Home eMail Pay Invoice Contact
Open Net, Inc.
> About Us > Services > Portfolio > TV Ad
Open Net, Inc. Web Design

Spam Identification

[ ]

Anti-SPAM Overview
The email anti-SPAM feature identifies SPAM and prevents it from clogging up an inbox. All mail messages are passed through several layers of filters and tests to assure that maximum SPAM detection is achieved.

What we do:

  • Create a white list, which contains e-mail addresses and domains for which we do not want to perform content filtering.
  • Use connection filtering to compare e-mail messages against configurable DNS black lists to see if they are from IP addresses that are known to send SPAM.
  • Use phrase filtering to configure a phrase list that searches for specific SPAM phrases within the body of e-mail messages.
  • Enable statistical filtering to analyze each e-mail to determine whether the message is SPAM.
  • Enable connection verification checks, which verify the "Mail FROM" address, HELO/EHLO domain information, and perform a reverse DNS lookup on incoming e-mail messages.
  • Enter Trusted IP Addresses and subnet masks for which no SPAM filtering is done.
  • Enable HTML feature filtering, to search messages for HTML code that could be used to disguise SPAM.
  • Create a URL Domain Black List, that searches for domain names that are contained within HREF and IMG SRC HTML tags.
  • Configure delivery rules to trap messages based on SPAM X-Headers that are inserted when an e-mail fails a SPAM test.

Anti-SPAM Processing Order
The following steps indicate the order in which each anti-SPAM component is performed. For information on how these anti-SPAM components integrate into IMail Server mail processing see IMail Server Processing Order.
  1. Trusted IP Addresses. The IP address of an incoming message is compared against the trusted IP address list to see if it matches. If it does match, the message is delivered. If the IP address does not match, the verification checks are performed.
  2. Verification checks. Verification checks are performed to verify the "Mail FROM" address, the HELO/EHLO domain, and to perform a reverse DNS lookup. If a message fails a check, the message is either deleted, or an X-Header is inserted. If a message passes all the checks, connection filtering is performed.
  3. Connection Filtering. IMail Server initiates connection filtering to compare messages against configured DNS black lists. If a message matches a DNS black list, it is processed according to the SPAM action settings on the Connection Filtering tab. If the message does not match a black list, it is compared against the white list.
  4. White List. IMail Server checks to see if the connecting SMTP server's IP address is listed in the white list. If it is, the message is delivered to its intended recipient. If it is not in the white list, the message is passed on to HTML filtering.
  5. HTML Filtering. The message is examined to determine if it contains any HTML code. If it does, it undergoes HTML Feature filtering and URL Domain Black List filtering, if enabled. If they are not enabled, the message is parsed by the HTML parser, and then passed on to phrase filtering. If the message does not contain any HTML components, it is passed on to phrase filtering.
  6. Phrase Filtering. If phrase filtering is enabled, the message is checked to see if it contains any phrases that are in the phrase list. If it does, it is processed according to the settings for phrase filtering. If it doesn't, it is passed on to statistical filtering.
  7. Statistical Filtering. If statistical filtering is enabled, the message is compared against the SPAM and non-SPAM word counts to determine if it is statistically likely to be SPAM. If it is determined to be SPAM, it is processed according to the statistical filtering SPAM action that is specified on the Content Filtering tab. If the message is not SPAM, it is delivered to the intended recipient.

Types of Filters
Phrase Filtering - Phrase filtering searches for common SPAM phrases within the body of an e-mail message and identifies the message as SPAM. Phrase filtering can be enabled/disabled per host, and works independently of statistical filtering. For more information see Phrase Filtering.

Statistical Filtering - Statistical filtering examines each word in the body of an e-mail and evaluates whether the word is a statistical indicator of SPAM. The entire message is then evaluated based on the combined word counts to determine whether it is likely to be SPAM. You can create a host specific exclude list, specify what action to take when a message is identified as SPAM, and specify whether to use the primary host's word counts or create new ones. For more information see Statistical Filtering.

HTML Filtering - HTML filtering examines only the HTML portions of an e-mail message, and is comprised of 3 components: an HTML parser, HTML Feature filtering, and a URL Domain Black List. The HTML parser is part of the anti-SPAM engine that examines the HTML sections of a message. It extracts the text from HTML tags, and passes the text on to the phrase and statistical filters for examination. The HTML Feature filter allows you to specify which HTML tags you want to consider SPAM indicators. The URL Domain Black List searches for domain names that occur in the URL's of HTML messages

Delivery Rules - You can use host and user delivery rules to process messages based on the SPAM X-Headers which are inserted when a message fails a SPAM test. Open Net, Inc. Web Design
100 Blair Court, Williamsburg, Virginia 20155 &
13 Pleasant Street, Westbrook, Maine 04092
© 1997 Open Net, Inc. All rights reserved.