Email / Spam Protection

There are three main points:

  • IMPACT's Messaging Security provides many different layers of protection for defense-in-depth of one’s inbox.
  • The service is uniquely configurable, providing the versatility that email administrators and solution providers need to address the widest range of end-user requirements. Mail for a specific user will only be subjected to the tests dictated by their configuration (or if one is not specified, by the default enterprise configuration).
  • The architecture is extensible so that new defenses can be added as they become available or desirable.

Key Differentiators

IMPACT's Messaging Security offers powerful and effective capabilities not found in any other solution on the market.

A wide range of capabilities and blended defense provide maximum user control.

Email users often have a favorite method of dealing with unwanted content and senders. Some people like the precision of allow/block lists to authorize or block specific senders or domains (often called “whitelisting” and “blacklisting”); others prefer the simplicity of content filtering; still others like the added effectiveness of challenge-response methods.

A similar range of preferences exists for handling the messages classified as spam. Some users want a daily email summary of blocked email; others want to examine their spam quarantine folder directly; still others may choose to divert their daily quarantine summary to an assistant for checking. Some may not want to be bothered with checking spam folders at all, and elect to have any offending mail vaporized.

IMPACT's Messaging Security service has the versatility to accommodate all of these preferences, and more. Importantly, capabilities can be blended to provide more effective protection than can be achieved by using any one technique independently. In particular, customer experience shows that by combining content-independent techniques with content-based filtering techniques, IMPACT's Messaging Security yields dramatic improvements in user control over inbox access.

Address-on-the-Fly™ protects the user’s primary address.

Address-on-the-Fly™ (AOTF) provides users with a unique, liberating capability for disclosing email aliases as alternatives to their primary address. Its simple implementation does not require any user interaction with the service, and it spares the use of one’s primary address from public or uncontrolled disclosures that may result in new sources of spam. All AOTFs automatically resolve to the user’s single inbox.

AOTF-generic-shadowThis popular feature provides an effective means of controlling inbox access, blocking spam, making phishing attacks immediately evident, and preserving the long-term integrity of the user’s primary email address.

Savvy email users have long recognized the value of using multiple email addresses, and general awareness is growing. In fact, many consumers now employ multiple addresses, albeit by maintaining separate email accounts. AOTF brings the power of this technique to a single inbox in a fully automated fashion.


An in-message control panel informs and empowers the user.

IMPACT's Messaging Security unique in-message control panel provides a simple and intuitive means for bi-directional communication between the user and the service, presenting the user with message-specific options for controlling inbox access.

IMPACT's Messaging Security  uses the control panel to identify the envelope To: address in order to bring out information about the message. For example, a message recipient can see when one party has shared the recipient’s address with another party. IMPACT's Messaging Security users employ the control panel to communicate with the service, amending their access policies for specific senders and addresses.

Experience confirms that users find the control panel to be simple, helpful, and effective. It’s easy for users to understand, the choices are intuitive, and most of all, users like the ability to take concrete, immediate action to squash a spammer.

Some users also employ the control panel as a safe alternative to the unsubscribe function in many emails, which some people no longer trust out of fear that it merely confirms a valid address and alerts a spammer to a “live” recipient.

Control panels are available in English, Spanish, French, German, Brazilian Portuguese, Dutch, Italian and Chinese, with Russian and Hebrew on the way.

Outbound email auditing helps protect one’s brand and avoid email disruptions.

No legitimate correspondent or domain owner ever wants to be in the position of inadvertently sending out spam and viruses. It’s not only embarrassing, but can damage one’s reputation or brand. It can also lead to severe operational disruptions if one’s email server gets “blacklisted,” as this dreaded outcome prevents the delivery of all mail, good and bad, to all recipients at domains that utilize the specific blacklist to preemptively block senders deemed to be abusive or careless. This can be especially bad for Internet Service Providers (ISPs), as a blacklisted server affects all domains supported by that server, whether responsible for the outgoing spam or not.

IMPACT's Messaging Security Outbound Mail Auditing (ROMA) addresses these serious concerns by inspecting outbound messages using pattern matching, statistical heuristics, and fingerprint filtering and scanning techniques. As outbound mail is received by IMPACT's Messaging Security servers, each message is passed through a series of checks to determine conformance with message size and volume limits, to identify message type (for example, to isolate bounce messages to avoid “blowback spam”), and to scan for spam and viruses.

Each outbound message is then routed according to its categorization. For example, policy-offending or suspicious mail is placed in a quarantine queue, while non-delivery receipts are routed through a server that is dedicated to such traffic. If that server becomes blacklisted, it won’t jeopardize one’s operations. Messages found to be spam or to contain viruses are also placed in the quarantine.

When a message fails a security or policy check, the network administrator is automatically alerted to the offending or suspicious content. These alerts specify the reason for placing the message in the quarantine; for instance, because the message content exceeded a size or “spamminess” threshold set by the originating domain, or it contained a virus, or the volume of mail from the specific sender exceeded a specified message-rate-over-time threshold.

These alerts can be customized as appropriate for one’s specific policies. From these alerts, administrators can take several actions, such as releasing a specific message for delivery, vaporizing the message, or logging into the stabilITy Messaging Security administration console to dispatch multiple messages. In addition to alerting, IMPACT's Messaging Security provides an optional branded bounce notification to the end user to inform them of a violation of policy, or in the case of an ISP, of a contractual stipulation, such as a limit on the amount of email that can be sent during a 30-day trial period.

ROMA provides the capability to implement rate limiting for individual users, blended with content and domain filtering, and controlled through a user interface. For example, if a user sends 20,000 messages in a specified time period, x% of which exceed a pre-set content-scoring threshold, IMPACT's Messaging Security will queue those message as suspicious and send an automated alert to the email administrator or ISP for review. IMPACT's Messaging Security will also profile the standard email usage patterns of individual users and compile a report. This report can help to identify suspicious senders or zombie PCs so that remediation can begin, or so that an ISP can take necessary steps such as contacting and/or canceling the customer in order to avoid any damage to its IP addresses.

Here’s a look at everything IMPACT's Messaging Security Total Control has to offer.

IMPACT Messaging Security on Defenses

IMPACT's Messaging Security users have access to a broad range of email defenses, which can be blended to provide exceptional inbox control. Default and custom configurations simplify deployment, while providing the versatility needed to address the widest range of user requirements.

SMTP Enforcement

IMPACT's Messaging Security uses its LDAP sync capabilities to maintain a database of known users at each customer domain. This database enables the system to deny delivery of mail to unknown users after receiving the “To:” address from the message envelope. This approach provides protection against directory-harvest and denial-of-service attacks (DHA and DoS, respectively), and saves considerable bandwidth.

Recipient Checking

In cases where IMPACT's Messaging Security has not been provided with a list of users for an enterprise, the system automatically queries the customer’s MTA to determine if a recipient is legitimate.

Allow Lists (Whitelisting)

Users can get started by using IMPACT's Messaging Security Outlook Contact Harvester to build a list of their email correspondents. This utility collects Outlook contacts and addresses from messages in the Sent Items folder. Automated “allow list on first outbound” and “allow list on reply” features keep one’s allow list current over time. Allow lists can include individual addresses or entire domains, and support enterprise-wide entries.

Block Lists (Blacklisting)

The block list is used to block email from specific addresses or domains. A block list entry can be created through either the in-message user control panel or the IMPACT Messaging Security Message Center user interface. Enterprise-wide entries may be added to the block list.

Content Filtering

IMPACT's Messaging Security may be deployed transparently by utilizing content filtering to screen messages from senders who are not on a recipient’s allow list and which have passed prior tests, such as permitted countries and permitted languages. Filtering provides simple, transparent set-and-forget protection, although a user may choose to inspect their quarantine or receive a daily summary of messages in the quarantine. IMPACT's Messaging Security provides a simple means for the user to tailor the sensitivity of the filter for their specific preferences.

Address-on-the-Fly™ (AOTF)

IMPACT's Messaging Security Address-on-the-Fly enables users to spontaneously disclose a purpose-specific address on a website, in a discussion forum, in print or conversation without interacting with the system. These addresses take the form of a root name plus a suffix of the user’s own choosing. For example, to register on eBay, Jane Doe might disclose the address, where the “.ebay” suffix serves as an “email PIN” that assures delivery of email sent to this address. Addresses are independently controllable by policy so that legitimate users of the address can be “locked down” in the event the address is ever harvested and abused by a spammer.

