Developers: | Kaspersky Lab |
Technology: | Cybersecurity - Antispam |
The software product provides verification of messages according to lists: Kaspersky Anti-Spam checks a source address on DNS-based Blackhole List; filtering on SPF and SURBL: the program it is possible to consider authorization of the user at departure of data on HiTech Sender Policy Framework. Also Kaspersky Anti-Spam is possible to make elimination not of required correspondence on typical signs, the signature analysis (always the updated base of signatures provides recognition of all types of spam), linguistic heuristics (Kaspersky Anti-Spam checks existence of phrases in a body the letter what are typical for not required correspondence). In general it is possible to tell that this software product – the irreplaceable solution for office which in addition to reliable check on spam provides flexible managements in the local and remote mode, providing different manipulations on administration
Kaspersky Anti-Spam is a solution for protection of users of the corporate mail systems and public mail services from the mass not requested correspondence – spam.
Protection against spam
Verification of the message according to lists. The application checks the sender's IP address according to black lists of providers and public organizations (DNSBL – DNS-based Blackhole List). If the address is entered by the administrator in the white list, that message is accepted, passing all analysis stages.
Filtering on SPF and SURBL. In the course of filtering it is possible to be considered authorization of the sender on HiTech SPF (Sender Policy Framework). In addition to the lists of DNSBL revealing the spam IP addresses also the SURBL technology (Spam URI Realtime Block List) distinguishing spam URL in a message body is used.
Analysis of formal signs of the letter. The program eliminates spam on such signs, typical for it, as modification of a source address or lack of its IP address in a domain name system (DNS), unfairly large number of receivers or concealment of their addresses. Besides, the dimension and a format of the message are estimated.
Signature analysis. Use of round the clock updated base of lexical signatures permits to recognize the modified versions of the initial spam letter created for a bypass spam filters.
Linguistic heuristics. The program checks existence and arrangement in the text of the letter of the words and phrases typical for spam. Both the text of the letter, and contents of the attached files is exposed to the analysis.
Graphic signatures. Using base of graphic signatures, the application blocks the spam letters which are also distributed recently what contain information in the form of images, but not in the form of the text.
UDS requests in the present mode. Urgent Detection System permits to obtain data on the last spam mailings in a second then of their detection. This information is used for additional verification of those messages what did not receive unambiguous assessment (spam / ne-spam).
Administration
Flexible management. The web interface permits to operate the application both locally, and far off. The administrator it is possible to configure severity of filtering, white and black lists of senders, to connect/turn off action of rules of filtering, to include blocking of mail with codings of east languages.
Management of user groups. The administrator of a product it is possible to create groups – the address list or using masks of domains (for example, *@???.domain.com) – and to apply to them different settings and rules of filtering.
Options of processing of spam. Depending on settings spam it is possible to be automatically deleted, readdressed in the quarantine folder with the notification to the user or it is marked for further filtering at the level of an e-mail client.
Detailed reports. The administrator it is possible to control operation of application, a status of protection against spam and the status of licenses, using evident HTML-reports or browsing log files. Export of information to the CSV or Excel format is possible.
Updating of bases. Updating of the bases is made according to the schedule set by the administrator (by default each 20 minutes). During the work with suspicious messages the application applies for up-to-date information to the server of UDS updates.