Mailguard - How to block many Business Email Compromise (BEC) / CEO fraud e-mails

Are you receiving unwanted e-mails that are trying to look like they came from a company executive?In most cases these are what is called CEO Fraud e-mails also known as Business Email Compromise (BEC). Our E_domain_FROM_DSPLY rule-set can detect and block these e-mails.

Due to the potential for false positives, the E_domain_FROM_DSPLY rule-set is only enabled upon request. For this to be successful the following must be true:

  1. You are not white-listing your own domain.
  2. You can provide us with a list of valid names and e-mail addresses for those people likely to be the subject of these e-mails.

To enable this rule-set:

  1. Please contact us and request that we enable the E_domain_FROM_DSPLY rule-set for your account.
  2. Please provide us with a .CSV file detailing the accounts you wish to protect. Here is an example of what that file may look like:
    Display Name,Email
    John Smith,
    John Smith,
    Olivia Howell,

We Answer Your Questions: FAQ

Q: What is the maximum e-mail attachment size?

A: The e-mail servers do not limit the size of individual e-mail attachments. The e-mail servers do impose a 400 MB maximum total message size limit. Individual customers can choose a smaller message size limit. We can also customize the handling of "over-sized" e-mails. Please contact us to discuss your specific needs. A couple of important facts:

1. Attachments are typically encoded in what is called Base64[1]. As a result, the actual length of MIME-compliant Base64-encoded binary data is usually about 137% of the original file size.

2. E-mails often contain both plain text and HTML components. This also increases the overall size of the e-mail.