Email Security ServicesTechnical specifications

• Protection from denial-of-service and directory harvesting attacks
• Inbound reputation management – traffic shaping and traffic throttling mechanisms
• A service that learns dynamically with scoring/penalty system for spam relays
• Queueless design with checks on the SMTP session level
• Automatic address book reconciliation from Microsoft Exchange, Lotus Notes/Domino, LDAP
• Address book reconciliation in time intervals defined by the user
• Provisions for alias names and other domains
• Bounce management according to RFC 3461, 3463 and 3464
• Configuration and manual address entry through the Retarus EAS Portal
• View in Retarus Email Live Search Monitoring (Tracking Point)

Directory Filter

• Inbound reputation management – SPF and DKIM validation
• Notification of deleted infected emails via an email security report (Email Digest)
• Configuration through the Retarus EAS Portal

• Higher identification rate with up to four virus scanners
• Protection from unknown viruses using heuristic analysis (Zero-Hour Protection)
• Elimination of threats before they reach the customer’s infrastructure
• Continuous updating of virus definitions
• Notification of deleted infected emails via an email security report (Email Digest)

AntiVirus MultiScan

• Validation of incoming emails (external relay) that use a customer domain in the sender address (MIME-FROM)
• Flagging of suspicious emails with visual indicators such as pre-defined Unicode characters or text at the beginning of the sender field (friendly name)

External Sender Visibility Enhancement

• Also detects phishing emails that are not intercepted by virus scanners or spam filters
• Query of several databases of renowned specialist providers
• Optional quarantine or immediate deletion (configuration via EAS Portal)

Phishing Filter

• Spam protection with an identification rate of over 99.95%
• False positive rate of less than 0.0001%
• Protection from mass non-delivery notifications (backscatter protection)
• Blacklists and exception lists at the user, profile, domain, and global level
• Multi-lingual content analysis
• Content and structure analyses using heuristic methods
• Upstream bad word filter to meet compliance policies
• Fingerprint analysis, Bayes algorithms, sender check
• Continuous updating of intelligent filter, pattern, and identification rules

Phishing Filter / AntiSpam

• Receive large emails regardless of size limitations
• Flexible configuration of size limitations at the company and profile level
• User access for downloading emails with simplified user authentication (OneClick token login)
• Lighter load for email infrastructure and backup systems
• Quicker restore times, reduction in storage costs
• Consistent implementation of email policies

Large Email Handling

• Reconciliation of address books and directory services from Microsoft (Exchange, Active Directory, Azure Active Directory (AAD) for Office 365), IBM Lotus Domino/Notes and LDAP (Directory Synchronization)
• Reduction of manual administration and maintenance
• Immediate update of data pool in the Directory Filter
• Increased protection from directory harvesting attacks
• Local management of export address data by the customer

• Targeted search in real time for inbound and outbound emails
• Immediate display of the results list
• All information available for up to 45 days
• Direct access to emails placed in quarantine
• Clear information about throughput time
• Targeted search for message ID and source IP
• Detailed information about each Retarus Email Security step
• Information about malicious emails detected by Advanced Threat Protection (Deferred Delivery Scan, Sandboxing, Time-of-Click Protection, CxO Fraud Detection)
• Information about emails detected by Patient Zero Detection^®

• Provisioning of real-time forensic data in the form of events
• Access via protected interface
• Subscription to security-relevant events from all SIEM tools customary in the market
• Currently available events:
  • AntiVirus MultiScan Inbound and Outbound
  • Sandboxing
  • CxO Fraud Detection
  • Patient Zero Detection^®
  • Outbound emails in general

Forensic SIEM Integration

• Transparent display of all service features
• Management of service and all additional services
• Detailed reports and powerful analysis functions
• Performance monitoring
• Email Live Search – tracking of all incoming and outgoing emails in real time
• Setup and management of user profiles
• Individual management rights for administrators via Access Management
• Support ticket creation and tracking
• Documentation
• Secure access via web browser

• Configure email-free periods (external emails)
• Individual settings for different user profiles
• Secure temporary storage of emails in Retarus data centers
• Automatic delivery of emails after defined periods expire
• Bypass function for high-priority emails
• Emergency button for immediate delivery of emails during email-free periods

Quiet Time

• Exclusion of defined senders from forwarding for more privacy
• Immediate delivery of emails from important contacts overrides assistant forwarding
• Convenient maintenance of personal contacts
• Reconciliation of any address book via vCard (Microsoft Outlook, IBM Notes, iCloud, etc.)
• Automated synchronization of Google contacts
• Control of assistant forwarding
• No additional configuration of email server required

