Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

7 min read

How Paubox's suite of inbound security protects against cyberattacks

How Paubox's suite of inbound security protects against cyberattacks

Paubox's suite of inbound security solutions provides comprehensive protection against a wide range of cyber threats, helping organizations safeguard their sensitive information and maintain the integrity and security of their email communications.


Paubox’s inbound security

Paubox has developed various security solutions to safeguard against cyberattacks, specifically aimed at email security for Paubox email suite Plus and Premium customers. The following is an outline of the inbound protection system:

  • ExecProtect: Patented protection from display name spoofing attacks
  • GeoFencing: Quarantine emails from IP addresses originating from countries of your choice that are sending high volumes of spam or malicious emails
  • DomainAge: Immediately quarantine emails coming from recently registered domain names.
  • Blacklist bot powered by AI: Quickly blacklist malicious email addresses.
  • Malware and virus protection: Every inbound email is run through robust filters for malware and viruses
  • Ransomware protection
  • Google SafeSearch
  • Robust spam filtering

See also


How does Paubox inbound security protect against cyberattacks? 


With ExecProtect, your organization can prevent display name spoofing emails that mimic employees or departments. These fraudulent messages are isolated in a quarantine area before they even have the chance to reach their intended victim within the company - protecting it from potentially damaging security breaches and related expenses.

ExecProtect examines the display name of every incoming email for any matching names or variations that are protected. Upon a match, ExecProtect then verifies if the email address is authorized to send emails. In cases where authorization exists, ExecProtect grants entry to such emails; however, when an unapproved address attempts access even in scenarios with other whitelist rules being enforced, the system will isolate and retain these messages while notifying its administrators via alert functions on the platform.

Learn moreExecProtect: What is it and how does it work?



Paubox implements geofencing as a mechanism for segregating emails based on the countries through which they have passed. The process entails analyzing either the IP addresses of email clients or servers to determine their country of origin. Geographical filtering is beneficial for many customers, particularly those who require HIPAA compliant email services, as it helps reduce unwanted emails while ensuring adherence to strict regulatory standards.

For this feature to work effectively, you can choose which specific countries should be quarantined via the Paubox dashboard; currently, there are a total of 45 available options at your disposal.

Based on Paubox’s 2022 research, the top countries to block for spam are:

  • China
  • Russia
  • Turkey
  • Germany
  • India
  • Netherlands
  • Brazil
  • Mexico

The top countries to block for phishing include:

  • Lithuania
  • Serbia
  • Ukraine
  • Colombia
  • Iran
  • Russia

It must be recognized that the US and Canada are sometimes featured among the top 10 countries responsible for spamming. Due to obvious reasons, alternative methods will have to be employed to handle bothersome emails from these countries effectively.

Go deeper



DomainAge refers to the length of time that a domain name has been registered and active on the internet. It is an important factor in assessing the trustworthiness and reputation of a domain. Organizations can better identify and mitigate potential risks associated with email-based threats and online fraud by considering factors such as registration date, historical data, and authentication status. 

Here is how DomainAge works and why it matters:

  • Registration date: DomainAge is determined by the date when a domain name was first registered. This information is publicly available through domain registration records maintained by domain registrars.
  • Historical data: In addition to the registration date, DomainAge may also take into account historical data related to the domain, such as changes in ownership or administrative details over time.
  • Trustworthiness: Older domains generally have a longer history of legitimate activity and are more likely to be associated with reputable organizations. As a result, they tend to have higher trust scores and are considered more reliable by email security systems and internet users.
  • Fraud detection: DomainAge is often used as a factor in fraud detection and anti-phishing measures. Newly registered domains, especially those created specifically for malicious purposes, are more likely to be associated with spam, phishing scams, or other fraudulent activities.
  • Spam filtering: Email security systems may use DomainAge as a criterion for spam filtering. While not all emails from newly registered domains are malicious, spammers often use newly created domains to evade detection. By applying stricter filtering rules to emails from recently established domains, email providers can reduce the risk of spam and phishing attacks.
  • Authentication: Older domains are more likely to have implemented security measures such as the Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) to authenticate emails. These authentication protocols help verify the legitimacy of email senders and protect against email spoofing and phishing attempts.

