SPAM.R Analysis by reputation

In the event of a bombardment attack, 95% of SPAM is blocked by SPAM G technologies. SPAM R takes over the rest of the flows using the technologies below:

  • SPF (Sender Policy Framework): A technique that uses a DNS field to define which mail servers are allowed to send mail for the domain in question.
  • PTR: Technique for reverse name resolution. In short:
    IP -> domain.com. Legitimate mail servers must have a PTR, and the resolution of this PTR into an IP must allow to fall back on their IP. This mechanism ensures that the sender is the owner of the domain, and that the host knows this.
  • BATV analysis (determines whether the return address specified in a message is valid)
  • List-based controls (Realtime Blackhole List, Local Deny List, RBL Drop List, Reverse DNS Drop List)
  • Greylisting: temporary rejection of e-mail from servers recognised as spammers.
  • Customised White Lists and Black Lists (WhiteList, BlackList)
The colour codes make it easy to identify a type of "threat
Tags