Retarus E-Mail Security & Compliance Services
The comprehensive solution for virus- and spam-free email communication: offering gateway-based encryption, data processing in Retarus data centers according to local data protection regulations, innovative email management, and tamper-proof archiving.
General Functions – Protect, Detect, React & Analyze
Retarus E-Mail Security blocks malware such as viruses, spam, phishing mails, ransomware and other digital threats. Patient Zero Detection identifies malware that is unknown at the time it is spread and can therefore penetrate defense mechanisms to reach customer inboxes. This solution allows you to respond quickly to these threats and prevent harmful activity. Retarus’ innovative queueless design analyzes incoming emails without a cache. Emails arrive without delay thanks to minimal throughput time. For maximum security, Retarus continuously updates and optimizes virus scanners and filter methods.
Retarus’ Directory Filter rejects incorrectly addressed emails. Processing time of incoming and outgoing emails is significantly faster. Valid addresses are automatically and regularly reconciled with customer systems.
- Protection from denial-of-service and directory harvesting attacks
- Inbound reputation management – traffic shaping and traffic throttling mechanisms
- A service that learns dynamically with scoring/penalty system for spam relays
- Queueless design with checks on the SMTP session level
- Automatic address book reconciliation from Microsoft Exchange, Lotus Notes/Domino, LDAP
- Address book reconciliation in time intervals defined by the user
- Provisions for alias names and other domains
- Bounce management according to RFC 3461, 3463 and 3464
- Configuration and manual address entry through the Retarus EAS portal
AntiVirus MultiScan automatically scans incoming and outgoing emails and file attachments for viruses with up to four virus scanners and uses heuristic analysis to protect from unknown malware.
- Higher identification rate with up to four virus scanners
- Protection from unknown viruses using heuristic analysis (Zero-Hour Protection)
- Elimination of threats before they reach the customer’s infrastructure
- Continuous updating of virus definitions
- Notification of deleted infected emails via an email security report (E-Mail Digest)
Spam check of incoming emails using rules and tools that are continuously updated. Depending on the service setting, emails classified as spam are flagged or placed in quarantine.
- Spam protection with an identification rate of over 99.95%
- False positive rate of less than 0.0001%
- Protection from mass non-delivery notifications (backscatter protection)
- Blacklists and exception lists at the user, profile, domain, and global level
- Multi-lingual content analysis
- Content and structure analyses using heuristic methods
- Upstream bad word filter to meet compliance policies
- Fingerprint analysis, Bayes algorithms, sender check
- Continuous updating of intelligent filter, pattern, and identification rules
The Phishing Filter scans incoming emails in real time for phishing scams. Those that match the criteria are flagged as “phishing” emails and quarantined or deleted immediately.
- Additional URL comparison with specialized real-time sources for known phishing URLs
- Configuration in the EAS portal
- Granular configuration at the global and profile levels
The Attachment Blocker prevents the receipt of files attached to incoming emails that match criteria defined by the customer. These are files that should be prevented from reaching the company infrastructure, for example .EXE, .ZIP, or Office files with macros.
- Block undesired email attachments
- Defining files to be blocked using the file extension
- Defining files to be blocked using the MIME type
- Automatic blocking of nested or password-protected archives and unknown MIME types
- Configurable message options for recipients regarding deleted attachments
- Option to deliver copies of original mails to administrators
Outbound emails are transferred from the customer’s email server to Retarus. Emails are identified in Retarus data centers, fully encrypted using customer-specific rules, signed as needed and sent securely to the recipient. This means that the email and all of its file attachments are encrypted.
