Yesterday, a news report carrying the hashtag #Efail made headlines around the world; Münster researchers have published exploits for S/MIME-encrypted and PGP-encrypted emails. The NoSpamProxy team has reviewed the available facts for relevance to NoSpamProxy customers and published a press release today.
NoSpamProxy 12.2 and Open Keys simplify key retrieval for email encryption
Among the most important new features of version 12.2 is the complete integration of Open Keys for easy querying and publishing of public keys. Open Keys is a product- and vendor-neutral service that aggregates many different key servers and thus represents a significant simplification for encrypted e-mail traffic. Open Keys offers users a central platform for querying and uploading public keys.
On March 20, there was a short interruption in the processing of e-mails, because the query of the mail hash values by the Cyren service did not work.
We apologize for any inconvenience caused by NoSpamProxy.
Our partner Cyren, who operates a worldwide network for checking e-mails, has now provided us with a root cause report.
Phishing emails enable scammers to capture relevant data from affected companies. Phishing attacks can be fended off by the possibilities of sender reputation management. Stefan Cink, NoSpamProxy product manager, explains how administrators can protect their company against phishing emails in an article released in the IT-Administrator magazine.
From a possible 100 points, NoSpamProxy achieves a dream result with 99,99 points and receives the title VB Spam + Gold from the renowned IT security certification institute Virus Bulletin.
The research team at Net at Work GmbH has discovered a particularly perfidious form of a phishing or malware attack.
Similar to Microsoft Exchange, some NoSpamProxy features can only be enabled through a PowerShell cmdlet. Specifying an “SPF-authenticated corporate email server” is one such feature. Entries of this kind facilitate the maintenance of NoSpamProxy enormously. “Corporate email servers” define the servers of a company that are allowed to use owned domains in email sender addresses. By default, IP addresses, subnets, host names, TLS-authenticated hosts, and Office 365 tenants can be specified.
The new EDI@Energy directive of the regulatory authority dictates detailed descriptions of the types of certificates and encryption algorithms messages must be sent or received.