Advanced SPAM/Virus Filtering

Handling All of Your Technology Needs Since 2003
Contact us today for more details!

Home » Services » Website Email Hosting » Advanced Spam Virus Filtering

Advanced SPAM/Virus Filtering

BDH Technology's advanced SPAM/Virus filtering is a complete Email Security platform for any size organization.  It provides a single solution to protect against inbound attacks.  The inbound filtering engine, blocks spam and malware before it can clog your network and affect users.  Highly effective email security - a robust, bi-directional, highly accurate antispam and antimalware solution, to detect the most sophisticated targeted attacks. The Technology behind the service has won 20 consecutive VBSpam Platinum awards for recognition of some of the highest catch rates and lowest false positive rates in the industry.

BDH Technology can provide this service both to customers who wish to have e-mail hosting completely by BDH Technology as well as customers that wish to maintain their own on-premise/in-office e-mail server.  It is compatible with any type of on-premise e-mail server including, but not limited to, Microsoft Exchange, Postfix, Exim, Dovecot, sendmail and qmail.

Domain Name System
Blacklist (DNSBL) scanning
The first element is a DNS Black List (DNSBL) which is a “living” list of known spam origins.  To achieve up-to-date real-time identification, the Antispam service uses globally distributed spam probes that receive over one million spam messages per day. The Antispam service uses multiple layers of identification processes to produce an up-to-date list of spam origins. To further enhance the service and streamline performance, the Antispam service continuously retests each of the “known” identities in the list to determine the state of the origin (active or inactive). If a known spam origin has been decommissioned, the Antispam service removes the origin from the list, thus providing customers with both accuracy and performance.
Spam URI Realtime Block
Lists (SURBL scanning)
The second element is in-depth email screening based on a Uniform Resource Identifier (URI) contained in the message body - commonly known as Spam URI Realtime Block Lists.  To detect spam based on the message body URIs (usually web sites), BDH Technology uses Antispam SURBL technology. Complementing the DNSBL component, which blocks messages based on spam origin, SURBL technology blocks messages that have spam hosts mentioned in message bodies. By scanning the message body, SURBL is able to determine if the message is a known spam message regardless of origin. This augments the DNSBL technology by detecting spam messages from a spam source that may be dynamic, or a spam source that is yet unknown to the DNSBL service. The combination of both technologies provides a superior managed service with higher detection rates than traditional DNSBLs or SURBLs alone.
Antispam Spam Checksum
Blocklist (SHASH)
The third element is the Antispam Spam Checksum Blocklist (SHASH) feature. Using SHASH, a hash of an email is sent to the Antispam server which compares the hash to hashes of known spam messages stored in the Antispam database. If the hash results match, the email is flagged as spam.
Forged IP scanning Forged IP scanning converts the message sender's IP address to a canonical host name and compare the IP addresses returned from a reverse DNS lookup of the host name to the client's IP address. If the client's IP address is not found, the email message is treated as spam.
Greylist scanning Greylist scanning temporarily delays an e-mail server the first time they connect for 1 minute.  Greylisting blocks spam based on the behavior of the sending server, rather than the content of the messages. When receiving an email from an unknown server, the server will be temporarily rejected. If the mail is legitimate, the originating server will try to send it again later (RFC 2821), at which time the email message will be accepted. Spammers will typically abandon further delivery attempts in order to maximize spam throughput.
Deep header scanning The Deep headers scan performs extensive inspection of message headers. Deep header scanning involves two separate checks.
First black IP checking examines the Received:message header. Then any URIs or IPs are extracted from the header and passed to the Antispam service, DNSBL, or SURBL servers for spam checking.  Secondly, header analysis examines the entire message header for spam characteristics. If the message header inspection indicates that the email message is spam, it is treated as such.
Heuristic scanning Heuristic scanning uses rules to calculate a score for each email message. Each rule has an individual score that is used to calculate the total score for an email. If the maximum threshold is exceeded the email message is treated as spam.
Bayesian scanning Bayesian scans analyze the words (or “tokens”) in an message header and message body of an email to determine the probability that it is spam. For every token the probability that the email is spam based is calculated based on the percentage of times that the word has previously been associated with spam or non-spam email. This is similar to heuristic scanning, however Bayesian scanning is trained per domain as well as per user.
Image spam scanning Image spam scanning analyzes the contents of GIF, JPG, and PNG graphics to determine if the email is spam. If the email message contains a spam image, the email is treated as spam. Image spam scanning is useful when, for example, the message body of an email contains graphics but no text, and text-based antispam scans are therefore unable to determine whether or not an email is spam.
PDF scanning PDF spam scanning analyzes the contents of PDF files to determine if the email is spam. The first page of attached PDF documents are passed to the Heuristic scanner and image spam scanner to evaluate its contents. PDF spam scanning is useful when spammers may attach a PDF file to an otherwise empty message to get their email messages past spam safeguards. The PDF file contains the spam information. Since the message body contains no text, antispam scanners cannot determine if the message is spam.
Black/white lists Also available are domain and user based black and white lists to block or allow email by sender. Email addresses from messages that are released for a user's quarantine are automatically whitelisted for that user.
Sender reputation BDH Technology tracks SMTP client behavior to limit deliveries of those clients sending excessive spam messages, infected email, or messages to invalid recipients. Should clients continue delivering these types of messages, their connection attempts are temporarily or permanently rejected.
Suspicious newsletter Although news letters and other marketing campaigns are not spam, some users may find them annoying and may consider them to be spam.
Banned word scanning Banned word scanning can be customized per domain to consider email messages as spam if the subject line and/or message body contain a prohibited word. When a banned word is found, the email message is treated as spam.
Whitelist word scanning Whitelist word scanning can be customized per domain to consider email messages whose subject line and/or message body contain a whitelisted word to be indisputably not spam.  Whitelisted words will cause the message to never be treated as spam.

Click here for information on how to use BDH Technology's advanced SPAM/Virus filtering service.


Don't see what you are looking for? Have more questions? We're here to help. Just contact us for a free, no-obligation estimate.