- Compatible with any SMTP-based email system (e.g. Office 365, G Suite, Microsoft Exchange, Lotus Domino/Notes)
- Complete key management by Retarus: create, distribute, and manage all keys
- Easy adoption of existing PKIs (public key infrastructures)
- Gateway-based S/MIME and PGP encryption
- Full support of the X.509 v3 standard including own certificates
- Full support of the OpenPGP standard
- Automatic or user-initiated signature of outgoing emails
- Ability to include internal company encryption policies
- Centralized and flexible set of rules for emails that need to be signed
- Filters for viruses and spam despite encryption
- TSL connection to the Retarus Global Delivery Network
- Optional VPN connection for secure and confidential communication over the “last mile”
- Web email portal or password-protected PDF for encrypted communication with recipients without their own encryption solution
- Company-wide standardized solution that can be expanded as needed
- One software and hardware installation required
Detect & React
Patient Zero Detection
A malware’s signature is still unknown the first time it appears, even to the best virus scanners. That is why infected emails can still be delivered despite virus scanners. Patient Zero Detection, in combination with AntiVirus MultiScan, uses a digital fingerprint to identify emails containing malware that have already been delivered. Relevant alerts are sent according to customer settings. This way, appropriate defensive actions can be taken as quickly as possible.
- Identifying the recipient (Patient Zero) of already delivered harmful emails
- Alerts to administrators (to ensure a quick response)
- Optional alerts to users
- Detailed, standardized information via admin notification to support automatic processes to remove emails from the server
- Configurable text for alerts (enables the distribution of behavior recommendations to the user that are easy to understand and can be quickly implemented)
- Cumulative reports for any given period of time
- Simplified IT forensics
- Supports the optimization of security settings (e.g., blacklisting)
- Seamless integration with other functions such as Retarus Enterprise E-Mail Archive or Retarus E-Mail Encryption
E-Mail Live Search
E-Mail Live Search provides detailed results on the status of individual emails in real time. This search function makes it easier to find emails, simplifies the analysis of delivery delays, and supports IT forensics. For example, the help desk can release emails marked as graymail to users from within user guidance.
- Targeted search in real time for inbound and outbound emails
- Immediate display of the results list
- All information available for up to 45 days
- Direct access to emails found in quarantine
- Clear information about throughput time
- Targeted search for message ID and source IP
- Detailed information about each Retarus E-Mail Security step
- Information about infectious emails identified by Patient Zero Detection
Enterprise E-Mail Archive
Enterprise E-Mail Archive offers tamper-proof archiving of business email correspondence. Archived emails cannot be changed, are protected from unauthorized access, and can be found in milliseconds even when the email volume is large.
- Automatic archiving of internal and external email correspondence including attachments
- Encrypted storage of each individual email in original format (MIME) including attachments (used of own certificates possible)
- Reliable spam and virus checks prior to archiving
- Tamper-proof storage and data processing according to applicable data protection regulations in Retarus data centers in Europe
- Storage period may be selected (for example, ten years)
- Emails cannot be deleted or changed during legally binding retention periods
- Emails and attachments are received even during system failure or if mailboxes are accidentally deleted
- Targeted indexing of relevant key data for fast searches
- Powerful search functions, e.g. search for sender and recipient, as well as file names and types of attachments, or full text
- Ability to access archived emails and attachments in milliseconds
- Administrative access for authorized persons according to the double-check principle
- Easy and secure user access via single sign-on
- Access irrespective of inbox quota
- Ability to deliver archived emails and attachments to own business inbox
- Complete logging of all access attempts and actions
- Saved emails with attachments (data carriers, other archiving systems) can be migrated
Data Leakage Prevention
Data Leakage Prevention prevents company data from involuntarily leaving your business through email. Confidential data is protected effectively. Users can send emails only if a monitoring entity, for example a functioning mailbox, is included in the distribution list. This can be checked randomly and/or in suspicious cases in order to implement compliance requirements efficiently.
- Monitoring entities can be defined for sending emails
- Configuration options at the profile, group, and user level
- Exception rules via blacklists and whitelists
According to statutory requirements, business emails must contain signatures, just as they are required for customary business letters in commercial correspondence. Required information includes data that is often changed, such as telephone numbers. Retarus E-Mail Signature helps create and centrally manage signatures and disclaimers quickly and efficiently.
