RE: Securing Corporate Web Based Email

["Dowling, Gabrielle" <dowlingg () sullcrom com>]

Shawn....

I think we're probably having a nomenclature issue here.  If not, how
are you managing to route webmail through your exchange server?

Regards,

Gaby

-----Original Message-----
From: Shawn Jackson [mailto:sjackson () horizonusa com] 
Sent: Thursday, January 29, 2004 2:14 PM
To: Jeff McLaughlin; security-basics () securityfocus com
Subject: RE: Securing Corporate Web Based Email


> From: Jeff McLaughlin [mailto:JMclaughlin () springsgov com]

> Although, ensuring virus protection on all workstations is a start,
> we also have needs to filter content and track abuse.  For example, 
> our corporate mail is scanned for content, spam, large attachments 
> and viruses before reaching the desktop.  Web mail would of course 
> bypass this.

Untrue, we run Microsoft Exchange 2000 and web-based email is subject to
all the restrictions that normal email does. Because the scanning
blocking and monitoring take place on, or before, the server/mailbox
direct or IMAP access to the user mailbox will garner the same
information if they accessed it from POP client.


> One question I have is, is there a document/paper that addresses web
> mail content providers and examines how successful they are in scanning

> outgoing mail for viruses.

All of the providers/vendors do, but it's just useless sales cannon
fodder.

> A second, any known appliances or software that can assist with web
> based mail content and tracking abuse.

We demoed Surf Controls email filter. This product sat before the
groupware server and screened, scanned and monitored all email traffic
and logged everything to a SQL database. Because this was done before it
ever reached the mail server there is no way for the user to bypass the
security and filter restrictions. Surf control also had some nice web
interfaces to 
run reports against the database and see what the email/users are doing.
It was a nice product, but out of my price range.

Shawn Jackson
Systems Administrator
Horizon USA
1190 Trademark Dr #107
Reno NV 89521

www.horizonusa.com
Email: sjackson () horizonusa com
Phone: (775) 858-2338
             (800) 325-1199 x338


------------------------------------------------------------------------
---
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off
any 
course! All of our class sizes are guaranteed to be 10 students or less.

We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion
Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720
off 
any course!  
------------------------------------------------------------------------
----



**********************************************************************
This e-mail is sent by a law firm and contains information
that may be privileged and confidential. If you are not the 
intended recipient, please delete the e-mail and notify us 
immediately. 
***********************************************************************


---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
course! All of our class sizes are guaranteed to be 10 students or less.
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
and many other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
any course!
----------------------------------------------------------------------------