38
Kaspersky Anti-Spam 3.0
which, being applied, may filter out useful mail with certain known signs of spam.
These signs include:
•
Undisclosed list of recipients in TO –
the presence of an undisclosed
list of recipients in the
TO
header.
•
Digits mixed with letters in TO or FROM headers
. Programs used for
spam distribution frequently use as a sender's or recipient's address
automatically generated addresses containing groups of digits. If mail
server users do not have addresses containing digits, you are advised to
enable the rule.
•
Address with no domain name
. Spammers frequently use incomplete
addresses (omitting the mail domain), while e-mail programs usually
specify a complete e-mail address including domain, for example,
user@domain.com
. You are advised to disable the rule for recipients that
actually allow delivery of messages with incomplete addresses.
•
SUBJECT is longer than 250 symbols
. Programs used for spam
distribution frequently insert into the
Subject
field long (over 250 symbols)
random sequences of characters or words to circumvent mail filters.
Disable the use of this rule, if delivery of such messages is allowed in
your mail system.
•
SUBJECT contains lots of white space or dots
. Programs used for
spam distribution also frequently insert into the message header long
groups of spaces or dots. Disable the use of this rule, if delivery of such
messages is allowed in your mail system.
•
SUBJECT contains DIGIT ID or Timestamp (like 'Time: 14:30:35')
.
Addition of a digit-based identifier or timestamp to message subject is
another method employed by automatic spammer software in an attempt
to bypass antispam filters.
The drop-down list to the right of each rule allows you to activate a rule
(
Enabled
) or deactivate it (
Disabled
).
The application takes the final decision about assignment of a certain status to
a message using multiple various signs. Therefore, enabling or disabling a
separate rule or a group of rules does not mean that processed messages will
be recognized strictly as spam or, on the contrary, they will be allowed by the
filtration server. Configuring the rules helps decrease the probability of errors
during recognition of message type.
You can enable or disable the rules mentioned above for all users in the default
filtration policy or for individual user groups in their respective group policies.