经常有人问这个,刚好看到这个文档不错,记录一下。
Greylisting
Typically, a server that utilizes Greylisting will record the
following three pieces of information (referred to as triplet) for all
incoming e-mail.
- The IP address of the connecting host
- The envelope sender address
- The envelope recipient address
T
he client is checked against the mail
server's internal whitelists (if any) first. Then, if the triplet has
never been seen before, it is greylisted for a period of time (how much
time is dependent on the server configuration). The e-mail is rejected
with a temporary error. The assumption is that since temporary failures
are built into the RFC specifications for e-mail delivery, a legitimate
server will attempt to connect again later on to deliver the e-mail.
Greylisting is effective because many mass e-mail tools utilized by
spammers are not set up to handle temporary failures (or any failures
for that matter) so the Spam is never received.
This feature can reduce e-mail traffic up to 50%. Greylisted e-mails
never reach your mail server and your mail server will stop sending
useless "Non Delivery Reports" to spammers.
Sender Policy Framework (SPF)
Domains use public records (DNS) to direct requests for different
services (web, e-mail, etc.) to the machines that perform those
services. All domains already publish e-mail (MX) records to tell the
world what machines receive e-mail for the domain. SPF works by domains
publishing "reverse MX" records to tell the world what machines send
e-mail for the domain. When receiving a message from a domain, the
recipient can check those records to make sure e-mail is coming from
where it should be coming from.
Bayesian Filter
The Bayesian filter is a statistical filter which relies on the fact
that particular words have different likelihoods of occurring across
different categories. For instance, most e-mail users will seldom see
the word "Viagra" in legitimate e-mail, but will encounter it frequently
in spam e-mail.
Blacklist
Blacklist is an access control mechanism that stands for allow everybody to send an e-mail to the Proxmox Mail Gateway, except members of the blacklist.
Whitelist
Whitelist is an access control mechanism that stands for allow to send an e-mail to the Proxmox Mail Gateway without doing any Spamfiltering.
DNS-based Blackhole List
A DNS-based Blackhole List, or DNSBL, is a means by which an Internet
site may publish a list of IP addresses, in a format which can be
easily queried by computer programs on the Internet. As the name
suggests, the technology is built on top of the Internet DNS or Domain
Name System. DNSBLs are chiefly used to publish lists of addresses
linked to spamming.
Distributed Checksum Clearinghouse (DCC)
The idea of the DCC is that if e-mail recipients could compare the
e-mail they receive, they could recognize unsolicited bulk e-mail. A DCC
server totals reports of checksums of messages from clients and answers
queries about the total counts for checksums of e-mail messages. A DCC
client reports the checksums for a e-mail message to a server and is
told the total number of recipients of e-mail with each checksum. If one
of the totals is high enough the message is unsolicited, the DCC client
can log, discard, or reject the message.
Advanced Header Analysis and Text Searching Rules
E-mail headers are usually hidden, but they are required to deliver
an e-mail to its destination. The system can detect inconsistent headers
that are a feature of many spam e-mails. Around 600 text searching
rules are used to detect phrases and other features common in spam
e-mails.
Spam URI Realtime Blocklists (SURBL)
SURBLs differ from most other RBLs in that they're used to detect
spam based on message body URIs (usually web sites). Unlike most other
RBLs, SURBLs are not used to block spam senders. Instead they allow you
to block messages that have spam hosts which are mentioned in message bodies
.
Autolearning
The system gathers statistical information about spam e-mails. This
information is used by an autolearning algorithm, so the system becomes
smarter over time.
Hashcash
Hashcash is a denial-of-service counter measure tool. Its main
current use is to help hashcash users avoid losing email due to content
based and blacklist based anti-spam systems. A hashcash stamp
constitutes a proof-of-work which takes a parameterizable amount of work
to compute for the sender. The recipient can verify received hashcash
stamps efficiently.
分享到:
相关推荐
【反垃圾邮件技术详解】 随着电子邮件的普及,垃圾邮件已经成为了一大问题,它们不仅占用邮箱空间,消耗用户时间,还可能携带病毒或恶意软件,威胁到用户的信息安全。因此,反垃圾邮件技术的研究和发展变得至关重要...