If an Address-on-the-Fly starts to attract spam, the user can first identify who is sharing the email address and then exert varying degrees of control over future use of the address. The user can (a) block the specific abusing sender, (b) lock down the address, reserving its future use solely for the existing community of legitimate senders, (c) restrict future use to senders at the domain of the sender to which it was initially disclosed, (d) restrict use even further to just the party to which it was initially disclosed, or (e) disable the address, in which case all future incoming mail on the address will be blocked, flagged or challenged. These options are implemented very simply through the optional user control panel present in the bottom of email messages.


As an option, IMPACT's Messaging Security automatically inserts a control panel at the bottom of incoming messages, and removes it on Forward or Reply. This control panel provides a means of communicating with users, for example, to inform them when one correspondent appears to have shared their address with a third party. It also provides a simple means for users to update their access preferences for a specific sender and address simply by clicking on the intuitive in-message links that are provided. IMPACT's Messaging Security control panel is available in English, Spanish, French, German, Brazilian Portuguese, Dutch, Italian and Chinese, with Russian and Hebrew on the way.

Permitted Languages (RPL)

This capability augments traditional content filtering by blocking messages in any language other than those specifically approved for delivery at the enterprise and individual user levels.

Permitted Countries (RPC)

This capability further augments content filtering by blocking messages from any country other than those specifically approved for delivery at the enterprise and individual user levels. Delivery decisions are based on the IP address of the sending server. While some organizations with international clients may not use this capability, many domestic businesses may not ever want to receive email that can be determined to have originated outside their home countries or geographic areas of operation.

Total Control

IMPACT's Messaging Security provides maximum control over access to one’s inbox. We believe there is no more powerful solution on the market today. In this mode, IMPACT's Messaging Security expedites the creation of the user’s allow list, then utilizes an automatic challenge-response for every new inbound correspondent, asking them to resend their message to a Protective Address with a suffix automatically assigned by IMPACT's Messaging Security. By establishing correspondent-specific To-From address pairs, each controllable by policy, IMPACT's Messaging Security deprives spammers of their primary technique. If they spoof the From address, they must associate it with the proper To address in order to reach the user’s inbox. The chances of this are negligible, hence the term, Total Control.


IMPACT's Messaging Security scans both incoming and outgoing email for viruses, worms, and other malware.

Blended Defenses

IMPACT's Messaging Security enables users to mix and match various defenses to suit their specific preferences. Our experience shows that blending Protective Addresses with traditional methods produces a stronger defense that also avoids the pitfalls of traditional defenses used independently.

Spam-Handling Options

A variety of options exist to respond to individual or organizational preferences.

Flag and Deliver

Users who don’t have a serious spam problem may elect to have spam delivered to their inbox with a spam tag in the subject line. This avoids the need to examine the daily spam digest or inspect the quarantine, and enables the recipient to identify a false-positive immediately.


Spam can be delivered to a web-based quarantine folder for periodic inspection by the intended recipient.

Daily Spam Digest

Users may elect to receive a daily summary of new mail diverted to their quarantine folder. The summary includes the sender, subject line, date and time, and contains links to either release a message to one’s inbox, or release the message and add the sender to the allow list so that future mail from the sender will be delivered directly to the recipient’s inbox.


After becoming comfortable with the accuracy of IMPACT's Messaging Security protection, some users elect to vaporize spam rather than quarantining it. Alternatively, one may elect to vaporize only those messages with a score that exceeds a pre-specified threshold while everything else goes into the quarantine. When utilizing Address-on-the-Fly, users may find that specific merchants or websites share their address. When this happens, the user may “lock down” the AOTF, reserving its use for senders at the domain to which it was originally disclosed while vaporizing all other mail arriving on the address, thereby removing it from their quarantine.


