Fending off cyberattacks is an everyday part of IT departments’ work. And it’s not getting any easier: when artificial intelligence makes phishing scalable and ChatGPT generates credible phishing emails, it is all the more important that such attacks are securely fended off.
This also applies in particular to the attack vector of email attachments, through which malware and other malicious software repeatedly enters companies’ IT systems. Only an effective secure email gateway such as NoSpamProxy offers the necessary functions to render infected attachments harmless.
NoSpamProxy functions to protect against malicious attachments
Eliminate threats with the content filter
The content filter in NospamProxy plays a special role when dealing with attachments. Used correctly, it can be used to exclude a large number of potentially harmful file types. Based on file types, file names and file sizes, you can trigger specific content filter actions and use functions such as the 32Guards sandbox or CDR. Rejecting the email is the method of choice for all file types that are not used in the company, why should you allow potentially harmful attachments if it is not absolutely necessary?
Better to reject first …
And this is exactly the problem. Many companies fear that orders or important information will be lost if they consistently set rules and reject unneeded file types. Unfortunately, the motto in many cases is: Better to accept first and be annoyed later about contaminated files, preferably from an unknown sender. The usual suspects such as executable files or screensavers are then added to the blocklist. Everything else is passed through.
… and protect through allowlisting
We have long recommended an allowlisting approach in conjunction with well thought-out attachment management. The lowest rule of the content filter consists of a so-called any-any-drop rule. Only a few, precisely defined file types that are required by the company are authorised. Everything else, especially the unknown part, is blocked.
The targeted selection of the required file types significantly reduces the risk of malicious code entering your system via emails.
Communicate your rules, preferably with NoSpamProxy Disclaimer
You are now pursuing a strict allowlisting approach, which is great! To minimise the risk of undelivered emails, you can also communicate this to your communication partners. Otherwise, they will contact your support team in case of doubt, which leads to unnecessary work. NoSpamProxy Disclaimer is therefore a good communication channel for communicating your authorised file types transparently to everyone.
With NoSpamProxy Disclaimer you can easily create, change and manage email disclaimers. You can also maintain and apply different disclaimer texts for different groups of people or departments. Our customers often use this to draw attention to events or other marketing campaigns and to centrally manage disclaimers or corporate identity.
NoSpamProxy Disclaimer is also ideal for informing your communication partners about the file types you accept:
Not yet using NoSpamProxy?
With NoSpamProxy you can reliably protect your company from cyber attacks. Request your free trial version now!