Mechanisms Emergic Cleanmail uses to Block Spam
Scoring Mechanism (Heuristics & Bayesian):- We have over 3000+ rulesets updated constantly to detect the recent outbreak of spam. This is Supported by Bayesian technology which uses artificial intelligence to classify mails as spam. This technique assigns a score to the mail based on the detections made by Heuristics and classifies mails as spam based on the cumulative score.
Realtime Blacklist Filtering :- Several organizations and companies are constantly identifying the mail servers which are actively sending spam. They create “real-time blacklists” (RBL) of the IP addresses of these mail servers which are updated daily, even hourly. We have chosen five of the better known RBLs for selection within the Emergic Cleanmail service. (By default, all are selected.) Our main criteria was to choose RBLs which are least likely to block legitimate email.
Fingerprint Checks (Recurrent pattern detection, DCC):- This technique is used for bulk mail classification. This is based on the concept that at a given point of time the larger the number of copies of an e-mail floating on the Internet, the greater is the probability of it being a spam.
URL Checks:- This system analyses the embedded urls in the mails and checks it against a known database of spammer domains. This technique also identifies phishing scams as well as spam.
DNA Checks (Razor):- Spammers generally modify the spam contents to skip detections. This technique identifies the change and matches the variation with a database of known spam.
Content Filtering :-
• Allows/denies attachments based on filename, providing implementation of any email security policy.Easily used to block attachments which are common ways of disguising viruses, e.g. ReadMe.doc.exe These can be varied for different users.
• HTML-Based Attacks
• Scans for common signs of attack such as and HTML tags. Both have been used many times to exploit vulnerabities in Outlook(&Express) and Internet Explorer.
• Dangerous HTML content can be stripped. Checks and traps added for all known Outlook,Outllok Express,Internet Explorer and Eudora security vulnerabilities
Whitelists and Blacklists :
While our service requires no “tuning” or ” learning”, and is unlikely to block legitimate email, you can ensure that important clients and contacts are never blocked by adding them to your domain-specific Whitelist. This is especially useful if you have a few clients in countries that you mostly want to block.
For example, some of our customers have many contacts in China. They have chosen to add these contacts to their Whitelist and otherwise block all email from China.
You can whitelist by email address, domain name, IP address or content.
To further reduce the chance that mail from legitimate companies is blocked, we maintain a Global Whitelist for all customers. Companies with large customer mailing lists sometimes get blacklisted just due to their volume of email. We add these and other reputable companies to the global white-list. We will gladly consider customer suggestions, which can be submitted from the Control Panel.
The custom Blacklist can be used to, e.g., block someone who is harassing your employees. Or you might want to block recruiters, mailing lists or anyone else that you don’t want contacting your employees. You can blacklist by email address or by IP address.
We prefer that customers not attempt to block any remaining spam themselves (unlike other anti-spam systems). Instead, it should be forwarded to us and our staff will immediately create the most appropriate filter for it.
The “Dictionary Checks” can handle any special needs. For example, if your company makes a product called ” MasterWidget” you can add a Whitelist filter to accept any email that contains “MasterWidget” anywhere within it