SpamSnub uses technology that KNOWS whether a message is spam, and doesn’t use formulas, AI, or algorithms to formulate an educated GUESS if a message is spam because GUESSING causes false positives.  
 

Most customers have relatively few requirements:

  • A solution must catch most spam, while generating few, if any, false positives
  • Spam messages should be deleted or quarantined at the perimeter, before getting to the production mail server, in order to conserve bandwidth and e-mail server resources and stop malicious code that some spam creates.
  • The anti-spam solution can’t slow down e-mail noticeably – e-mail queues cannot backup with messages.
  • The solution must not consume end-user or administrator time for maintenance and updates.
Highlights:
  
  There are other system requirements (platform support, installation ease, quarantine review, etc.), but the four above are cited by almost every customer.

  
  The SecureNode Guarantee: SecureNode exceeds these requirements. The technology is the first to guarantee 95+% spam catch rate, while at the same time have less than a 1 in 100,000 false positive rate for each month, or the customer uses the software free for that month.

GUESS Technology: It is no doubt desirable, from a vendor’s perspective, to write a program just once using a formula or algorithm to determine if a message is spam. This avoids the ongoing effort of updating and maintaining the filter. This approach has high  number of false positives, often in excess of 1%.

Indeed, many competitors have taken this approach and their solutions can catch a lot of spam. Unfortunately, spammers are very good at disguising their messages to look like the regular mail customers want to receive. For GUESS solutions to catch a lot of spam and not generate false positives they have to take a “firm stand on the fence” approach. They place a lot of good mail in a “maybe this is spam” folder. Unfortunately the user or administrator is left with the task of sorting through it to make the final decision, with little or no help.

Bottom Line: Customers need their anti-spam solution to KNOW whether a message is spam, to stop getting fooled by new spammer tricks, and to stop GUESSING whether a message is spam and getting it wrong 1-3% of the time. Just think what that false positive rate is for a typical business user: one a day or more. If that false positive is from an important customer, vendor or business colleague, and it goes undetected the results could be disastrous.

Technology used by SpamSnub: SpamSnub uses two new approaches for defending against spam attacks: the Bullet Signature Database that enables the detection of spammers and the messages they send; and the STAR Engine, used to neutralize spammer tricks.

The Bullet Signature Database: Bullet Signatures are small, targeted, and lethal spam signatures handcrafted by human editors. Bullet signatures are constantly updated to maintain effectiveness and accuracy. From a high level, here’s how they work:

The STAR Engine: The STAR engine (Spammer Tricks Analysis and Response engine) looks for spammer tricks such as falsified information in the headers and other places in the message and other unique identifying characteristics of spam.

What tricks are neutralized? Spammers now know that they have to do specific things to get around certain filters. They have quite an arsenal of tricks to try to get their messages read. Here are a few:

The STAR Engine
Spammer Tricks Defeated by the STAR Engine
Hash Busting:
Random insertion of characters or words used to defeat signature based filters		 Snow-Flaking:
An effort to make all HTML e-mail unique – like a snowflake – it inserts invisible characters or HTML comments into messages

Embedded Content:
Usually an HTML message that displays content pulled from a web page based on an embedded URL in the message. Gets by most spam filters.		 Foreign Language:
Most filters only work in their native language so most foreign language
spam gets through.
 HTML E-Mail:
Often used by spammers to display graphics and increase response rate. HTML e-mail is difficult for many filters to scan.

Remember, spammers select their tricks to get around specific types of filters. For example, if SpamAssassin has a rule that looks for the word SEX in the subject line, a spammer might spell it $EX or $$EX or S_E_ X or $ E X – you get the idea. A SpamAssassin administrator would have to be very dedicated to find and create rules for all the variations of words spammers use today. The following chart illustrates what tricks a spammer might use to get around certain types of filters.

Spammer Tricks
SpamSnub
Ordinary Signatures (Checksums or Hash Values)
Linguistic Formulas (SpamAssassin, etc.)
Bayesian
RBLs
Hash Busting
Not Vulnerable
Vulnerable
 
 
 
Snow-Flaking
Not Vulnerable
Vulnerable
 
 
 

Misspelling

Not Vulnerable
 
Vulnerable
Vulnerable

IP Hopping

Not Vulnerable
   
Vulnerable
   
Vulnerable

Embedded Content

Not Vulnerable
    
Vulnerable
Vulnerable
 

Foreign Lang. Spam

Not Vulnerable
    
Vulnerable
Vulnerable
 

HTML Spam

Not Vulnerable
Vulnerable
Vulnerable
Vulnerable
 
 
     
 
Call 408-634-0756 for more info or Send email - info@securenode.com
 
 
 
 
 
 
 
 
 
     
  For Corporate, Government or Group discounts or to find out more about our All-Inclusive Travel+Training packages please click here or contact a Training Advisor @ 408-634-0756  
     
 
 
 
 
 
 
 
 
 
Voice: 408-634-0756
© 2002-2003 Securenode Inc., All rights reserved  (Best viewed with 1024 x 768 Resolution.)