Inbox Assist

• Centralized management of personalized email signatures and disclaimers
• Easy maintenance using the WYSIWYG editor in the EAS Portal
• Personalization directly via Active Directory or Lotus Domino/Notes
• Signature and disclaimer assignment at the profile level
• Ability to combine any signature with any disclaimer
• Use of signatures in external emails only

Email Signature

• Effective re-scanning with quadruple Retarus AntiVirus MultiScan
• Protects from viruses that are unknown at the time
• Select view of advanced security checks in Retarus Email Live Search Monitoring (Tracking Point)
• Notification of infected emails via an email security report (Email Digest)

Deferred Delivery Scan

• In-depth checks of email attachments through export to virtual machines
• Integration of a leading third-party sandboxing solution (Palo Alto) in Retarus Email Security
• Operated at Retarus (German processing)
• Notification of infected attachments via Email Security Report
• Select view of advanced security checks in Retarus Email Live Search Monitoring (Tracking Point)

Sandboxing

• Real-time checks of web links in emails
• Expanded protection from phishing attacks
• Effective blocking of phishing websites and warnings for affected users
• Customer security warnings can be saved (customer design)
• Select view of advanced security checks in Retarus Email Live Search Monitoring (Tracking Point)

Time-of-Click Protection

• Protection against emails with fake sender („spoofing“ or „impersonation attacks“)
• Combination of different detection methods and algorithms:
  • Analysis of header information
  • Recognition of similar looking domains or character sets (domain similarity)
  • Recognition of fake sender names, e.g. the customer’s own CEO
• Delivery of legitimate external email secured via email authentication (SPF) and whitelisting

CxO Fraud

• Identification of the recipient (patient zero) of malicious emails already delivered using a digital fingerprint.
• Identification using content analysis together with quadruple AntiVirus MultiScan
• Additional, automated learning from the results of Retarus Advanced Threat Protection (ATP)
• Alerts sent to administrators (to ensure a quick response)
• Optional alerts sent to users
• Cumulative reports for any given period of time
• Simplified IT forensics
• Supports the optimization of security settings (e.g., blacklisting)
• Seamless integration with other services such as Retarus Enterprise Email Archive or Retarus Email Encryption

<img class="size-full wp-image-31231" src="https://www.retarus.com/de/wp-content/uploads/sites/2/2018/01/retarus-email-security-patient-zero-detection.png" alt="Patient Zero Detection^®” width=”1890″ height=”432″>Patient Zero Detection^®

• Detailed, standardized information via administrator notification to support automatic processes used to remove emails from the server
• Configurable text for alerts (enables the distribution of behavior recommendations that are easy to understand and can be quickly implemented)
• Reduces the administrative work for IT forensics, support, and the help desk
• Increases protection through swift response to identified emails

PZD Real-Time Response

• Compatible with any SMTP-based email system (e.g. Office 365, G Suite, Microsoft Exchange, Lotus Domino/Notes)
• Complete key management by Retarus: create, distribute, and manage all keys
• Easy adoption of existing PKIs (public key infrastructures)
• Gateway-based S/MIME and PGP encryption
• Full support of the X.509 v3 standard including own certificates
• Full support of the OpenPGP standard
• Automatic or user-initiated signature of outgoing emails
• Ability to include internal company encryption policies
• Centralized and flexible set of rules for emails that need to be signed
• Filters for viruses and spam despite encryption
• TLS connection to the Retarus Global Delivery Network
• Optional VPN connection for secure and confidential communication over the “last mile”
• Web email portal or password-protected PDF for encrypted communication with recipients without their own encryption solution
• Company-wide standardized solution that can be expanded as needed
• No software and hardware installation required

Email Encryption

• Practical support in the use of different addresses
• Uniform domain for external communication with different internal target addresses
• Facilitation in transition phases, e.g. the integration of company acquisitions
• Customizing as required

• Better structured reports on undeliverable emails (spam, viruses, phishing, graymail, etc.) are sent by email
• Combined overview of spam, viruses, and graymail via email
• Online access with simplified user authentication (OneClick token login)
• Direct access to quarantined emails classified as spam
• Additional virus scan after retrieval from quarantine
• Extended search capabilities, e.g. for attachments and quarantine reason
• Distinct color bar visualization based on actual threat level (i.e. from yellow to red)
• New detailed view with further information about each email
• Mobile device support (e.g. iPhone, Android, etc.)
• User-based quarantine and report settings
• System-wide configuration via the EAS Portal for administrators

Quarantäne Management – Mobile

Quarantäne Management – Mobile

Quarantäne Management – Desktop

Quarantäne Management – Desktop

• Connection of customer systems via opportunistic TLS possible
• Connection of customer systems via enforced TLS possible
• Connection of customer systems via VPN possible

• Continuous check of email server availability
• Warning sent to defined contacts in the event of errors, e.g. per text message
• Queuing of incoming emails during system downtime
• Faster response to system errors