One of the key tasks facing the administrator of his own mail server in the enterprise is filtering messages containing spam. The harm from spam is obvious and understandable: in addition to the threat to the information security of the enterprise, it takes up space on the server's hard drive, and also reduces the efficiency of employees when it enters the "Inbox". Separating spam from business email is not as easy as it seems at first glance. The fact is that there is simply no solution that guarantees a XNUMX% result in filtering out unwanted emails, and an incorrectly configured spam detection algorithm can cause much more harm to an enterprise than spam itself.
In the Zimbra Collaboration Suite, spam protection is implemented using the freely distributed software package Amavis, which implements SPF, DKIM and supports black, white, and gray lists. In addition to Amavis, Zimbra uses the ClamAV antivirus and the SpamAssassin spam filter. Today SpamAssassin is the optimal solution for spam filtering. The principle of its work is that each incoming letter is checked for compliance with regular expressions that are typical for spam mailings. After each valid check, SpamAssassin assigns a certain number of points to the email. The more points you get at the end of the check, the higher the probability that the email being analyzed is spam.
Such a system for evaluating incoming letters allows you to quite flexibly configure the filter. In particular, you can set the number of points at which the letter will be recognized as suspicious and sent to the Spam folder, or you can set the number of points at which the letter will be permanently deleted. By setting up a spam filter in this way, it will be possible to solve two problems at once: firstly, to avoid filling up valuable disk space with useless spam mailings, and secondly, to minimize the number of business emails missed due to the spam filter.
The main problem that Russian users of Zimbra may have is the unpreparedness of the built-in anti-spam system to filter Russian-language spam out of the box. The reason for this lies in the lack of built-in rules for Cyrillic text. Western colleagues solve this issue by unconditionally deleting all letters in Russian. Indeed, it is unlikely that someone who is of sound mind and sober memory will try to conduct business correspondence with European companies in Russian. However, users from Russia cannot do this. This problem can be partially solved by adding however, their relevance and reliability cannot be guaranteed.
Due to the high prevalence and open source code, other, including commercial, information security solutions can be embedded in the Zimbra Collaboration Suite. However, a cloud-based cyber threat protection system may be the best option. Cloud protection is usually configured both on the side of the service provider and on the side of the local server. The essence of the setting is that the local address for incoming mail is replaced with the address of the cloud server, where the filtering of letters takes place, and only then the letters that have passed all the checks are sent to the address of the enterprise.
Such a system is connected by simply replacing the IP address of the POP3 server for incoming mail in the server's MX record with the IP address of your cloud solution. In other words, if earlier the MX record of the local server looked something like this:
domain.com. IN MX 0 pop
domain.com. IN MX 10 pop
pop IN A 192.168.1.100
Then after replacing the ip-address with the one provided by the cloud security service provider (let's say it will be 26.35.232.80), the entry will change to the following:
domain.com. IN MX 0 pop
domain.com. IN MX 10 pop
pop IN A 26.35.232.80
Also, during setup, in the personal account of the cloud platform, you will need to specify the address of the domain from which unfiltered email will come, and the address of the domain where filtered emails should be sent. After these steps, your mail will be filtered on the servers of a third-party organization, which will be responsible for the security of incoming mail in the enterprise.
Thus, Zimbra Collaboration Suite is perfect for both small businesses that need the most affordable yet secure email solution, and large enterprises that are constantly working to reduce the risks associated with cyber threats.
For all questions related to Zextras Suite, you can contact the Representative of Zextras company Katerina Triandafilidi by e-mail [email protected]
Source: habr.com