Filter malicious emails
Summary
All incoming and outgoing emails must be checked with an anti-spam filter.
Description
The requirement to check all incoming and outgoing emails with an anti-spam filter is a proactive measure to enhance email security, protect users, and maintain the integrity of the organization's email communications. It reflects a commitment to mitigate the risks associated with spam and maintaining a secure and reliable email service.
Supported In
This requirement is verified in following services
| Plan | Supported |
|---|---|
| Essential | 🔴 |
| Advanced | 🟢 |
References
- CAPEC™-41. Using meta-characters in e-mail headers to inject malicious payloads
- SOC2®-CC6_6. Logical and physical access controls
- SOC2®-CC6_8. Logical and physical access controls
- MITRE ATT&CK®-M1037. Filter network traffic
- HITRUST CSF-09_j. Controls against malicious code
- FedRAMP-CA-2_2. Security assessment - Specialized assessments
- ISA/IEC 62443-SI-3_2. Malicious code protection
- OSSTMM3-11_3_1. Data networks security (active detection verification) - Filtering
- ISSAF-J_6_4. Network security - Anti-virus system (methodology)
- PTES-5_4_2_5. Vulnerability analysis - Manual validation specific protocol (mail)
- SIG Core-D_4_4_4. Asset and information management
- SIG Core-D_6_5. Asset and information management
- OWASP ASVS-5_2_3. Sanitization and sandboxing
- CASA-5_2_3. Sanitization and Sandboxing
Vulnerabilities
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.