BDH Technology's advanced SPAM/Virus filtering is a complete Email Security platform for any size organization. It provides a single solution to protect against inbound attacks. The inbound filtering engine, blocks spam and malware before it can clog your network and affect users. Highly effective email security - a robust, bi-directional, highly accurate antispam and antimalware solution, to detect the most sophisticated targeted attacks. The Technology behind the service has won 20 consecutive VBSpam Platinum awards for recognition of some of the highest catch rates and lowest false positive rates in the industry.
BDH Technology can provide this service both to customers who wish to have e-mail hosting completely by BDH Technology as well as customers that wish to maintain their own on-premise/in-office e-mail server. It is compatible with any type of on-premise e-mail server including, but not limited to, Microsoft Exchange, Postfix, Exim, Dovecot, sendmail and qmail.
| Domain Name System
Blacklist (DNSBL) scanning
|The first element is a DNS Black List (DNSBL) which is a “living” list of known spam origins. To achieve up-to-date real-time identification, the Antispam service uses globally
distributed spam probes that receive over one million spam messages per day. The Antispam service uses multiple layers of identification processes to produce an up-to-date list
of spam origins. To further enhance the service and streamline performance, the Antispam service continuously retests each of the “known” identities in the list to determine the
state of the origin (active or inactive). If a known spam origin has been decommissioned, the
Antispam service removes the origin from the list, thus providing customers with
both accuracy and performance.
| Spam URI Realtime Block
Lists (SURBL scanning)
|The second element is in-depth email screening based on a Uniform Resource Identifier (URI) contained in the message body - commonly known as Spam URI Realtime Block Lists. To detect spam based on the message body URIs (usually web sites), BDH Technology uses Antispam SURBL technology. Complementing the DNSBL component, which blocks messages
based on spam origin, SURBL technology blocks messages that have spam hosts mentioned in
message bodies. By scanning the message body, SURBL is able to determine if the message is a known spam message regardless of origin. This augments the DNSBL technology by
detecting spam messages from a spam source that may be dynamic, or a spam source that is
yet unknown to the DNSBL service. The combination of both technologies provides a superior managed service with higher detection rates than traditional DNSBLs or SURBLs alone.
|Antispam Spam Checksum
|The third element is the Antispam Spam Checksum Blocklist (SHASH) feature.
Using SHASH, a hash of an email is sent to the Antispam server
which compares the hash to hashes of known spam messages stored in the Antispam database. If the hash results match, the email is flagged as spam.
|Forged IP scanning
||Forged IP scanning converts the message sender's IP address to a canonical
host name and compare the IP addresses returned from a reverse
DNS lookup of the host name to the client's IP address. If the client's
IP address is not found, the email message is treated as
| Greylist scanning
||Greylist scanning temporarily delays an e-mail server the first time they connect for 1 minute. Greylisting blocks spam based on the behavior of the sending server, rather than the
content of the messages. When receiving an email from an unknown server, the server will be temporarily rejected. If the mail is legitimate, the originating server will try to send
it again later (RFC 2821), at which time the email message will be accepted. Spammers will typically
abandon further delivery attempts in order to maximize spam throughput.
| Deep header scanning
||The Deep headers scan performs
extensive inspection of message headers. Deep header scanning involves two separate checks.
First black IP checking examines the Received:message header. Then
any URIs or IPs are extracted from the header and passed to the Antispam
service, DNSBL, or SURBL servers for spam checking. Secondly, header analysis examines the entire message header for spam characteristics.
If the message header inspection indicates that the email message is spam, it is treated as such.
| Heuristic scanning
||Heuristic scanning uses rules to calculate a score for each email message. Each rule has an individual score that is used to calculate the total score for an email. If the maximum threshold is exceeded the email message is treated as spam.
| Bayesian scanning
||Bayesian scans analyze the words (or “tokens”) in an message header and message body of an
email to determine the probability that it is spam. For every token the probability that the email is spam based is calculated based on the percentage of times that the word has
previously been associated with spam or non-spam email. This is similar to heuristic scanning, however Bayesian scanning is trained per domain as well as per user.
| Image spam scanning
||Image spam scanning analyzes the
contents of GIF, JPG, and PNG graphics to determine if the email is spam. If the email message
contains a spam image, the email is treated as spam.
Image spam scanning is useful when, for example, the message body of an email
contains graphics but no text, and text-based antispam scans are therefore unable to determine
whether or not an email is spam.
| PDF scanning
||PDF spam scanning analyzes the
contents of PDF files to determine if the email is spam. The first page of attached PDF documents are passed to the Heuristic scanner and image spam scanner to evaluate its contents. PDF spam scanning is useful when spammers may attach a PDF file to an otherwise empty message to get
their email messages past spam safeguards. The PDF file contains the
spam information. Since the message body contains no text, antispam
scanners cannot determine if the message is spam.
| Black/white lists
||Also available are domain and user based black and white lists to block or allow email by
sender. Email addresses from messages that are released for a user's quarantine are automatically whitelisted for that user.
| Sender reputation
||BDH Technology tracks SMTP client behavior to limit deliveries of those clients sending
excessive spam messages, infected email, or messages to invalid recipients. Should clients
continue delivering these types of messages, their connection attempts are temporarily or
||Although news letters and other marketing campaigns are not spam,
some users may find them annoying and may consider them to be spam.
| Banned word scanning
||Banned word scanning can be customized per domain to consider
email messages as spam if the subject line and/or message body contain a prohibited word.
When a banned word is found, the email message is treated as spam.
| Whitelist word scanning
||Whitelist word scanning can be customized per domain to consider email messages whose subject line and/or message body contain a whitelisted word to be
indisputably not spam. Whitelisted words will cause the message to never be treated as spam.