E-mail filtering and dealing with Spam
11 December 2014
Spam is email that is unwanted, often sent out in massive quantities, with the aim of either advertising a product or with malicious intent.
Spam can include links to malicious sites or contain malicious attachments. Spammers are constantly inventing new tactics to get the messages around spam filters.
Oscura use a multi-layered approach to scan for malicious files, detect virus, and evaluate senders and content. Messages are then either passed through, tagged with a warning or removed. The tagging approach allows us to warn users about mail that has some spam components, but may still be genuine, while removing messages that are definitely spam.
The sending address of all incoming email is first checked against black lists of well known sources of Spam. Many messages are immediately rejected. Then the email is processed and checked for malicious attachments, which are replaced with a warning, the mail is then checked for matches with general spam rules before being forwarded to a mail server which checks against another list of rules and scans the message for viruses. Our Spam and Virus systems are automatically updated with new rules and Oscura staff also constantly update the rules when new spam is received.
The tagging system works by matching the message and its content with a set of rules, and adds score onto the message if a rule is met. The rules range from having specific words included in the content or subject or including certain HTML, to messages originating from a specific IP range. Once a message has been matched against all rules, the score is totalled up. A very low score means the message is unlikely to be spam, very high scoring messages are deleted, while those on the lower end are tagged as spam and let through, so as not to potentially delete legitimate mail, while still giving the user a warning.
Bacon (Bacn) is the IT term for legitimate email that looks like spam, or unwanted messages that were signed up for at some point in the past. These messages are often received in the form of newsletters, and are often legitimately signed up for, for instance when a site needs a sign up in exchange for viewing an article. These mails are often unwanted but are not technically spam. If you recognise the sender as an organisation you have dealt with before the best way to stop them coming through is to unsubscribe, there should be a link at the bottom of the mail.
Our systems prevent the vast majority of junk getting through to your mailbox but as always only open attachments from known senders to minimise the risk of malicious content reaching your computer. We also recommend occassionally checking your junk folder for legitimate e-mail that failed Spam checks and was tagged as Spam. For advice on your e-mail filtering please get in touch. You can also check the Oscura Network Status to check on recent e-mail filtering information.