Guard your network against spam with Astaro’s frequently updated intelligent filtering system.

Astaro’s Spam Protection application detects and blocks unsolicited emails. It uses multiple detection methods to pinpoint spam types while minimizing ‘false positives’. It performs a series of tests and assigns a ‘spam score’ to each message indicating the probability that the message is unsolicited. Messages whose score exceeds thresholds set by the administrator are dropped, returned to the sender, passed to the recipient with a warning, or quarantined.

Accurate Identification of Spam

Astaro’s Spam Protection utilizes nine methods to pierce the disguises used by professional spammers:

• Sender Address Verification: Messages are tested to determine if they come from legitimate email addresses.
• Realtime Blackhole Lists (RBLs) and spam databases: Email addresses are checked against databases of known spammers.
• Header Analysis: The header section of emails are checked for false or altered information and addresses with invalid characters.
• Body Analysis (Heuristics): Words and word patterns typical of spam are identified.
• SPF record checking: Rejects emails coming from a false ‘Mail From’ address.
• URL scanning: URLs within emails are checked against a database of known spam URLs.
• Greylisting: Unknown mail servers are asked to resend messages before they are accepted.
• BATV Reverse Path Signing: Blocks emails from being ‘bounced back’ to an email server unless they really originated there.
• Whitelist and Blacklist: The administrator can list email sources known to be legitimate and illegitimate.

Management Control

Administrators can tune spam protection to balance stringent blocking against the risk of missing legitimate messages. Options include:

• Enabling or disabling tests.
• Taking actions based on ‘spam score’ thresholds.
• Specifying that suspect messages should be:
  • Dropped
  • Rejected and error notification returned to the sender
  • Passed through the recipient with a warning message
  • Quarantined for later evaluation and disposition

In addition, a digest of blocked messages can be sent to each user daily. If the user sees an email that was incorrectly blocked, he or she can click on a link and receive the email automatically.

Performance and Simplicity

Astaro’s Content Filtering Framework integrates spam protection with the firewall and virus scanning into a single extensible system. This improves performance and simplifies ongoing management:

• Performing spam testing, virus scanning and packet filtering on the same system eliminates delays vectoring files to separate systems.
• Local whitelists, blacklists and network configurations can be entered just once and shared by all of Astaro’s security applications.
• Reports track statistics on email messages processed, their size and spam score, and the number of viruses found.

Working with the Email Server

Astaro Spam Protection can add headers to email messages so that a recipient email application can take specific actions, such as sending suspicious email messages to a ‘spam’ folder on an email user’s desktop. Information added to email headers can include:

• A spam flag
• The ‘spam score’
• Expression match (flag that the message contains suspicious text)
• RBL warning (flag that the message comes from a domain identified in a Realtime Blackhole List)

• Pricing for this option