Anti-Spam in more detail ...

Standard Anti-Spam Controls

Firstly NetPilot uses Spam Assessment. With this counter measure, emails are scanned against a pre-loaded set of over 926 Spam characteristics and allocated a score based on the likelihood of it being Spam. If the email rates more than 5.0 on this grading scheme, it is flagged up as Spam. Spam Assessment can delete the offending message before it arrives at the desktop and send a message to the sender to inform them the message has not been delivered.

Secondly NetPilot can optionally uses SpamCop as a global unit wide defense against Spam- predominately running checks on incoming email against databases of known spammers. This offers the network manager a very easy to deploy Anti-Spam measure with proven 99% success rates. SpamCop checking needs to be enabled if you wish to use this feature. The impact on finding a match in the SpamCop database is for the email's spam score to be incremented by 3 points, and then passed to Spam Assessment for further scanning. These two stages of scanning need to exceed the threshold for deletion or quarantine action to occur (e.g. needs to score over 5.0 as default). Scoring 3.0 from a positive SpamCop entry is not enough (at default 5.0 threshold levels) to result in email selection.

With both these options there is no requirement to necessarily modify any aspect of the client PC operation. However, the ranked message can be passed on to the inbox where the user can establish a separate folder for suspect emails. This allows the user to enter this folder at his leisure and briefly scan the message titles before deleting. Spam Assessment offers high levels of success against Spam, but does require some email client configuration if you wish to use the system's full flexibility.

Bayesian filtering is a mathematical approach that, unlike many other anti-spam technologies, adapts over time and takes the changing strategies of spammers into account. It therefore offers moving goal posts which obviously make it far harder for the spammers. Central to Bayesian filtering is the principle that the likelihood of events happening in the future can be inferred by analyzing past events. Spam emails are therefore likely to be made up of similar elements, while valid emails (sometimes referred to as 'ham') will have their own determining characteristics. Bayes classifiers learn as they go, updating both the rules and the scores so that when a new evasion trick comes along, the message may still have enough other bad features that the filter will recognize it as spam and if so, the system will learn the new trick automatically. If it should happen that the message is sufficiently different from any previous spam that it gets through, it is up to the recipient to tell the system that it made a mistake.

After the Bayesian filter has been given a period of time to analyze a company's incoming and outbound mail it makes a tailored Bayesian word databases for both spam and valid mail for your individual organisation's email traffic profile. By comparing incoming email and known spam, all words and tokens can be given a probability value as to whether an individual word is an indicator that the email is spam or non-spam (ham), again adding to the overall score created by the combination of the other Anti-Spam tools and the Bayesian self learning filter.

Additional Email Policy Anti-Spam Controls

The Email Policy functionality is a licensed component for all current NetPilot.

It provides the Administrator with great flexibility to control emails in defined ways, depending on attributes of the email including the sender and recipient of the email.

The Email Policy system can also work in conjunction with other UTM services which deal with email - in particular Anti-Virus scanning and Anti-Spam. When either of these two services discovers an incoming (or outgoing) email which is deemed to be infected with a virus or is spam, they can quarantine the email, which is where the Email Policy system can take over. Additional rules and controls used by the Administrator can then be initiated. The Email Policy can also be actively employed as a second tier of checks. For example after (or even before) an incoming mail has been checked for the usual spam characteristics you could to decide that any email coming from a known source - say your customers - would always be treated as ham (good) messages, regardless of the content. In this fashion you are creating what is know as a whitelist. The exact opposite could also be set up, say any emails coming to your staff from your competitors could always be deleted (blacklisted) regardless of the content being deemed spam or whether it caries a virus or not!