|
|
1. |
Directory Harvest Attack protection |
|
|
Directory Harvest Attacks abuse the design of the SMTP protocol. When one mail server attempts to deliver a message to another mail server, it first inquires whether the recipient address exists on the target mail server. If it exists, the target mail server sends a confirmation; if not, the server responds with negative answer. Spammers take advantage of this communication by submitting multiple requests with different combinations of first and last names. By harvesting valid responses, spammers get very precise list of valid email addresses suitable for future spamming.
To fight directory harvest attacks, our Server monitors any unusual change in SMTP activity and once this attack is recognized, it applies several defensive techniques such as slowing down responses, cutting off connections and faking responses.
|
|
|
2. |
Spam Repellent |
|
|
Spam Repellent helps fight off spam zombies and viruses by delaying replies during the SMTP handshake.
Since spam mailers and viruses are very impatient when it comes to SMTP communication, they don't wait if the replies from a target mail server are not timely, and simply move on to try another target. By injecting an artificial time delay of a couple of seconds into the SMTP handshake, our system may filter up to 60-70 percent of spam and viruses without ever receiving the messages for analysis.
|
|
|
3. |
SpamAssassin |
|
|
SpamAssassin is a powerful anti-spam engine integrated into Softerprise all-in-one mail server that identifies junk email. Combining several technologies, SpamAssassin ensures that bulk spam email is properly captured and legitimate email is reliably delivered.
- Heuristic engine
Using the heuristic engine in SpamAssassin, each email message is analyzed against multiple anti-spam rules and gives it a numerical rating based on which rules were matched. If the message rating exceeds the spam threshold, the message is marked as spam and then filtered according to the user's wishes.
- Bayesian filter
To further increase the success rate and tailor the spam filter to the individual needs of every company, MailServer allows WebMail users to easily train the Bayesian filter in SpamAssassin for every email message that is miscategorized. The Bayesian filter can also be trained by dragging and dropping email in or out of Server's Junk E-mail folder in any IMAP email client. SpamAssassin then compares incoming messages to spam messages reported by other users, and sees how similar they are to those reported messages.
|
|
|
4. |
Dual filtering policies |
|
|
Dual filtering policies give administrators the ability to tag messages with low spam score as spam and forward them to user's Junk Email Folders, whereas messages with really high spam score can be automatically discarded without ever reaching user's mailbox. Discarding emails with high spam scoring can help save hard drive space and reduce the amount of emails that endusers need to audit.
|
|
|
5. |
SURBL blocking |
|
|
Similar to RBLs, SURBL (Spam URI Realtime Block Lists) will block messages that contains URIs (usually Web sites) in the message body that links to known spam hosts.
|
|
|
6. |
Real time blacklist support |
|
|
Checks sender's IP address for each incoming SMTP connection. If the IP address is in the database of open-relay servers identified as spammers, the incoming email is refused.
|
|
|
7. |
Sender's domain verification |
|
|
Rejects emails when sender's email address is using an invalid or fake domain name.
|
|
|
8. |
Custom filtering by address, subject, content or size |
|
|
Can reject emails from notorious spammers not known to public blacklists. Allows for the creation of a custom blacklist. An efficient measure to fight against empty "From" fields in spam emails.
|
|
|
9. |
SMTP authorization by user name and password |
|
|
Requires users to authenticate before sending email through SMTP.
|
|
|
10. |
SMTP authorization by IP address |
|
|
Limits SMTP relay access to specified range of IP addresses. Relay access is usually allowed for users within local area networks (LAN).
|
|
|
11. |
"Sent email per hour" quota |
|
|
Limits number of emails that one user (IP address) can send within a specific time period. Significantly reduces the risk of mail server abuse if spammer has accidentally acquired trusted user access rights.
|
|
|
12. |
"Concurrent connection" limit |
|
|
Limits number of concurrent SMTP connections made from one IP address (one user). Protects mail server resources by limiting mail load. Prevents the use of specially designed spam programs that create multiple connections to increase the number of emails being sent to SMTP server.
|
|