tacASG - Antispam- and Antivirus Gateway Solution

Description
«Your Document», «Get out of debt», «Low insurance rates» and other similar messages constantly bombard email servers and are forwarded largely unseen to the recipient. Many email users are familiar with these annoying mails, also known as "spam", only too well and are dogged by them almost daily. Many users have already been affected by email worms or even viruses. How much time and effort does it take every day to go through your emails and separate the serious ones from spam mail? terreActive recognises the needs of the customer and has developed a high performance and maintenance free solution for its customers. In true terreActive manner, high-performance Open Source components are paired with leading products to form a unique solution. The customer can buy this solution as a managed service and only needs to carry out a minimum amount of administrative work.

Customer uses
Work without a care again with email and integrate it without worry into your business processes. Facilitate your employees' use of electronic communication and gain valuable working time by means of filtering unwanted emails.

Scope of services
The tacASG solution consists of the ANTISPAM basic module and the additional ANTIVIRUS module from Kaspersky. The tacASG solution take centre stage as a mail gateway, protecting the internal mail server from unwanted emails and those infected with viruses, both externally and internally. This makes the solution compatible with every mail server and can be implemented problem-free into every environment. tacASG can use various spam databases and spam inference engines for identification purposes and is monitored around the clock. Typical for a managed security service, the ANTIVIRUS solution already has the latest identifying virus patterns installed.

Additionally tacASG generates a report with information about inbound and outbound emails. In this way you always have an overview and can quickly recognise anomalies.

tacASG is available either as an appliance – in other words as a dedicated solution with its own hardware – or as a module on an existing terreActive platform. With the ANTIVIRUS option the functionality of the service can be extended and used as a general internet virus protector. In this way comprehensive protection of an existing email solution is achieved.

Spam recognition
Unwanted emails are recognised by tacASG with the help of various tools and databases. They analyse both the content and the header information of emails.
At the same time public directories (RBL, real-time black lists) and hardwired black and white lists are referenced.

In addition, a comprehensive set of automatic rules is employed in the Open Source software "SpamAssassin". These rules evaluate email based on heuristic experience and key words according to various criteria. With the help of this evaluation and by means of configurable thresholds an email can be classified as "wanted" or "unwanted".
A locally maintained database of keywords with categorisation as "spam" or "not spam" provides further protection against spam emails. The database is constantly fed with "good" and "bad" emails and can evaluate new and previously unseen emails with a high hit rate due to these experiential values. The email feed is carried out by the customers by sending typical examples of emails to the mail gateway using the forward function of the email client.

Only the combination of various tools and methods produces effective protection against spam mail. The email client of the end user also plays a role in this: If the client also offers a local spam filter that is personally configurable by the customer, practically all unwanted emails are recognised.
Handling

Handling Spam
A problem often underestimated when it comes to spam and virus protection is the subsequent handling of the emails in question: How can false alarms and non-recognised spam mails be minimised, and how can emails infected with viruses still be sent without endangering the end user's system? What happens if a user is missing emails?
Usually emails are put into quarantine where they can be looked at later by an administrator or superuser. If necessary an email can therefore still be sent out manually.
All of these processes have to be individually defined and integrated with the customer. This is conducted by our advisor together with the customer beforehand at a solution workshop.
Training the users also plays a further role. Users can reduce the risk of mails infected with viruses by keeping to several simple rules and also cut costs in maintaining the email solution.
Prevention of internal spam sources
A popular method for sending spam emails is the misuse of unprotected clients that were surreptitiously compromised in the past and now act as "spam zombies" sending unwanted emails. In order to prevent this situation, alongside a suitable firewall that prevents emails being directly sent via internal clients to the internet, additional filtering of spam mail from internal sources is necessary. The tacASG spam filter therefore evaluates all inbound and outbound emails and hence considerably reduces the risk of internal spam sources.