General discussion


Spam Filtering - ASSP

By jc2it ·
I recently upgraded our spam filtering software to the newest version. We have been using ASSP in test mode for about two years.

In reading about the upgrade I read about a new feature called "delaying" email. Basically the filter software records a key for each email recieved and if the key has not been verified then it tells the sending server to try again later. Spam will usually fail this, because there is no real sending server to retry the email. Much of the Spam (In our case 65-70%) is not sent from a legitimate email server. So no retry is attempted. If a retry is attempted then regular baysian filter techniques are applied. We have seen a dramatic reduction in spam received by implementing this solution. And Zero false positives do to this "delay" tactic.

The key that the filter saves to see if the sending server is legitimate is made up of three datum. The IP address, the sender's email, and the receiver's email (this is called a tuplet or triplet). So when this sender sends a legitimate email the first time it will be "delayed" then if it passes, it will not be "delayed" again. The endusers are never bothered by this because they never see this interaction between the two email servers. Worst case scenario the incomming email would be delayed the length of the sending email server's retry timer (often set in 15 minute increments).

Try it out you will be impressed with the reduction in Spam, and the hero in IT.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums