FST Key to Hot FBI Cyber-Terror Issue
Comments by FBI Cyber Crimes Assistant Director Shawn Henry made last October to reporters centered on a noticeable rise in cyber-terrorism and specifically cited "spear phishing" as a rapidly rising threat.
ISR's Forensic Sender Test™ helps UCE control systems combat all types of email identity crimes. Providing FST service in your mail system component or service not only brings tremendous value to your customers, but also affords an opportunity to show initiative on a “hot button” issue.
Contact us to learn more.
The FST Request
Required Parameters
Key - 10-40 Characters
The Key parameter is used to identify your account in our system. We may change it from time to time for security purposes or immediately upon your request. All traffic and volume data is tracked to a Key. If you have multiple devices or edge servers, each MAY be assigned its own key if your organization has a need for separate tracking data.
IP - 7-15 Characters
This is the IPv4 address of the mail client delivering the message into your server.
Senders - 1-16 Occurrences of 5-255 Characters
The Senders parameter must contain at least one email address but may contain up to ten delimited by spaces (%20 in URL encoded text). The "@" is required, but the left-hand-side is optional. ie: sjackson@ingenisys.com and @ingenisys.com are both valid entries. The list may contain duplicates, but only one entry per right-hand-side (aka domain) will be counted as a "hit" in the log statistics. Result lists that correspond to the Senders parameter will contain entries that exactly match the Senders list. ie: The parameter "Senders=sjackson@ingenisys.com steve@ingenisys.com" might produce a result of "MXF=110 110" but will be counted only once in the volume statistics report.
Optional Parameters
Also - Optional, 1-255 Occurrences of 5-255 Characters
The Also parameter is the mechanism by which the FST interface can be extended to include non-FST data maintained by our system. If you would like to off-load laborious tasks onto our network and away from your own mail system, we can create custom extensions to meet your specifications. When Also is included, there may be other option-specific parameters required.
These are only a few samples to make the possibilities of the Also parameter clear:
- whois - The IP WHOIS "owner" for the provided address.
- whois-loc - The city, state/territory, and country information in the IP WHOIS records for the IP address.
- whois-net - The IP WHOIS "netblock" for the IP address.
- ipptr - The DNS PTR of the IP.
- ipptra - The DNS A result of the PTR of the IP.
- rep-subj - The reputation of the email subject (requires Subj parameter).
- rep-dom - The reputation of each domain in the Senders list.
- rep-user - The reputation of each address in the Senders list based on the recipient's sent mail (requires Rcpt parameter AND use of the Egress connector).
- rev-rcpt - The results of an attempt to verify the existence of each address in the Senders parameter.
- rev-smtp - The results of an attempt to find an SMTP server at the IP specified in the request.
- rev-host - The host name of the highest priority mail exchanger for each domain in the Senders list.
- db-0001-sndr - The results of a custom lookup in a customer-supplied database.
(Please note that extensions must be enabled on your Key to be answered.)