They add an extra layer of security to your emails.
To protect your email inboxes
from fake senders and dangerous attachments.
Security options that are activated on request:
to receive emails only from senders who have passed authentication checks
to remove all potentially harmful attachments from emails
This is useful when you only want to receive messages from verified senders.
All emails that do not pass the checks are deleted or bounced.
You need to make sure that the sender’s email address has not been spoofed.
This control can be done putting together SPF and DKIM authentication.
SPF confirms the sender’s address and its relationship with the server that sent out the message.
DKIM ensures that email messages (including attachments) are not modified
after they have been “signed” during sending.
In theory it’s that easy, in practice both SPF and DKIM can refer
to a different domain than the sender’s email address.
We check that SPF authentication and DKIM signature are related to the domain in the from address.
In this way no other than the original sender can authenticate the email. This guarantees its origin.
The “remove dangerous attachments” option blocks all potentially harmful attachments
except some safe extensions as pdf, txt, gif, jpg and png.
The recipient receives the message without the attachment.
A warning is added to the beginning of the content, like this:
WARNING: This email violated Your Company's email security policy and
has been modified. For more information, contact your IT Administrator.
An attachment named "example.zip" was removed from this document as it
constituted a security hazard. If you require this document, please contact
the sender and arrange an alternate means of receiving it.There is an interesting case study published on the Internet, which ends with this sentence:
“For us, attachment filtering has been very successful”
– web.mit.edu/net-security/Camp/2004/presentations/reillyb-mit2004.ppt (PowerPoint presentation)