- Centralized management of personalized email signatures and disclaimers
- Easy maintenance using the WYSIWYG editor in the Retarus EAS portal
- Personalization directly via Active Directory or Lotus Domino/Notes
- Signature and disclaimer assignment at the profile level
- Ability to combine any signature with any disclaimer
- Use of signatures in external emails only
Large E-Mail Handling
Retarus Large E-Mail Handling allows recipients to receive large emails despite size limitations defined for the mail server. This means even multi-megabyte messages, such as job applications, balance sheets, patent documents, design drawings, and loan applications will reach their destinations.
- Receive large emails regardless of size limitations
- Flexible configuration of size limitations at the company and profile level
- User access for downloading emails with simplified user authentication (OneClick token login)
- Lighter load for email infrastructure and backup systems
- Quicker restore times, reduction in storage costs
- Consistent implementation of email policies
Quiet Time allows you to define periods during which employees do not receive external emails,for example, during free time and on weekends. It allows you to define periods during which emails are not delivered to inboxes so that email servers can undergo maintenance.
- Configure email-free periods (external emails)
- Individual settings for different user profiles
- Secure temporary storage of emails in Retarus data centers
- Automatic delivery of emails after defined periods expire
- Bypass function for high-priority emails
- Emergency button for immediate delivery of emails during email-free periods
Email security reports (E-Mail Digest) that are delivered at customized points in time offer a fast overview of intercepted viruses and spam messages as well as graymail.
- Combined overview of spam, viruses, and graymail via email
- Online access with simplified user authentication (OneClick token login)
- Direct access to quarantined emails classified as spam
- Additional virus scan after retrieval from quarantine
- Targeted search for emails in quarantine
- Mobile device support (e.g. iPhone, Android, etc.)
- User-based quarantine and report settings
- System-wide configuration via Retarus Enterprise Administration Services portal for administrators
Retarus Inbox Assist gives executives, managing directors, department heads, and assistant-supported teams the ability to forward incoming emails automatically to assistants, either exclusively or in copy. This means business correspondence can be presorted and processed immediately. The inbox remains organized and confidential emails remain confidential.
- Exclusion of defined senders from forwarding for more privacy
- Immediate delivery of emails from important contacts despite assistant forwarding
- Convenient maintenance of personal contacts
- Reconciliation of any address book via vCard (Microsoft Outlook, IBM Notes, iCloud, etc.)
- Automated synchronization of Google contacts
- Control of assistant forwarding
- No additional configuration of email server required
E-Mail Size Reduction
Retarus E-Mail Size Reduction cleans code and ensures better and faster display in the email client. This reduces the requirements for storage and backup capacity.
- Reduces the data volume by up to 30% without information loss
- Removes excessive header information and alternative email bodies
- Removes unwanted read confirmations
- Compresses attachments (ZIP)
- Faster, better email display due to cleaned code
Encrypted Connection to Retarus
Maximum protection for customer data: customer systems are connected via TLS (Transport Layer Security) or optional VPN (Virtual Private Network) to the Retarus Global Delivery Network. This makes it impossible to read data exchanged between customers and the Retarus infrastructure even with today’s level of technology.
- Connection of customer systems via opportunistic TLS possible
- Connection of customer systems via enforced TLS possible
- Connection of customer systems via VPN possible
Retarus E-Mail Check continuously checks to see if connected customer systems are available and distributes warnings to defined contacts in the event of errors.
- Continuous check of email server availability
- Warning sent to defined contacts in the event of errors, e.g. per text message
- Queuing of incoming emails during system downtime
- Faster response to system errors
Administration, Monitoring, Reporting
In addition to easy management of service instances and user profiles 24/7, the web-based Retarus Enterprise Administration Services portal (EAS) offers information about the effectiveness of Retarus E-Mail Security Services. All reporting and monitoring information can be downloaded in a prepared format, offering process transparency that is unique to the market.
- Transparent display of all service features
- Management of service and all additional services
- Detailed reports and powerful analysis functions
- Performance Monitoring
- E-Mail Live Search – tracking of all incoming and outgoing emails in real time
- Setup and management of user profiles
- Individual management rights for administrators via Access Management
- Support ticket creation and tracking
- Secure access via web browser