Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

CASE combines content analysis, email reputation, and web reputation to deliver 
the broadest set of threat prevention factors.

Cisco designed IronPort Anti-Spam from the ground up to detect the broadest 
range of email threats. IronPort Anti-Spam addresses a full range of known threats 
including spam, phishing and zombie attacks, as well as hard-to-detect low 
volume, short-lived email threats such as “419” scams. In addition, IronPort 
Anti-Spam identifies new and evolving blended threats such as spam attacks 
distributing malicious content through a download URL or an executable. 

To identify these threats, IronPort Anti-Spam uses the industry's most complete 
approach to threat detection, examining the full context of a message-its content, 
methods of message construction, the reputation of the sender, and the reputation 
of web sites advertised in the message and more. Only IronPort Anti-Spam 
combines the power of email and web reputation data, leveraging the full power 
of the world's largest email and web traffic monitoring network — SenderBase — 
to detect new attacks as soon as they begin.

If your Cisco IronPort appliance is set to receive mail from a local MX/MTA, you 
must identify upstream hosts that may mask the sender’s IP address. See 

 for more information.

IronPort Anti-Spam and IronPort Outbreak Filters are powered by Cisco 
IronPort’s patent-pending Context Adaptive Scanning Engine (CASE) ™. CASE 
provides breakthrough accuracy and performance by analyzing over 100,000 
message attributes across four dimensions:

Email reputation — who is sending you this message?

Message content — what content is included in this message?

Message structure — how was this message constructed?

Web reputation — where does the call to action take you?