Kaspersky Lab kaspersky mail gateway 5.5 Mode D'Emploi
36
Kaspersky
®
Mail Gateway 5.5
During all those stages, the message analysis is performed according to the
degree of filtering intensity defined in the application configuration file
(SpamDetection option in the [smtpgw.antispam] section).
The following filtering intensity degrees are available:
degree of filtering intensity defined in the application configuration file
(SpamDetection option in the [smtpgw.antispam] section).
The following filtering intensity degrees are available:
• Spam Detection Soft (SpamDetection=soft).
• Spam Detection Standard (SpamDetection=standard).
• Spam Detection Hard (SpamDetection=hard).
• Spam Detection Standard (SpamDetection=standard).
• Spam Detection Hard (SpamDetection=hard).
These degrees differ regarding the strictness of spam evaluation (the soft
degree will identify as spam fewer messages than the hard degree).
4.3.1. Message header analysis
During this stage, the application searches for formal spam signs, i.e. suspicious
headers and combinations thereof. The application uses a number of special
rules for analysis. E.g., the following situations are considered suspicious:
headers and combinations thereof. The application uses a number of special
rules for analysis. E.g., the following situations are considered suspicious:
• There are multiple spaces in the end of the Subject header and then a
meaningless combination of characters follows, e.g., 'TVIWEGEQO'.
• The message lacks the To or From header.
• Invalid addresses in the To or From headers and presence therein of
• Invalid addresses in the To or From headers and presence therein of
suspicious addresses containing combinations of numbers and letters,
e.g., 167nk46s76@yahoo.com;
e.g., 167nk46s76@yahoo.com;
• An empty X-Mailer header;
• Asian encodings used in the message.
• Asian encodings used in the message.
This is not a complete list of rules used during analysis of message headers. The
list of rules applied during the current stage is determined by the specified
degree of filtration intensity.
list of rules applied during the current stage is determined by the specified
degree of filtration intensity.
4.3.2. Analysis of message content
Message analysis employs the algorithms of content filtering: the application
uses artificial intelligence technologies to analyze the actual message content
(including the Subject header), and its attachments (attached files) in the
following formats:
uses artificial intelligence technologies to analyze the actual message content
(including the Subject header), and its attachments (attached files) in the
following formats:
• plain text (ASCII, not multibyte)
• HTML (2.0, 3.0, 3.2, 4.x, XHTML 1.0)
• Microsoft Word (versions 6.0, 95/97/2000/XP)
• RTF.
• HTML (2.0, 3.0, 3.2, 4.x, XHTML 1.0)
• Microsoft Word (versions 6.0, 95/97/2000/XP)
• RTF.