New anti-phishing authentication in Sophos Email Advanced using SPF, DKIM and DMARC

Sophos launches Sophos Email Advanced, the first e-mail protection solution that offers predictive protection with active threat protection (ATP), anti-phishing authentication, e-mail scanning support, and security policy support.

New features in Sophos Email Advanced

Active protection against threats (ATP)

  • Sophos Sandstorm sandbox and advanced URL protection.
  • Artificial intelligence built into Sophos Email sandboxing is able to detect and block unknown malware.
  • Immediate protection against advanced URLs checks the reputation of a website or email link before mail delivery and when clicked - blocking secret and delayed attacks.

Anti-phishing e-mail authentication

  • Combination of SPF, DKIM and DMARC authentication techniques and analysis of e-mail headers.
  • Sender Policy Framework (SPF) to define and verify who can send e-mails from a given domain.
  • DKIM (Domain Keys Identified Mail) email authentication system based on asymmetric cryptographic keys.
  • Reporting and compliance with domain message authentication (DMARC) to determine what to do when messages do not end with SPF or DKIM.

Scanning outgoing mail and comprehensive security policy support

  • Scanning of spam and viruses from outgoing e-mail to prevent unintentional distribution of threats and protect the company's reputation.
  • The ability to create individual security policies for individuals, groups or the entire domain within a few minutes.

Data placement and processing options

  • Available through the cloud management platform Sophos Central.
  • Sophos Secure Email Gateways can be implemented as a local device or in the latest version of Sophos XG Firewall.
  • Message processing centers in Ireland, the USA and Germany.
  • The deployment of Sophos Sandstorm in Ireland, the USA and Japan.

E-mail is still the most popular attack vector for companies

Sophos Labs research has shown that 75 percent of malicious software within a company is specific to the company, indicating that vulnerabilities are the source of most attacks. The only way to overcome this problem is the deep learning technology based on neural networks, which is integrated with the Sophos standboxing technology. The software aims to identify previously unnoticed malicious files sent in e-mail.


E-mails are still the main target of cybercriminals attack, which launch the so-called campaign. 'Spear-phishing', localized or 'spray and pray'. Sophos processes data from more than ten million mailboxes protected daily with the Sophos Email solution. It is estimated that approximately 80 percent of emails classified as spam contain malicious content. As we have seen in the last few years, email is also a major intermediary in the proliferation of ransomware.

A recent Sophos study found that over 50 percent of companies around the world have experienced ransomware attacks in the last 12 months. Sophos Email Advanced includes the CryptoGuard sandbox technology, which stops the ransomware before it goes to the employees' inboxes. Another basic defense against ransomware and phishing attacks is Time-of-Click protection, which scans the URL when it is clicked on, thus preventing clandestine attacks and delayed results. Outbound mail scanning and comprehensive security policy support can prevent unwanted malware shipping by the company or send spam to clients or partners, reducing the impact of an attack on the community and protecting the reputation of the company.

With the development of cloud-based platforms such as Office365 and Google G-Suite, companies need an advanced security solution that detects zero-day threats and advanced malware. Ransomware-As-A-Service (RaaS) and comprehensive malware systems have made it easier for cyber criminals to customize and deliver more complex, targeted attacks via email.

- comments Bill Lucchini, senior vice president and general manager of the Messaging Security Group in Sophos.

Sophos Email is a key pillar of the integrated end-to-end data protection system in the Sophos Central management platform. IT professionals can manage the protection of Intercept X endpoints in parallel with Sophos Email Advanced and Phish Threat, providing stronger defense in detecting and blocking threats, and training users who are the weakest links in their security strategy. The threat data from Sophos Email Advanced can increase Security Synchronized intelligence and contribute to the general intelligence of the community at SophosLabs.

Sophos Email Advanced is available from registered Sophos partners around the world. Additional information can be found on the Sophos website here. To sign up for a free 30-day trial, click here.


Add new comment

The content of this field is kept private and will not be shown publicly.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.