not expose customer data to hackers or potential loss of data. OnlyLink's filters process all email with no direct human contact with mail flow or individual messages. Mail messages are processed within milliseconds and immediately passed through to the customer's mail server. In the case of suspicious email, the message can be broken down into sections with a hashed file name and then directed to a secure, private, web-hosted quarantine (Message Center). Password-protected personal message centers are assigned to each email user for reviewing suspicious email. Some customers choose to have a collective message center that is assigned to a designated administrator, or for OnlyLink to 'tag and deliver' suspicious messages. 5. Is OnlyLink less secure than software or hardware installed behind the firewall?No. Starting with our message processing architecture and our network layout and access control, OnlyLink ensures that customer data is safe and secure. Software processes handle messages in real-time; access between machines is tightly regulated; and redundancy across the clusters is deployed to ensure high availability. OnlyLink performs regular vulnerability assessments to ensure that our measures for securing customer data are state of the art.6. What are the advantages of deploying email security as a web managed service?Because OnlyLink's protection begins at the place of origin of spam and viruses - the Internet - we are able to catch suspicious email before it reaches a company's network. In addition, we are uniquely able to intercept Directory Harvest Attacks (DHAs) (used to steal or harvest email addresses), which can only be done in the SMTP connection stream at the Internet gateway. Unlike solutions that are deployed at the network gateway or at the workgroup server, we are able to keep networks and servers free of malicious attacks and bandwidth-hogging junk email. In addition, network delivered managed services are typically a more cost-effective solution. Unlike software or appliance solutions, OnlyLink services require virtually no integration and can be deployed in as little as a few days. Once deployed there is minimal maintenance required and updates are made automatically, at no extra charge. Costs are more predictable, since they're based on a consistent monthly fee. Our services pose little financial risk - customers pay a predictable monthly fee and services can be discontinued just a quickly as they are deployed, with no disruption.
7. Does OnlyLink require extensive integration with existing systems?No. OnlyLink provides its services as a managed service, requiring minimal integration. Customers simply update their DNS records so that the MX records point to OnlyLink for pre-processing before mail is delivered to the destination server. Mail delivery follows a conventional format that also lends itself to the automatic fail-over that is typical for any MX record.
8. How reliable is OnlyLink's service delivery systems?With our multiple data center, real-time processing model, OnlyLink provides uptime of 99.99%, including scheduled maintenance. Our services remain online, even in the event of scheduled maintenance, power outages, network failures or natural disasters.
9. Our company already uses an anti-virus solution that includes some level of spam protection - would OnlyLink's services be redundant? While many companies have been able to successfully manage their virus problems using current anti-virus tools, they are finding that issues created by the high volume of spam and SMTP-based attacks they are receiving has become bigger problem. OnlyLink's anti-spam solution provides best-of-breed protection not available in anti-virus suites and can easily be deployed along with existing anti-virus solutions. OnlyLink Perimeter Manager includes both spam and virus protection, introducing an added layer of protection and reducing the risks involved with server or desk-based solutions, by blocking SMTP-based attacks and filtering spam and viruses before they reach the network.10. How much junk email (spam) do companies receive?On average, 60% of the email that our customers receive is identified as spam, with some companies receiving as much as 80%. 11. Has the ratio of spam to legitimate email been increasing?Yes. OnlyLink reported a 150% increase in the amount of spam email sent to our customers in 2003 - and corporate spam traffic is still growing in 2004.12. What type of spam or junk email is sent to OnlyLink's customers? 64.3% are special offers or promotions, 21.2% bulk mail, 7.9% "get rich quick" offers, and 6.6% contain sexually explicit content.
13. Why has the spam volume been increasing for companies? The dramatic growth of spam has been fueled by the use of a sophisticated email address collection technique called a Directory Harvest Attack (DHA). Spammers use DHAs to collect thousands of valid email addresses from unprotected mail servers. They also have become more advanced in the use of graphics, HTML, and techniques that introduce minor differences into each spam message. This technique is used to defeat the simple signature-based or reference database anti-spam methodologies (that depend upon large volumes of identical message being sent in order to identify junk email). OnlyLink's experience is that 90% of spam messages are unique - so these types of filtering technologies are often ineffective.14. What is a Directory Harvest Attack? Directory Harvest Attacks (DHAs) are a sophisticated technique that spammers use to bypass typical email server checking mechanisms in order to access directories and receive a list of valid email addresses. During a DHA, spammers attempt to deliver messages to multiple addresses, such as johndoe@yourcompany.com, jdoe@yourcompany.com, and john@yourcompany.com. Addresses that are not rejected by the receiving mail server are determined as valid. These addresses are compiled and sold to other spammers worldwide. This is why a brand new email box can be full of unsolicited, junk email just hours after it has been set-up.
15. What is the relationship between a Directory Harvest Attack and spam? DHAs are used to "harvest" valid email addresses, which are then sold to spammers who use the addresses to launch massive spam attacks, typically within 36 hours. 16. How do companies protect themselves from DHAs? Since DHAs exploit standard SMTP behavior, the only solution is to protect the SMTP connection. At this time, OnlyLink's email security service is the only solution that provides security for both email content and the SMTP connection, blocking DHAs before they reach the mail server.17. Isn't spamming illegal? How are spammers able to get away with it?There are approximately six bills that have been introduced at the Federal level, but no legislation has been enacted at this time. 15 states have anti-spam laws, which mostly carry fines, but they only effect spammers who live in the state with the legislation and who spam email users in that state. Spammers avoid getting caught by changing their own email address frequently, making it hard to track them down. They also use resources in other countries to send out their email blasts. In fact, 50% of all spam sent to U.S. email-users originates outside of the country. Spammers usually send their blasts from countries without anti-spam legislation, but even European and Canadian anti-spam laws do not cover inter-country activity. 18. If laws and regulations don't work, does that mean we have to live with spam? While it still helps to regulate the Internet and "police" junk emailers, most industry analysts advise companies that the best defense is to deploy anti-spam technology, with a focus on perimeter or gateway protection solutions. They also encourage companies to make sure that the solution they select is updated frequently to address evolving spammer tactics.19. In addition to spam, viruses, and Directory Harvest Attacks, what other types of email-borne attacks are problematic for companies?There are a number of SMTP connection and content threats that can adversely affect the unprotected email server. Denial of service attacks, long standing open SMTP connections, email bombs, and even chain letters can overrun server transaction capacity or message store space. OnlyLink provides a protective umbrella for all SMTP connections and content types being delivered to your server. If we detect an attack, OnlyLink can kill the connection and deal with the threat in real-time.
Contact an OnlyLink Representative for more Information
Privacy Policy Statement