Quick Links:
Anti-Spam
A Moving Target
Blocking Spam is a dynamic task. Spam is constantly changing with Spammers testing against existing anti-spam solutions to find a way through the defences. We have seen this over the past year, with Spam being delivered in pictures rather than text. Spammers moved from using clean pictures, to fuzzy pictures and then on to animated pictures. Effectively, a campaign to counter the defences put in place by the security industry. They then moved on to attachment Spam where they put their message into attachments that most people would trust. Initially pdf attachments, then Word documents and onto Excel. The Spammers are well motivated by financial reward and so they will continue to look for new ways and it needs a solution that is constantly changing to counteract the latest ploys that Spammers implement.
Effective Defence
The Network Box anti-spam solution is the most comprehensive and effective gateway anti-spam solution in the market today. It provides 24 anti-spam engines, combining over a dozen different techniques and is backed by a vast database of anti-Spam signatures. It provides true defense-in-depth, in a single managed gateway appliance.
Some of the solutions deployed by Network Box are:
- Co-operative Spam Checksums
This technique involved breaking apart a message, and taking cryptographic checksums of each component of the message. - Signatures and Spam Scoring
Lists of "signatures" which match aspects of spam messages. - White lists and Black lists
A list of words/patterns which make a message "ham" (good email) or "spam". - Heuristics
By examining behaviour, tests can be designed to determine if an e-mail is Spam. - Real-Time IP Blacklists
Lists of gateways known to be either:- known sources of spam,
- known open-relays (allowing third-party relaying of messages)
- known dial-up networks
- Real-Time URL Blacklists
Lists of URLs used by Spammers - URL to IP Mapping and Blacklists
Lists of IP addresses used by Spammers - URL Categorisation
Using the on-board SurfControl database, URLs can be categorised - Domain Age
If a domain is very young this can be an indicator of Spam. - Bayesian Filtering
Statistical (or Bayesian) filters can be used to automatically maintain word/ pattern white lists and blacklists, together with statistical probabilities as to whether the given word/pattern makes the message spam/ham. - Challenge/Response Systems
Network Box can challenge previously unknown senders to check they are not Spammers. - Digital Signatures
This technique is normally used to indicate that an email message is "ham", and is not used to determine spam. - Optical Character Recognition (OCR)
Spams sent as pictures can be interpreted as text and hence detected.
Individually, each of the above techniques are of limited value. However, taken together they form an effective anti-spam system. Network Box deploys these, and other techniques, and weights the results depending on the test. This provides a high degree of accuracy and flexibility.
The Network Box Anti Spam email gateway achieves an industry-record 97.5% detection rate, with almost zero false-positives.
Anti-Spam Configuration
The Network Box email system is extremely configurable. Individual engines can be enabled/disabled based on tests, including:
- Direction of the message (inbound or outbound)
- Whether the message is being filtered (eg; POP3, IMAP4)
- Whether the message is redirectable (eg; SMTP)
- Globally (ie; for everything)
- Based on the content of a message headers
- Based on the proxy handling the message (eg; SMTP, POP3)
- Based on a single recipient of the message
- Based on a recipient being one of the recipients of the message
- Based on the sender of the messages
- Based on the sender IP address
Individual engine parameters can be set to adjust scores and weightings to suit end-user requirements.
Downloads
The following documents provide additional detailed information about the Anti-Spam functionality.
- The Network Box Anti-Spam Solution [1.5MB]
- The Network Box Mail Portal [1.8MB]
- Network Box Email Envelope Pre-Scan [100KB]
View Demo
View the Network Box product demonstration
LP+
Thank you for all your support before, during and after the implementation. The level of support and service received was fantastic. The change over to the Network Box filters was smooth and everything went according to plan.
Sandip Mehta, Chief Technical Architect, LP+ Limited
Network Box urges UK government to focus on cybercrime as Britain climbs the virus charts
28th Jul 10
June saw the UK become the fourth largest producer of spam in the world, and it is now also the fourth largest producer of viruses, according to July threat statistics from managed security company, Network Box.
The number one virus producer remains the US, which has increased production by around one per cent (to 14.6 per cent). But India’s slight increase in production (from 9.2 to 9.5 per cent) was enough to move it to number two in the charts and see Korea drop to third place, with a decline in production of more than three per cent.
View all comment and analysis articles
Receive more news from Network Box
Subscribe to RSS Feed