Anti-spam

Advantages of Dr.Web anti-spam

• The anti-spam doesn’t require configuration or training. Unlike anti-spam solutions based on Bayesian filtering, it starts working as soon as the first message arrives. Therefore, the anti-spam doesn’t require daily training by the system administrator.
• It detects spam messages regardless of their language
• No email receipt delays
• Real-time email filtering
• High-speed filtering with low consumption of system resources
• Can scan objects at any nesting level
• It can choose a processing technology for the target object depending on the message envelope or the blocking objects detected
• Depending on the settings, filtered messages can be placed in a separate mail program folder where they can always be checked to make sure that no false detection has occurred.
• These unique technologies eliminate the need for blacklists. No company will be discredited after it has been deliberately added to such a list
• Stand-alone—requires no constant connection to an external server or access to a database, which saves traffic significantly

Highly effective junk mail filtering is combined with low consumption of system resources. This is the reason why Dr.Web anti-spam is able to operate efficiently on low-end hardware.

After analysing a message, Dr.Web anti-spam may add to it (depending on the settings) the requisite scan-related marks that can be used by users to configure actions in the mail client — for example, the placement of filtered messages in a separate folder.

Spam filtering technologies

The Dr.Web anti-spam analyzes messages using several thousand rules which can be divided into several groups.

Heuristic Analysis

A highly intelligent technology that empirically analyzes all parts of a message: the header, body, and attachments. This makes it possible to detect unknown types of spam. The heuristic analyzer is constantly being improved; new rules are frequently added. This allows the next generation of spam messages to be detected even before a corresponding rule is created.

Counter filtering

Counteraction filtering is one of the Dr.Web anti-spam’s most advanced and efficient technologies. It recognizes the techniques and tricks spammers use to avoid detection.

HTML signature analysis

Messages containing HTML code are compared with HTML patterns from the anti-spam library. Such a comparison, in combination with data on the image sizes typically used by spammers, helps protect users against spam messages featuring HTML code, which often contain online images.

Detection based on the SMTP envelope

The detection of fake SMTP server stamps and other forged elements in email headers is a brand new anti-spam technology. A trusted sender address is not enough; criminals can forge it easily. Sometimes unsolicited messages do not merely convey advertisements. Such emails can contain hoaxes and even threats. Special Dr.Web anti-spam technologies can expose spoofed addresses and block such messages. As a consequence, it doesn't merely save traffic but also protects employees from fraudulent emails that can push them to do unpredictable things.

Semantic analysis

A message’s words and phrases are compared with words and phrases in the spam dictionary. All words, phrases, and symbols are analyzed – both those visible to the human eye and those hidden by spammer tricks.

Anti-scam technologies

Scam emails (as well as pharming messages – a type of scam) are the most dangerous type of spam, the most notorious example being the so-called “Nigerian” scams, loan scams, lottery and casino scams, and false messages from banks and credit organizations. A special module of Dr.Web anti-spam is used to filter scams.

Bounce filtering

Automatic email notifications or bounces are designed to notify a user if a failure occurs while the mail system is in operation (e.g., a message couldn’t be delivered to a specified address). Similar messages can be used by criminals. For example, a worm or ordinary spam can reach a computer as a notification. A special module of Dr.Web anti-spam detects such unwanted messages.