Documentation

Anti Fraud

The Anti Fraud tab permits the user to set up what actions to take when certain forms of Phishing and Spoofing are detected.

By Analysing:

• Sender-recipient relationship
• Domain reputation
• Email headers and envelope attributes
• Email content

It is possible to determine malicious activity related to:

Anti Spoofing looks for common Spoofing techniques, such as:

• Emails from own domain, but which fail SPF or DKIM
• Mismatch between the envelope From header and the internal From header
  
• Similarity between the From and the To or the From domain and the To Domain
  

Anti Phishing detection looks for Look-a-like domains, such as:

• Similarity between the envelope From header and the internal From header
• Similarity between the From and the To or the From domain and the To Domain
  

By having the ability to detect these comparisons, users can:

Discard: The messages are removed from the system.

Quarantine: The messages are moved to the Quarantine.

Tag: A specific tag message is appended to the message. The message is forwarded for delivery.

Tag and continue: A specific tag message is appended to the message. The message continues to the next filter.

The actions are ordered from most severe (Discard), to less severe (Tag and continue).

If Messages are tagged for Anti Spoofing or Anti Phishing, users can write what will appear on Header and/or Subject.

Tagging

If you decide to tag a message, you can input, the text (tag) to appear in the Header and/or the Subject of the message.

• Click "Update settings" to activate the settings.
• Click "Superior level settings", if you wish to use, for this hierarchy level/domain, the same settings as the hierarchy level above.
• Click "Recommended settings", if you wish to use, for this hierarchy level/domain, the settings commonly used in regular usage email systems.