Product details

What does this offering provide?

Exchange Servers receive thousands of connections each year. While many are legitimate, businesses are often unaware of virus or malware-infected users trying to establish a connection, in addition to miscreants probing and attempting a connection too. When these malicious connections are successful, they can lead to data exfiltration and at worst, ransomware attacks.

It’s important businesses only allow legitimate corporate users to connect to their Exchange Servers. The EPG solution, combined with Spamhaus’ threat intelligence data, gives businesses the chance to do just that with a cost-effective solution.

Users are proactively protected against the below, in real time:

  • infected with malware and viruses
  • hijacked or compromised by 3rd party exploits
  • maliciously attempting to penetrate your server
  • known botnets
  • hijacked or leased by cybercrime

What data is available to query?

Messageware have utilized Spamhaus’ continuously updated IP DNS blocklists, made available using Data Query Service (DQS). These datasets more specifically provide protection against:

  • IPs that are observed to be involved in sending spam, snowshoe spamming, bulletproof hosting companies, and hijacked IP space.
  • IPs known to be botnet command and control servers (C&Cs)
  • Individual IPs (/32s) that are infected with malware, worms, and Trojans; third-party exploits, such as open proxies; or devices controlled by botnets.
  • IP address ranges for end-user devices, such as home routers, smart TVs, and other Information of Things (IoT) devices, from which email should never be sent.
  • IP addresses known to host bots using brute force or stolen SMTP-AUTH credentials to send spam, phishing and malware emails.

Who can use this solution?

Any Messageware EPG customer can use this solution. Set up is extremely simple, and you can trial for free.

How do you get started?

Simply get in touch with your Messageware contact who will enable the Spamhaus protection. With no development work for you, once enabled, you are protected immediately.