Connection Level Analysis Connection management features in Proofpoint Enterprise Protection test multiple connection-level data points including DNS, MX record verification, SPF, recipient verification, and reputation data. Proofpoint constantly monitors SMTP connections at the IP address level, looking for suspect or malicious activity. Based on this analysis, SMTP rate control is used to automatically block or throttle malicious connections.
Proofpoint performs Contextual, Lexical and Image-based Analysis of content and context of messages using structural tests, English and foreign language content inspection, malicious (spyware/phishing/pharming) URL detection, phishing attacks, image analysis, reputation analysis and any custom policies administrators have defined.
An add-on enhancement to ProofPoint's filtering is their URL Defense program. If an email admin has enabled this program Proofpoint will re-write all URLs in an email with their own unique link. [URL Defense FAQ's - Powered by Proofpoint Essentials]
How can you confirm if a URL has been re-written?
What happens when a user clicks on a re-written URL?
The user is redirected to the Proofpoint URL Defense service where the URL and website is analyzed.
Is there a noticeable delay when a user clicks on a defended URL?
How long will defended URLs continue to work?
Will URL Defense protect a URL that is safe at one-time but becomes comprimised later?
As a sender, if you have the Email Deliverability PowerPack, you can refer to the headers to confirm if Proofpoint has flagged your mail as spam. Each mailbox provider can customize their own scoring rules but the following is the default.
0-49 is clean
50-94 is quarantined
95+ is discarded
Proofpoint's secure email gateway is used by 4,000+ customers and 53% of the F100 and ~30% of the Fortune 1000.
Is this article helpful ?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.