Read moreDomainAge: An effective method to combat phishing attacks


Blacklist powered by AI

A "Blacklist Bot powered by AI" is an advanced email security tool that utilizes artificial intelligence (AI) algorithms to automatically identify and block malicious senders, domains, or IP addresses. This bot continuously monitors incoming emails, analyzing various attributes such as sender reputation, content, attachments, and behavioral patterns to detect potential threats. When it identifies suspicious activity indicative of spam, phishing, or malware distribution, it dynamically updates a blacklist to prevent further emails from those sources from reaching recipients' inboxes:

  • Proactive threat detection: Traditional email security solutions often rely on static blacklists or predefined rules to block malicious content. By contrast, an AI-powered Blacklist Bot can detect emerging threats and previously unseen attack patterns in real-time, enabling organizations to stay one step ahead of cybercriminals.
  • Adaptive defense mechanism: AI algorithms powering the Blacklist Bot continuously learn and adapt to new threats, evolving attack techniques, and changes in email behavior. This adaptive approach ensures that the bot remains effective in detecting and blocking increasingly sophisticated email-based threats.
  • Automation and efficiency: Manual management of email blacklists can be time-consuming and resource-intensive for IT teams. By automating the process with AI, organizations can streamline threat detection and response, freeing up valuable time and resources to focus on other security priorities.
  • Reduced risk of email-based attacks: Email remains one of the primary attack vectors for cybercriminals. A Blacklist Bot powered by AI acts as a proactive defense mechanism, significantly reducing the risk of spam, phishing attacks, malware distribution, and other email-based threats infiltrating an organization's network.
  • Enhanced user security and trust: By effectively blocking malicious emails before they reach recipients' inboxes, organizations can protect their users from falling victim to scams, data breaches, and other cyber threats. This helps foster trust among users and strengthens the organization's overall security posture.
  • Compliance and regulatory compliance: Many industries are subject to stringent regulatory requirements governing the protection of sensitive information, such as healthcare (HIPAA), finance (PCI DSS), and privacy (GDPR). Implementing email security measures, including AI-powered threat detection and blacklist management, can help organizations maintain compliance with these regulations.


Malware and virus protection 

Paubox provides malware and virus protection as part of its comprehensive email security suite. Here's how Paubox safeguards against malware and viruses:

  • Real-time scanning: Paubox continuously scans incoming emails in real time for known malware signatures and virus patterns. This proactive approach enables Paubox to detect and block malicious attachments or links before they reach the recipient's inbox, preventing users from inadvertently downloading or accessing harmful content.
  • Advanced threat detection: In addition to signature-based detection, Paubox employs advanced threat detection techniques to identify and neutralize emerging malware threats. Machine learning algorithms and behavioral analysis are utilized to detect anomalies and suspicious patterns indicative of malware activity, even if the malware has not been previously identified.
  • Attachment filtering: Paubox examines email attachments for potential malware or viruses, flagging and quarantining suspicious files before they can pose a threat to the recipient's system. 
  • Link protection: Paubox analyzes embedded links within emails to identify malicious URLs leading to phishing sites, malware downloads, or other malicious destinations. Suspicious links are flagged and either blocked or redirected to a warning page, protecting users from inadvertently visiting harmful websites.
  • Zero-day threat protection: Through continuous monitoring and threat intelligence, Paubox can detect and respond to zero-day threats in real time, minimizing the window of exposure for organizations.
  • Automatic updates: Paubox ensures that its malware and virus protection mechanisms are regularly updated with the latest threat intelligence and security patches. This proactive approach helps safeguard against evolving malware threats and ensures that organizations remain protected against the latest cyber threats.


Ransomware protection

Paubox offers comprehensive ransomware protection as part of its email security suite. It includes: 

  • real-time scanning of incoming emails to detect and block ransomware threats, 
  • advanced threat detection using machine learning and behavioral analysis, 
  • attachment and link filtering to prevent ransomware downloads, and
  • vigilance against zero-day threats. 

Paubox also stresses the importance of data backup and recovery, user education, and awareness to mitigate ransomware risks effectively. 

Go deeperWhat is ransomware and how to protect against it


Google SafeSearch

Google SafeSearch is a feature offered by Google that helps users filter explicit and inappropriate content from their search results. It is designed to provide a safer and more family-friendly browsing experience by blocking access to content such as pornography, violence, and explicit language. Google SafeSearch works by: 

  • Filtering explicit content: SafeSearch employs algorithms to analyze web pages and filter out search results that contain explicit or inappropriate content. This includes images, videos, and text that may be considered unsuitable for certain audiences, such as children or individuals in professional settings.
  • Keyword filtering: SafeSearch uses a database of keywords and phrases associated with explicit content to identify and suppress search results containing such terms. When users perform a search query, SafeSearch compares the query against its database and excludes any results that match the flagged keywords.
  • Site blocking: SafeSearch also allows users to block specific websites or domains from appearing in their search results altogether. This feature gives users more control over their browsing experience and enables them to avoid content from particular sources that they deem inappropriate or irrelevant.
  • Enabling SafeSearch: Users can enable SafeSearch on various Google platforms, including Google Search, Google Images, and Google Videos. SafeSearch settings can be customized at the individual user level or enforced across an entire organization or network, such as in educational institutions or workplaces.
  • Strict vs. moderate filtering: SafeSearch offers two levels of filtering: "strict" and "moderate." The strict mode provides the highest level of filtering, blocking the most explicit content, while the moderate mode allows some explicit content to be displayed in search results. Users can choose the level of filtering that best suits their preferences and needs.

While Google SafeSearch itself may not directly affect email security, its principles of content filtering and promoting safer online experiences align with the broader goal of protecting users from malicious content and threats in both web search and email communication. Organizations can leverage email security solutions alongside SafeSearch and other tools to create a safer digital environment for their users.


Spam filtering

Paubox's comprehensive email security suite includes spam filtering features. Here's how Paubox's spam filtering works to protect organizations against unwanted and potentially malicious emails:

  • Real-time analysis: Paubox can quickly detect and filter out spam before it reaches the recipient's inbox by continuously monitoring email traffic.
  • Machine learning algorithms: Paubox utilizes machine learning algorithms to adaptively identify and classify spam based on various criteria, such as email content, sender reputation, and behavioral patterns. This allows Paubox to effectively detect and block evolving spam threats, including phishing scams and malware distribution campaigns.
  • Customizable filtering rules: Paubox provides administrators with customizable filtering rules and policies to tailor spam detection and handling based on organizational preferences and requirements. 
  • Whitelisting and blacklisting: Paubox allows organizations to maintain whitelists and blacklists of trusted senders and known spammers, respectively. By whitelisting trusted email addresses or domains, organizations ensure that legitimate communications are not mistakenly flagged as spam. Conversely, blacklisting known spammers helps prevent their emails from reaching users' inboxes.
  • Heuristic analysis: Paubox conducts a heuristic analysis of email content and attachments to identify suspicious patterns or characteristics commonly associated with spam.
  • Quarantine management: Paubox provides administrators with tools to manage quarantined spam messages, allowing them to review, release, or delete quarantined emails as needed. This gives administrators greater control over spam filtering and ensures that legitimate messages are not inadvertently blocked.

See alsoPaubox releases new Block/Allow mail filtering



Does Paubox provide inbound security for all of its plans?

Inbound Security is included with Paubox Email Suite Plus and Paubox Email Suite Premium (not Paubox Email Suite Standard). 

Go deeperOverview of Paubox Inbound Security


Can Paubox Email Suite integrate with existing email platforms?

Yes, Paubox Email Suite is compatible with popular email platforms such as Microsoft Exchange, Office 365, Google Workspace, and others, allowing for seamless integration into existing email environments.


What support options are available for Paubox Email Suite users?

Paubox provides comprehensive customer support, including online documentation, knowledge base articles, video tutorials, and email/phone support, to assist users with setup, configuration, and troubleshooting.

See more


Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.