According the Free Dictionary  is the act of sending unsolicited e-mail, often of a commercial nature, sent indiscriminately to multiple mailing lists, individuals, or newsgroups; junk e-mail. However, things are more complicate than that because spammers and hackers often co-operate or they share the fruits of their activities. If you still believe that spamming is a simple annoyance, then you are probably wrong and you should read additional information in this page.                                                               


Spamming is one the best means for deploying a Stage 1 attack "Initial intrusion through system exploitation". System exploits are typically delivered through the Web (remote exploit), or through the e-mail (local exploit) as an attachment. A fictitious company e-mail purposely sent for mass infection can include Phishing content or link to a hacking remote control centre. Company users, unaware that the e-mail is fake, click on the link or on the attachment and deploy the Stage 2 of the attack "Malware is installed in the compromised system".


 The above image shows an automated SPAM reconnaissance activity to a Web Server



 Second line of defense for e-mail aiming to reduce spamming but also Phishing attacks risks mitigation.

 What is it?

 About the offering

 The offering consists on implementing a PKI, where the user can exchange encrypted e-mails internally and non encrypted e-mail externally. Alternatively, the other method consists in implementing e-mail server configuration of anti-spamming software and rules.

 Deal characteristics

 Typical clients are in the 10-5000 users range;

 Clients with annual revenue is higher than $5 million;

 Clients with homogenous compute requirements;

 Typical deal cost is between $15,000 and $50,000;

 Client benefits

 Cost savings as the product is based upon Open Source software;

 Predictable product roadmap;

Compatibility with Open Source based UTM applications.



The above image shows the anti-spamming filter which automatically flags incoming e-mails. They are directly routed to the junk folder, thus minimizing the risk for the user clicking on phishing e-mails.