Xeams uses several types of rules to assign a score to an email. These rules are defined below.
Custom filters |
Custom Filters |
Custom filters are the most powerful and effective filters used in Xeams to detect junk messages. Often spammers use
several tricks to avoid being filtered. These custom filters are specially designed to detect such tricks. We believe that
these custom filters are so effective that leaving just these filters on you can eliminate 90% of all junk messages. |
IP/Domain Based Rules |
RBL |
The word "RBL" stands for Real-Time Blackhole List. It refers to several services on the Internet that keep a
database of IP addresses belonging to known spammers, virus sources and other exploits. Xeams queries these servers to
check if the IP address exists in such a list. |
SPF Check |
The word "SPF" stands for Sender Policy Framework. SPF records are used to prevent email forgery on the Internet. Many companies publish
their SPF data through their DNS server, which includes a list of IP addresses where an email can originate.
Xeams tries to match the SPF record for incoming messages and assigns a score if a mismatch is found. |
DKIM Check |
Sender's domain name is checked for forgery using the DomainKeys Identified Mail (DKIM). |
DMARC |
Incoming emails are checked for DMARC alignment, which is based on sender's domain rather than the IP address. |
Black/White listing |
Administrators can either black list or white list IP addresses in Xeams. A black listed IP address is assigned a positive score, whereas a white list IP address is assigned a negative score. |
Content Filters |
Finger print analysis |
Xeams uses a proprietary method of creating a finger print of every email. This finger print is then compared with
future messages to determine if it is part of a bulk-mail campaign. |
Image analysis |
Embedded images in emails are analyzed for patterns. |
Body and Header |
Xeams utilizes a two-pass approach to analyze the body of every message. It then compares it
with a known list of keywords containing a score. Rules can be specified for the following sections:
- Subject
- Body
- Attachments
- Header
|
Anti-Virus |
There are three types of virus detection in Xeams
- Built-in detector, which checks for obvious signs of an attachment containing a virus
- Integration with CLAMAV - an open source virus protection
- Integration with any other virus detector that works from command line. More info...
|
Adaptive Filters |
Adaptive filters are self-learning filters that gets smarter by analyzing the patterns of
previously sent and received emails. These filters include:
- Bayesian analysis
- Manually
marking messages junk or good
- Sender history tracking
|
Challenge Response |
Challenge response is a mechanism where the system sends a challenge email to the sender to verify if it is a valid message. This type of filter is disabled by default but can be enabled if the users want to use it. |