In order to minimize the risk of false-positives, users may elect to send a challenge to the sender of any incoming message that fails a delivery test (with the exception of the unknown user and virus tests). While spammers generally don’t respond to challenges (creating the presumption that their email can be properly quarantined or vaporized), this precaution gives legitimate senders the opportunity to identify themselves and have their message delivered. The challenge may take two forms: it can give the sender a means of adding themselves to the user’s allow list by clicking on a link, or it can direct them to resend their message to a new Protective Address automatically created for their use. This approach dramatically reduces the amount of “backscatter” because challenges are triggered by a small fraction of the overall volume of incoming email. (While some users love the effectiveness of Challenge-Response, others are concerned about sending challenges to innocent parties whose email addresses have been hijacked by spammers. We see this as a choice for the user to make.)

Other Email Services

Email Continuity

When a customer’s local email server experiences an outage — as would occur when there is a power failure, for instance — IMPACT's Messaging Security automatically queues all incoming mail for up to 10 days until the server comes back on line, at which point all queued mail is delivered.

Outbound Disclaimer of Messages

IMPACT's Messaging Security provides the ability to add a disclaimer or custom signature block to outgoing messages without having to interact with the local email server.

Marketing Campaign Tracking

By using a Protective Address for responses to a marketing campaign, IMPACT's Messaging Security makes it simple to determine the source of incoming leads.

Deployment Options

Four basic modes are recommended for rapid deployment:

Basic Security (Default)

  • Optimized content filtering
  • Allow list on first outbound message (“intelligent whitelisting”)
  • Vaporize messages to unknown users
  • Quarantine spam and send a daily quarantine summary
  • Address-on-the-Fly (AOTF)
  • In-message control panel (optional)
  • Message Center access (optional)
  • Antivirus protection

Blended Security

This mode provides more information and interactivity for users that seek a more robust email experience.IMPACT's Messaging Security provides step-by-step instructions and some automated support for users of this mode.

  • Content filtering (with user-adjustable scoring thresholds)
  • Allow list on first outbound message (“intelligent whitelisting”)
  • Use of alternate outbound address for outbound communication
  • Address-on-the-Fly (AOTF)
  • Options for flagging spam, bouncing spam, sending spam to a delegated folder or quarantining spam and sending a daily quarantine email
  • In-message control panel
  • Limited Message Center access with a user landing page
  • Antivirus protection

Total Control

Maximum performance and full forensics; ideal for users who cannot tolerate the limitations of content filtering.

  • Allow list on first outbound message / “Intelligent Addressing” (optional)
  • Address-on-the-Fly (AOTF)
  • Use of alternate outbound address (a secondary alias) for outbound communication
  • Automatic change-of-address (CoA) messages, customizable for each organization
  • Optional filtering for Protective Addresses that have started to attract spam
  • Options for flagging spam, bouncing spam, sending spam to a delegated folder or quarantining spam and sending a daily quarantine email
  • In-message control panel
  • Full user-level web access to Message Center
  • Antivirus protection


Any combination of the available options.


IMPACT's Messaging Security includes a range of tools to help email administrators manage the email environment and troubleshoot issues.

LDAP Integration

IMPACT's Messaging Security LDAP exporter can be run on any LDAP server to synchronize the configuration of users and domains automatically on the IMPACT's Messaging Security server.

Unified Log

The unified log consolidates information from various sources to simplify the process of diagnosing a potential delivery issue.

History and Reports

The IMPACT's Messaging Security Message Center provides an extensive history system with searchable and sortable pages to identify sharing events or to enforce policies, such as who can use a particular Protective Address or who is part of a community allow list that’s able to send email to a specific address.


“Recipient To” and “Filter Score =, Result =” headers are available to users and solution providers for special email handling.

Open Relay Detection

IMPACT's Messaging Security outbound mail auditing capability enables the system to block mail to and from the same user, which is indicative of an open relay condition.

Graphs and Statistics

The IMPACT's Messaging Security Message Center provides the capability to graph various email statistics over time, such as the volume of mail sent to unknown users, spam, and legitimate outgoing mail.

" IMPACT Technologies is the professional IT team that keeps our business running efficiently and is always a mouse click away. If you think a professional is expensive, you should see what an amateur costs you."

William F.

Protect all you've worked for.

I'm Ready to Make IT Happen!