E-mail system regulation
In order to combat the growing computer security threats, specifically in electronic mail systems, it has become essential to review and modify some rules and requirements that govern the operation of these systems.
SPF – Sender Policy Framework
Sender Policy Framework (SPF) is a mechanism that identifies which email servers are allowed to send email on behalf of your domain, through the DNS system.
Systems that send e-mail with a sender address @ isr.uc.pt will most likely be classified as Spam, if they are not on the list of authorized persons in the SPF records.
If you need a system or service that sends e-mail with sender @ isr.uc.pt, you should contact the ISR Informatics Office (email@example.com), with a view to obtaining instructions on how to proceed.
Implications of this requirement
It is no longer possible to use alternative identities for sending mail. For example, you cannot use the DEEC or IT SMTP server (sending) to send e-mail with the sender @ isr.uc.pt. For this, you must set up an ISR account.
DKIM – DomainKeys Identified Mail
DomainKeys Identified Mail (DKIM) is a mechanism for validating and guaranteeing the integrity of the content of the email during its transport, with regard to its modification both in the content and in the headers. This mechanism also validates if the e-mail attachments, if any, have not been altered during transport from the sender to the recipient.
A digital signature of the issuing server is included in all emails sent.
This mechanism allows you to avoid spoofing attacks. Spoofing is a malicious technique of changing the sender of a message so that the victim opens emails, for example, with viruses or other malicious devices (phishing, etc.). This is because the malicious message arrives in the e-mail box with the sender of someone you know.
ISR systems implement the DKIM system, to increase security in e-mail.
The widespread use of e-mail as a form of everyday communication has made it an obvious target for malicious activities by malicious people. Mail sent in this context is called Spam.
The response of system administrators to this threat is systems and mechanisms whose function is to filter and block unsolicited and malicious messages, which are called anti-spam systems.
These systems are placed before the end server, where the mail is delivered and normally work transparently for the end user. Currently, all email service providers implement some type of anti-spam filter.
Due to its nature, there is no perfect anti-spam system. For this reason, the system may, in particular situations, retain an email, classifying it as Spam. There are ways to recover these emails, when considered a false positive, associated with mechanisms that allow this to not be repeated.
Due to the discontinuation of the Anti-spam service in operation at ISR, it became necessary to proceed with its replacement with a new one. This process was the subject of a careful study of the existing alternatives followed by a phase of laboratory tests, having opted for the MailCleaner solution.
The MailCleaner system is based on a set of sophisticated filtering technologies that work together. End users have full control over the quarantine function: with a simple click, the user can delete or release any message held by the filter.
MailCleaner implements a number of complementary techniques for detecting and blocking Spam, combining artificial intelligence algorithms that are constantly adapting to the identification of ever-changing spammers' techniques.
The anti-virus filter built into MailCleaner filters messages for viruses, worms and suspicious attachments with potentially malicious content.
MailCleaner can recognize and classify newsletters. The user will only receive the newsletters that he / she really wants to receive and keep the rest in quarantine.
MailCleaner has an authenticated web interface for simplified self-service management of quarantined messages, black and white lists, among other features.
The address for Self Service is https://antispam.isr.uc.pt.