本文介绍了一些反垃圾邮件的技术,其实,现在很多反垃圾邮件方案所采用的都不会只是一种技术,而是多种多类技术的综合体。垃圾邮件的危害现在已经深入人心,反垃圾邮件也取得越来越多的成绩,比如,Scott Richter向...
反垃圾邮件技术发展分析 反垃圾邮件技术的发展可以分为三个阶段:触发阶段(1993 年——1997 年)、推进阶段(1997 年——1999 年)和发展阶段(1999 年——2002 年)。 在触发阶段,反垃圾邮件技术开始萌芽,出现...
反垃圾邮件技术是网络安全领域的重要组成部分,随着电子邮件的广泛应用,垃圾邮件问题日益严重,成为企业和个人用户的一大困扰。本文将详细解析几种常见的反垃圾邮件技术,以帮助理解如何有效地防止垃圾邮件。 首先...
【反垃圾邮件技术解析】 电子邮件在现代社会中扮演着至关重要的角色,然而,伴随而来的是垃圾邮件的泛滥。垃圾邮件不仅消耗用户的时间和精力,还消耗了大量的网络资源,甚至成为黑客和病毒传播的渠道,每年造成数十...
反垃圾邮件技术是针对互联网上日益严重的垃圾邮件问题而发展起来的一种关键技术,旨在保护用户免受不必要的信息干扰和潜在的安全威胁。贝叶斯算法作为其中一种高效的方法,被广泛应用于邮件过滤系统,以提高识别垃圾...
【基于策略的反垃圾邮件技术--APF】 在IT领域,垃圾邮件已经成为一个严重的网络问题,不仅干扰了正常的通信,还消耗了大量的网络资源。2003年和2004年间,垃圾邮件的手段日益狡猾,如使用特殊字符分割单词、将文字...
【基于策略的反垃圾邮件技术APF】 反垃圾邮件技术是一项重要的网络安全措施,旨在保护电子邮件系统免受未经请求的垃圾邮件的侵扰。APF(Antispam Policy Framework)是一种利用综合策略分析SMTP(Simple Mail ...
一种新型的基于URL过滤的反垃圾邮件技术一种新型的基于URL过滤的反垃圾邮件技术
为了有效地保护用户免受垃圾邮件的骚扰,反垃圾邮件技术应运而生。本文将深入探讨“反垃圾邮件语料库”这一关键资源,以及它在垃圾邮件识别和过滤中的重要作用。 一、垃圾邮件与正常邮件的区别 垃圾邮件,又称为...
在反垃圾邮件技术方面,传统的解决方案可能包括基于规则、统计学习或行为分析的方法。然而,随着垃圾邮件技术的不断演变,这些方法面临挑战。基于云计算的反垃圾邮件系统则可以利用大规模的数据处理能力,实时更新...
1. **启用SmartScreen筛选器**:SmartScreen是Exchange Server 2003内置的一种反垃圾邮件技术,它可以基于邮件发送者的声誉和内容特征来判断邮件是否为垃圾邮件。管理员应确保在Exchange服务器上启用SmartScreen,并...
【反垃圾邮件技术综述】 反垃圾邮件技术是网络安全领域中的一个重要组成部分,旨在保护电子邮件系统免受不受欢迎的、欺诈性的或恶意的邮件攻击。近年来,由于垃圾邮件的泛滥,反垃圾邮件策略已不再局限于单一技术,...
以下是对Exchange反垃圾邮件技术的详细说明: ### 引言 在当今信息化社会,电子邮件已经成为企业内外部沟通的重要工具。然而,垃圾邮件的大量涌入不仅浪费了用户的时间,还可能携带恶意软件或成为网络钓鱼攻击的...
4. 技术与专业产品标准:这部分深入探讨了垃圾邮件的发送技术,例如伪装发送者、大规模发送等,以及反垃圾邮件技术,如基于规则、统计学和机器学习的方法。此外,还提出了评估优秀企业级反垃圾邮件系统的一些关键...