Research proves it, most security breaches are not technology based, they’re human based. Today’s cybercriminals use harmless-looking subjects and file extension names to make sure their messages are opened even by cautious users. They also use advanced social engineering to prompt users to click on links and open dangerous attachments. The sad truth is that it has become extremely difficult for users, even those who receive regular security training, to distinguish between harmless and malicious email. If they are allowed manage their own quarantine, users will most likely release harmful messages that had been successfully blocked and put their organization at risk. To keep your network safe and your email running smoothly, it’s best to restrict your user’s ability to release dangerous messages.
Most Anti-Spam solutions automatically create quarantine accounts for all users. We think that behavior is dangerous. By default, the ZEROSPAM quarantine is centralized. But it is also incredibly flexible and gives you a full range of option for FULL GRANULARITY and TOTAL CONTROL.
Since ZEROSPAM has a very low false positive rate, the quarantine rarely contains legitimate messages. It is therefore entirely unnecessary to allow every user to manage their own quarantine. Not to mention the fact that it’s dangerous. The best way to use ZEROSPAM is to have one or several administrators manage the quarantine centrally. These super users can manually create a small number of individual quarantines for users who can be trusted with that privilege, like IT team members or who absolutely need that flexibility, like users from your executive team.
Although individual quarantine accounts can be automatically created for all users when the ZEROSPAM interface is synchronized with LDAP, that option is not recommended as it induces security risks.
When administrators notice dangerous messages are being released from the quarantine by individual users, they can block or cancel these users’ quarantine accounts.
The ZEROSPAM quarantine pro-actively warns users against releasing dangerous attachments and phishing email messages using visual clues. It displays a big red B (for Banned File) beside messages that contain a dangerous attachment and a big red P (for Phishing) beside messages that are recognized as phishing attempts. Some messages can also display both letters.
Users who have an individual quarantine account can choose to receive a daily digest of quarantined accounts by email. When this option is chosen, daily quarantine digests are sent once a day for messages that were quarantined the previous day.
" Anti-Spam is a specialized job. Antiviruses that try to act as spam filters and firewall add-on spam modules just don’t cut it. I’m through with those. "- J. Dubois, CTO RNT