IronPort is certainly a leading email security device. I like IronPort's C-Series mail gateways, which use Bounce...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Address Tag Validation (BATV). One spam attack that IronPort prevents is known as "joe-job," or a misdirected bounce attack. To execute this attack, a spammer sends emails with the intended recipient's address spoofed as the return address. This causes mail systems to inadvertently bounce the spam to the real victim. Bounce Address Tag Validation safeguards outgoing mail, adding an encrypted verification check to the SMTP FROM: field that makes it easier to distinguish between real addresses and fake bounced ones. What's great about this type of verification is that, unlike other email authentication technologies, it can be effective, even if other mail servers are not required to adopt it.
While I can't speak to your concerns about exposing IP addresses, it may help to know that each mail server that processes a message inserts a Received: header at the top of its list. The header includes the sender's IP address and provides a continuous track of a message's route. So, even if the sender uses a false email address when contacting the receiving server, modern mail transfer programs record the correct IP address of the sender. Thus an email message's "Received:" headers show how it has been routed to its destination. The IP address of the sender is more or less the only part of an email message that cannot be faked. It is next to impossible to spoof the IP address for the duration of the SMTP conversation. This is why IP addresses are a key component in combating antispam efforts and identifying known bad or good senders.
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Michael Cobb
A technique known as the GhostHook attack can get around PatchGuard, but Microsoft hasn't patched the flaw. Expert Michael Cobb explains why, as well...continue reading
Software developed by the hacking group Platinum takes advantage of Intel AMT to bypass the built-in Windows firewall. Expert Michael Cobb explains ...continue reading
Tensions between the U.S. and Russia have led to source code reviews on security products, but the process isn't new. Expert Michael Cobb explains ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.