Artica

A directory harvest attack (DHA) is an attempt to determine the valid e-mail addresses associated with an e-mail server so that they can be added to a spam database. A directory harvest attack can use either of two methods for harvesting valid ... [More] e-mail addresses. The first method uses a brute force approach to send a message to all possible alphanumeric combinations that could be used for the username part of an e-mail at the server, up to and including those of length n characters (where n is some preset positive integer such as 15). The second and more selective method involves sending a message to the most likely usernames - for example, for all possible combinations of first initials followed by common surnames. In either case, the e-mail server generally returns a "Not found" reply message for all messages sent to a nonexistent address, but does not return a message for those sent to valid addresses. The DHA program creates a database of all the e-mail addresses at the server that were not returned during the attack.The DHA approach explains how a new e-mail address can start receiving spam within days or hours after its creation. Various solutions have been developed toward repelling these attacks. Some of the most effective involve slowing down the rate at which the attack can take place, rather than attempting to filter out the entire attack. This can be done by limiting the number of e-mail messages per minute or per hour at which a server can receive messages, legitimate or otherwise. So-called spam filters, programmed to identify character and word combinations typical of spam, can also be effective, although they occasionally reject legitimate messages. (source from http://searchsecurity.techtarget.com) [Less]

This feature is available with artica version 1.4.032813 If you are under this release you need to upgrade your Artica version.If this version is not released use the How to upgrade Artica to a nightly build ? It allow you to determine if a ... [More] relayed domain is a permissive domain or a restricted relayed domain. A permissive relayed domain did not check the existence of an email address.For example a domain "domain.tld"  in permissive mode will allow to route messages to "[email protected]" In the opposite mode a restricted relayed domain will verify if the email address is stored in the LDAP database.For example a domain "domain.tld"  in restricted mode will deny to route messages to "[email protected]" if it is not stored in the database. The restricted relayed domain is more secure and prevent DHA attacks but need to maintain the local users database.If you using an Active Directory server, you should maintain this local database by this feature : Scheduled Active Directory importation   Go to your organization and select "Messaging" tab Click on "Manage eMail Domains" icon.   When you add or modify a relayed domain you will see in the right corner a green circle. If green, your relayed  domain is permissive (trusted) If red, your relayed domain is restricted. [Less]

This feature is available with artica version 1.4.032813 If you are under this release you need to upgrade your Artica version.If this version is not released use the How to upgrade Artica to a nightly build ? It allow you to define globally ... [More] which attachments must be globally deny Click on Messaging in the left pan Select "Security Settings" tab At the end of this section, choose "Attachment Blocking" icon   You can Add pre-defined rules to see examples by clicking on the "Add default rules" button. By clicking on the green cross, you will be able to add your own policy.   Define in the field the 3 letters that represent the file type. You can add a list in one shot by separate each value by a comma [Less]

This feature is available with artica version 1.4.032813 If you are under this release you need to upgrade your Artica version.If this version is not released use the How to upgrade Artica to a nightly build ? If Kaspersky For Mail Server is ... [More] activated/Installed you will be able to block some mails with specified attachments extensions.This feature is enabled on each organization. In this case, each organization should have it's own attachment filtering policy . Go to your organization and select messaging tab. Click on "Attachment Blocking" icon. To add a new attachment blocking, click on the green cross. Define in the field the 3 letters that represent the file type. You can add a list in one shot by separate each value by a comma.   [Less]

This feature is available with artica version 1.4.032718 If you are under this release you need to upgrade your Artica version.If this version is not released use the How to upgrade Artica to a nightly build ? By default, Artica display ... [More] notifications in the index page on the top-right corner. If you want to disable it, do this procedure :   Click on the "System Config." tab Select the "Index Page'" icon. Check the box "Disable corner notifications system"   [Less]

