|
Heuristics and Bayesian - SecurityGateway uses a high performance, customized version of the popular open source SpamAssassin™ project for heuristic rules and Bayesian classification. The heuristics component can help identify spam by testing messages against a known set of characteristics common to spam messages. The Bayesian component can identify spam by analyzing a message and then comparing it to a database of message tokens compiled from both spam and non-spam messages provided by you.
DNS Blacklists (DNSBL) - This security feature allows you to specify several DNS blacklisting services (which maintain lists of servers known to relay spam) that will be checked each time someone tries to send a message to one of your domains. If the connecting IP has been blacklisted by any one of those services, the message(s) will be refused, quarantined, or flagged.
URI Blacklists (URIBL) - URI Blacklists are real-time blacklists designed to be used to block or tag spam based on uniform resource identifiers (usually domain names or websites) found within the message body. Also known as URI Blocklists, Spam URI Realtime Blocklists (SURBLs) and the like, URIBLs differ from DNS Blacklists in that they are not used to identify spam based on the content of message headers or on the connecting IP address. Instead, URIBLs block spam based on message content.
Greylisting - Greylisting is a spam-fighting technique that works by informing the sending mail server that a temporary error has occurred and that it must try delivery again later. Because spammers do not typically make further delivery attempts when a message can't be delivered, but legitimate mail servers do, greylisting can help to reduce the amount of spam your users receive.
Message Certification - Message Certification is a process by which a source that you trust vouches for or "certifies" the good email conduct of an authenticated entity associated with a message. Consequently, messages sent from a domain who is vouched for by that source that you trust can be viewed with less suspicion. Thus you can be reasonably assured that the sending domain adheres to a set of good email practices and doesn't send spam or other problematic messages.
Backscatter Protection - "Backscatter" refers to response messages that your users receive to emails that they never sent. This occurs when spam messages or messages sent by viruses contain a "Return-Path" address that is forged. Consequently, when one of these messages is rejected by the recipient's server, or if the recipient has an auto responder associated with his account, the response message will then be directed to your user's forged address. To combat backscatter, SecurityGateway can use a private key hashing method to generate and insert a special time-sensitive code into the "Return-Path" address of your outbound messages. Then, when one of these messages encounters a delivery problem and is bounced back, or when an auto-reply is received with a "mailer-daemon@..." or NULL reverse path, SecurityGateway will see the special code and know that it is a genuine automated reply to a message that was sent by one of your domains. If the message doesn't contain the special code or if the code has expired, it will be logged and can be rejected.
Message Scoring - SecurityGateway calculates a Message Score for each message based on a number of tests it performs while processing the message. Effectively a "spam score," the Message Score is used to determine the likelihood that a message is spam. The options on the Message Scoring page are used to designate the actions that will be taken when a message's score exceeds certain thresholds. You can set thresholds for tagging messages as spam, quarantining them, or rejecting them during the SMTP session.
