About Spam |
About SpamBouncer |
How it Works |
Filter Types |
Delivery Methods |
Block Notifications |
How Does It Work?
The SpamBouncer examines the headers and text of your incoming email to see if it meets one or more of the following conditions:
- Virus. The email contains body text strings which match the SpamBouncer's profile of a particular virus or class of viruses.
- Dangerous Code. The email contains body text strings which indicate that it contains an attached executable file, an active script, or other active content.
- Spam Source. The email originates from an email address, domain, or IP block known to belong to a spammer.
- Spam Haven. The email contains in its message body a web URL, email address, telephone number, or postal address known to belong to a spammer.
- Spam Software. The email was sent using a bulk email program whose only known purpose is to spam.
- Suspicious Headers. The email contains headers which match the SpamBouncer's profile of probable spam.
- Blocklists. The email was sent from an IP address or domain on a supported anti-spam blocklist.
- Pattern Match. The email contains body text strings which match one or more of the SpamBouncer's profiles of common spam content.
For each of these criteria that an email meets, the SpamBouncer assigns a score, or number. It adds up the scores to determine how "spammy" an email is. The SpamBouncer then classifies email that meets its criteria for spam into one of three categories, tags it with an appropriate header, and disposes of it as follows:
- Virus. Email that contains an attachment with known virus strings is classified as a virus, and a header that reads, "X-SBClass: Virus," is appended to it. By default, the SpamBouncer deletes this email because it is dangerous to most users, and false positives are extremely rare.
- Spam. Email that comes from a known spam source or that refers to a known spam haven, or that accumulates a sufficiently high score, is classified as spam, and a header that reads, "X-SBClass: Spam," is appended to it. By default, the SpamBouncer puts this email into a separate folder. You can check this folder for false positives, non-spam email that is mistakenly classified as spam. False positives should be rare to extremely rare in email classified as spam.
- Blocked. Email that accumulates a sufficiently high score to indicate that it is probably spam, but that does not come from a known spam source or contain a known spam haven, is classified as blocked, and a header that reads, "X-SBClass: Blocked," is appended to it. By default, the SpamBouncer puts this email into a separate folder. You can check this folder for false positives, and whitelist any senders whose email was caught in error.
The SpamBouncer is highly configurable. You can set the default scores it uses to determine whether to classify email as spam or as blocked. You can enable or disable all blocklists, and many other filters, that the SpamBouncer uses. You can configure it to deliver email that it classifies as a virus, as spam, or as blocked to any folder you want. You can configure it not to deliver email at all, but to tag email with the appropriate headers and return it to the email delivery stream.
- Simply tag the suspected spam and return it to your main incoming mailbox, allowing you to set up Eudora, Pegasus Mail, or another POP mail program to retrieve and sort your email.
- Tag the suspected spam, delete spam from known spam sources, and file suspicious email in a separate folder, so that you can look through it and retrieve any non-spam email caught in error.
- Notify senders of email tagged as probable spam that their email was intercepted, and give them a password to resend their email and bypass spam filtering if their email was legitimate. (Spammers almost never try to bypass filtering when warned this way -- in most cases, they don't even read replies to their mail.)
- (SB 2.1) Notify ISPs and other interested parties about spam coming from their IPs/networks, spam advertising web sites they host, or spam involving domains they provide services for.
If you get mail from friends who have accounts at a site listed in the SpamBouncer, you can put their names and email addresses in a text file and set the NOBOUNCE variable to point to it. If you want to receive mail from a site listed as a spam source or spam haven, you can add the entire site name to the NOBOUNCE file. The SpamBouncer will check the NOBOUNCE file before filtering your email and will skip any email from a person or site listed in the NOBOUNCE file.
Note: You can put entire domain names, not just email addresses, in the NOBOUNCE file. For example, if you want to accept all email from concentric.net without checking for spam, just put concentric.net in your NOBOUNCE file, with no username@ section. This will cause the SpamBouncer to pass all email from anyone at Concentric on without further filtering. (I do not recommend doing this, however, except for small domains which you know for sure will not be sources of spam.)