Sign In
Sign In
Raptor Email Security

Table of Contents

  1. Greater Anti-Phishing Focus
  2. Where You Can Find PCCC in Q4'24
  3. Upcoming Raptor Features
    4. a. Continued Improvements to Raptor Remark Tags
  4. Features Added Last Quarter
    5. a. Raptor Remark [New] Tag
    b. Added the ability to Exclude File Extensions from Raptor checks
    c. Improved List of Certified Good Senders List IADB Database
  5. Raptor Spam Stats Corner
  6. Tip of the Quarter - Forced Password Resets often HURT security, not help

Greater Anti-Phishing Focus

PCCC plans in Q4'24 to dedicate more time and resources to our Anti-Phishing focus.

Our goal with this is to further help Raptor stand out and get more customers so that we continue to receive and even increase in volume, all the valuable Spam samples and input we receive from our customers.

In the Anti-Phishing realm, PCCC offers many services to help with Phishing such as our customized Anti-Phishing and cyber security training.

If you would like to look into our training offerings, their prices and the service provided for each are located on our website at: https://pccc.com/training/

Where You Can Find PCCC in Q4'24

What events are you attending on Cybersecurity?

PCCC will only be at two more events this year:

  • Oct 14 - 16, 2024 - MSSP Alert Live - Austin TX
    • - KAM is Presenting "How to Understand and Protect Against AI-Enabled CyberAttacks"

  • Oct 30 - 31, 2024 - Global CISO Forum & Hacker Halted 2024 - Atlanta GA
    • - KAM is Presenting "Start-ups and Downs: Parachutes that Worked / Failed"

    Upcoming Raptor Features

    Continued Improvements to Raptor Remark Tags

    In the last quarter, PCCC continued work to improve our Raptor Remark Tags in order to help better protect Raptor users.

    This is something that PCCC is committed to continuing improving. As always, though, the [External] remark tag is a key feature to use when you are worried about phishing and impersonation.

    Features Added Last Quarter

    Raptor Remark [New] Tag

    In the Q3 quarter, PCCC rolled out the Raptor Remark [New] tag.

    The [New] tag hopes to increase phish and spam prevention by marking any sender that you have NOT corresponded with in the past as [New].

    Towards the end of Q3, the [New] tag is used in Apache SpamAssassin rules to penalize some domains only if the email is from a domain the user has never corresponded with.

    The goal is to make recipients aware of any new senders they may be interacting with as they should be more careful especially when corresponding with addresses they've never seen before.

    Added the ability to Exclude File Extensions from Raptor checks

    Towards the end of Q3, PCCC added the ability to skip a file extension from Raptor checks in order to allow additional control of what file extensions can be blocked for each customer.

    This feature is useful for customers that wish to receive some attachments with extensions like .crt that might be dangerous only in some cases but useful in others such as SSL certificates.

    Improved List of Certified Good Senders List IADB Database

    In the Q3 quarter, PCCC CTO, Giovanni Bechis, worked on improvements to the Certified Good Senders List (GSL) IADB Database on Apache SpamAssassin.

    This included modifying some of the scores to make sure that Court-ordered and Legally mandated emails are NOT blocked as Spam.

    Overall, the goal was to reduce False Positives (FPs) for important emails that must be received.

    Raptor Spam Stats Corner

    Exactly how much spam do we see? About 1/3 of all the emails we process!

    Highest Spam Percent in the Last 30 Days: 90.9%
    Highest Spam Percent in the Last 60 Days: 92.1%
    Highest Spam Percent in the Last 90 Days: 92.3%

    Average Spam Percent in the Last 30 Days: 34.2%
    Average Spam Percent in the Last 60 Days: 33.2%
    Average Spam Percent in the Last 90 Days: 33.2%

    To see your domain Raptor Spam Statistics, you can navigate to raptor.pccc.com and enter your domain to be redirected to the server that you are deployed on.

    Login to your Raptor Admin Dashboard and navigate to your Raptor Statistics either via the top Raptor Admin drop down or through the Spam Statistics Tile.

    Tip of the Quarter

    Forced Password Resets often HURT security, not help

    Forced password resets often cause users to simply increment a number or add an additional special symbol to the end of their existing password much to the chagrin of security and IT professionals.

    Even the National Institute of Standards and Technology (NIST), a respected US Government Agency, that releases countless standards has, since 2020, recommended against forced password resets unless there is a specific reason.

    This is directly described in the following excerpt from the NIST Digital Identity Guidelines, SP 800-63B Section 5.1.1.2 paragraph 9:
    "
    Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.
    "

    Further, it can lead to confusion and irritation as users forget their password modifications OR simplify the password to ONLY fit the complexity requirements thus leading to less secure passwords.

    A potential solution to circumvent this is to have users generate passphrases that are memorable for them and multiple words in length as it becomes something they are attached to. Research has shown that such passphrases are much more difficult to break into than a normal 12-16 character password with a set of arbitrary complexity requirements.


Thank you,

Raptor Email Security Support
cs@raptor.us  |  +1.800.823.8402
Peregrine Computer Consultants Corporation

Newsletter Archive - Unsubscribe - Manage Subscription - Subscribe