Classifications

The following classifications are applied to (potential) phishing emails:

• Phishing

• Possible phishing

• Anti-phishing failure

For details see 5.11. Email classifications.

Handling of phishing emails

Based on the configuration, Email Gateway Security can handle (potential) phishing emails in the following ways:

• Reject,

• Delete,

• Quarantine or

• Deliver.

For details see the Anti-phishing and anti-spam section under 4.4. Policy.

Dynamic anti-phishing

OPSWAT’s dynamic anti-phishing is a time-of-click analysis solution of URLs in email bodies.

If Enable Dynamic Anti-phishing is turned on under Security Rules > rule / ANTI-PHISHING, all links in the email body will be redirected through MetaDefender.com Safe URL redirect service for URL reputation check.

If the URL turns out to be safe, then the browser is redirected to it immediately without any disruption of the browsing experience.

If the URL is detected as potentially malicious, then a warning screen calls the attention of the user to the possible risk:

Converting HTML emails to text-only

Hyperlinks and other, rich HTML features can be exploited to commit phishing, and other malicious attacks against the recipients of emails with HTML body.

As a counter-measure, Email Gateway Security supports converting emails with HTML body to text only emails.

To enforce the HTML body conversion to text only, the Deep CDR engine in MetaDefender Core needs to be configured to convert HTML to text.

Classifications

The following classifications are applied to (potential) phishing emails:

• Spam

• Possible spam

• Anti-spam failure

For details see 5.11. Email classifications.

Handling of spam emails

Based on the configuration, Email Gateway Security can handle (potential) spam emails in the following ways:

• Reject,

• Delete,

• Quarantine or

• Deliver.

For details see the Anti-phishing and anti-spam section under 4.4. Policy.