This feature is available with artica version 1.4.032317 If you are under this release you need to upgrade your Artica version.If this version is not released use the How to upgrade Artica to a nightly build ? This feature improve the last Manual ... [More] windows 2003 Active directory importation option to import users from a Windows Active Directory server. With this new feature you will be able to : Import all branches without select an organization. Define filters to skip some users. Schedule the importation process Select your organization and choose ActiveDirectory Importation icon.   The first step is to define mandatories parameters in order to help artica connection to your Windows server. Define the credentials and server address If values are right values, a green circle is displayed   Choose the filters icon This feature allow you to specify a sub-branch to start the importation : for example: if your suffix is DC=ak8,DC=touzeau,DC=com and you set ou=europe, the importation will start on ou=europe,DC=ak8,DC=touzeau,DC=com   The second option allow you to force Artica to select only user storing a specific domain in the mail address. If the user did not match the domain set, it will not imported. The third option force Artica to import users that store a logon account less that 4 caracters. There is some limitations if you using cyrus-imap (mailboxes) with Artica. If the logon account is less than 4 caracters, users will not be able to connect to the mailbox.If you using Artica has only a mail relay, it is not a problem to enable this option. Schedule importations If Artica is a mail relay and you want to refresh periodically the Artica database, you can schedule the importation process. Select "Schedule" icon Enable the check box and set the polling time.   [Less]

This feature is available with artica version 1.4.031501 If you are under this release you need to upgrade your Artica version.If this version is not released use the How to upgrade Artica to a nightly build ? This feature enable Artica to update ... [More] Malware Patrol - Block List database periodically Malware Patrol is a free, automated and user contributed system for verifying URLs for the presence of Viruses, Trojans, Worms, or any other software considered Malware.http://www.malwarepatrol.net   On the left menu, click on "Web proxy" Select "Filtering" tab Click on "Web-site blocking" icon   Select MailWare Patrol tab Turn to green the "Activate Malware Patrol Database" [Less]

This feature is available in artica 1.4.030401 version It allow artica to automatically add URL in the block web sites area if Kaspersky Antivirus For Proxy Server catch viruses. If an user try to download a virus, Kaspersky will notify Artica for ... [More] this threat. Artica will automatically fill the black list and reload Squid to block the web site for all users. Go into the proxy section and click on Filtering tab. Select "Web-site Blocking" Enable the Check Box "Auto block" [Less]

Multi-instance support is available with Postfix version 2.6 and later but it is introduced in Artica 1.4.022800 version. The Multi-instance support is designed when you want to physically separate messaging by organization.If you enable this ... [More] feature, each organization manager will be able to manage it's own MTA and security.This configuration is very flexible. Especially when the Artica server is able to store companies which are different.If you provide ASP/ISP services this configuration will simplify parameters. White lists and black list are separate and a mass-mailing or a mass spam to one organization will not decrease the routing service for other organizations. What you need ? Artica allows you to activate multiple Postfix instances only if Postfix 2.7 is installed on your server. To upgrade to 2.7, you just need to use "SOFTWARES INSTALL" section. Depends of the number of organizations/SMTP domains you will be manage, a good server performance is necessary.If you want to add filters and anti-spam features for each organizations.In a single instance, only one Filter instance is running. On a multiple-instance, each organization will run a separate filter instance.You will need Public IP addresses: Each organization will run a single postfix instance with it's own IP address.Artica helps you by managing Virtual IP for this needs. Prepare the multi-instance. You need to provide an IP address for each organization, this operation is managed trough the Manage Virtual IP addresses. It is mandatory that each organization must have it's own IP address   When you have set a virtual IP for each organization, go to the "Messaging" section Select Routing & network tab Click on Postfix Network Settings icon. Click on multiple Postfix instances tab Turn to green the circle.   After several seconds, Artica will transform your server automatically on a multiple SMTP MTA servers for each organizations. The main process will only listen the loopback address and a new instance for each organization will be launched. If you go to an organization main area, you will see mandatory SMTP features in the "messaging" tab   [Less]

This feature is available with artica version 1.4.022621 If you are under this release you need to upgrade your Artica version.If this version is not released use the How to upgrade Artica to a nightly build ? This feature allow you to add ... [More] unlimited IP addresses on your system using virtual IP addresses. Click on system link Select Network & NICs tab Click on Network IP Settings icon Select Virtual Network Interfaces tab In this area you will be able to add any ip Adresses. Click on Add button. A virtual Network Interface must be linked to a real physical Interface, you must select the Network Interface in the drop down list For specific features, you can bind a Virtual Address to an organization.     [Less]