You are in: Articles / Security / Antispam / Introduction to Innovative Mail Filtering with AXIGEN
 
 
 

Introduction to Innovative Mail Filtering with AXIGEN

The problem with electronic mail today
Email is not what it was supposed to be. Its inventors have not foreseen the dan¬gers associated with this new form of communication. Means of protection were added later on, but do little to protect people’s mailboxes. As a result, most of the mail traffic these days is unwanted: spam, malware, phishing. How can we use the AXIGEN Mail Server and existing free anti-spam, antivirus and anti-phishing software and technologies so that the result is more than the sum of the parts?

Traditional filtering in AXIGEN
From its very beginnings, AXIGEN has integrated open-source filters such as SpamAssassin and ClamAV and has used the fastest way to process mails through them by interfacing with their daemons directly. But this usage scenario had a major downside: mail messages were scanned in the queue, after having been accepted by the mail server. As a result, “Spam” folders had the tendency to grow indefinitely and waste space in the server storage and backup mediums.

A new approach to email filtering
Starting with version 6.2.2, AXIGEN can integrate with a Milter filter at the SMTP level, enabling scanning of the incoming SMTP connections. The possibility to scan a message before receiving it opens up new perspectives, as it enables us to refuse a message if the content filters strongly indicate that the scanned message is unwanted.

Let’s take a simple example, in which the decision to reject a mail was taken by the Milter filter by evaluating the results of the antivirus scanner. Why would this be a better choice than quarantining, for example, or tagging?

For one thing, we do not accept the message and no further resources are allocated to this mail: processing, storage, backup, double-checks etc. For unwanted traffic, this is a very good thing as it minimizes your problems. However, what happens if, unfortunately, the refused message is a legitimate mail? Let’s compare the three valid choices: quarantining, tagging or refusing the message.
  • Quarantining means that the unwanted mail would end up in a rather large quarantined space. Suppose we only do this for malware as detected by an antivirus content filter: viruses, worms, phishing. Can we alert the receiver for every quarantined mail that was heading to their inbox? Realistically, no, because the malware traffic can reach really high levels. Add to this that almost all of it is spoofed and you risk to get into situations in which innocent people are blamed for spreading malware, when their only fault would be the fact that their address is known by spammers. So, when a mail is quarantined, neither the sender, nor the recipients are usually aware of it. If through some other means one or both of them find out about the missing mail, typically the receiver will have to alert his/her administrator of the mishap in order to gain access to the quarantined mail.

  • Tagging, often applied to spam messages, means the message will usually end up in a sub-folder of the recipient’s mailbox, typically named “Spam”. He/she may or may not check that folder for false positives, but as no filter is perfect, sooner or later some legitimate mail will end up in “Spam”. When that happens, neither the sender, nor the recipient will be aware of it. If through some other means, one or both of them find out about the missing mail, the receiver will usually have to dig through its spam folder to find the legitimate mail. This may be quick if he/she knows the exact coordinates of that mail (sender, date, subject), or may be a daunting task if the “Spam” folder is rather large and the data is very vague (eg. "Should have received a mail from a South American company with some financial info").
To learn more about our innovative, Milter-based filtering, please continue to read this whitepaper by clicking here: Innovative Mail Filtering, or contact us at: sales@axigen.com. We also invite you to sign up to our free, live webinar organized in partnership with the The Radicati Group:


About AXIGEN and Gecad Technologies
Gecad Technologies SA is the vendor of AXIGEN, a professional messaging solution that ensures an efficient and secure worldwide communication environment and business growth for both service providers and companies of all sizes. Our cutting-edge products, based on proprietary architectures such as AXIGEN GrowSecure™, AXIGEN SmartProcessing™ and AXIGEN UltraStorage™, are currently distributed internationally by over 170 partners from 80 countries, managing email traffic for more than 11,000 companies with 6 million end-users. For further details, please visit www.axigen.com

 
 
|
|
Rating: 12345
 
Leave a comment



Note: all fields marked with (*) are required
Comments (0)
 
Close send to email window
 



Verification code

Already a member?
Blacklist monitoring alerts
sign up Signup for our real-time monitoring service and receive email notifications each time one of your IPs gets blacklisted.
Free Signup
Mail Server Operating System Poll
.01

What OS do you use for your email server?
Linux
Windows
Other
disabled next
.02

How many mailboxes do you currently manage?
1-50
51-300
300+
previous next
.03

Would you like to comment upon the choosing of this particular OS?

previous
 
DNS Tools
Get IP status, owner and location, obtain its corresponding hostname or check specific ports.
Ping Statistics
Reverse DNS Lookup
Whois Info (IP owner)
GeoIP Information
Check Port
Open Relay Test
Test if your mail server is an open relay for spammers.
Blacklist Checker
Check if your IP is listed in DNS based email blacklists (DNSBL)