ZyXEL Communications 70 Series User Manual
ZyWALL 5/35/70 Series User’s Guide
267
Chapter 15 Anti-Spam
15.1.1.1 SpamBulk Engine
The e-mail fingerprint ID that the ZyWALL generates and sends to the anti-spam external
database only includes the parts of the e-mail that are the most difficult for spammers (senders
of spam) to change or fake. The anti-spam external database maintains a database of e-mail
fingerprint IDs. The anti-spam external database SpamBulk engine then queries the database
in analyzing later e-mails.
database only includes the parts of the e-mail that are the most difficult for spammers (senders
of spam) to change or fake. The anti-spam external database maintains a database of e-mail
fingerprint IDs. The anti-spam external database SpamBulk engine then queries the database
in analyzing later e-mails.
The SpamBulk Engine also uses Bayesian statistical analysis to detect whether an e-mail is
fundamentally the same as a known spam message in spite of a spammer’s attempt to disguise
it.
fundamentally the same as a known spam message in spite of a spammer’s attempt to disguise
it.
15.1.1.2 SpamRepute Engine
The SpamRepute engine calculates the reputation of the sender (whether or not most people
want to receive the e-mail from this sender).
want to receive the e-mail from this sender).
The SpamRepute engine checks proprietary and third-party databases of known spammer
email addresses, domains and IP addresses. The SpamRepute engine also uses Bayesian
statistical analysis to detect whether an e-mail is sent from a known in spite of a spammer’s
attempt to disguise the sender’s identity. The anti-spam external database combines all of this
data into a SpamRepute Index for calculating the reputation of the sender in order to guard
against foreign language spam, fraud and phishing.
email addresses, domains and IP addresses. The SpamRepute engine also uses Bayesian
statistical analysis to detect whether an e-mail is sent from a known in spite of a spammer’s
attempt to disguise the sender’s identity. The anti-spam external database combines all of this
data into a SpamRepute Index for calculating the reputation of the sender in order to guard
against foreign language spam, fraud and phishing.
15.1.1.3 SpamContent Engine
The SpamContent engine examines the e-mail’s content to decide if it would generally be
considered offensive. The vocabulary design, format and layout are considered as part of
thousands of checks on message attributes that include the following.
considered offensive. The vocabulary design, format and layout are considered as part of
thousands of checks on message attributes that include the following.
• To Field
• Subject Field
• Header Fields
• Email Format, Design, and Layout
• Vocabulary, Word Formatting and Word Patterns
• Foreign Language Detection
• SMTP Envelope Content and Analysis
• Country Trace
• Image Layout Classification
• Hyperlink Analysis and Comparison
• Contact Verification
• Subject Field
• Header Fields
• Email Format, Design, and Layout
• Vocabulary, Word Formatting and Word Patterns
• Foreign Language Detection
• SMTP Envelope Content and Analysis
• Country Trace
• Image Layout Classification
• Hyperlink Analysis and Comparison
• Contact Verification
The SpamContent engine parses words into pieces to detect similar vocabulary even if the
words do not match exactly. The anti-spam external database also performs Bayesian
statistical analysis on the e-mail’s content. The engine uses artificial intelligence technology to
'learn' over time, as spam changes.
words do not match exactly. The anti-spam external database also performs Bayesian
statistical analysis on the e-mail’s content. The engine uses artificial intelligence technology to
'learn' over time, as spam changes.