Email gateways are the first defense against phishing, malware delivery, and business email compromise. Testing evaluates: malware detection (do malicious attachments get through?), URL filtering (are malicious links blocked or rewritten?), SPF/DKIM/DMARC enforcement, impersonation detection, attachment sandboxing effectiveness, and whether the gateway can detect advanced techniques like QR code phishing, HTML smuggling, and encrypted archive delivery.
Technical
Email Gateway Security Assessment: Testing Your First Line of Defence Against Phishing สำหรับองค์กรไทย
Email gateways filter malicious emails before they reach users. Testing whether your gateway catches real-world attack techniques. Guidance for TH market.