Datasheet
Manual
Quick Start
|
Policy Patrol SPAM Filter
Anti spam for Exchange and Lotus
Domino
Policy Patrol Spam Filter works with
Exchange and Lotus Domino and uses a multi-layered anti-spam approach to
effectively detect spam messages, analyzing headers, content and third
party lists. Spam messages can be forwarded to a junk mail folder,
quarantined or deleted and can include a header or tag. Quarantined
mails can be viewed from the program or via the web. Policy Patrol
includes an advanced challenge/response system and allows users to
update white lists and black lists via public folders and mailboxes.
Version 4 now includes many new features including Sender Policy
Framework, public folder management, move to junk mail folder and
improved anti-spam challenge/response. What else is new in version 4?
By blocking unwanted mails, Policy Patrol Spam Filter for Exchange and
Lotus Domino reduces network traffic, saves bandwidth and improves
employee productivity. Policy Patrol ships with a default configuration
that will start blocking spam within seconds after installation. Policy
Patrol is used by companies such as USA.net, Nissan, Daewoo, Targus,
Canadian Pacific Railway, Lotto, Fujitsu Services (Central Government
customer) and many more.
Anti-spam techniques
Policy Patrol uses a multi-layered
approach to block and filter spam messages, utilizing a combination of
different anti-spam techniques:
Bayesian filtering
Real-time black lists (RBL)
Spam URL Realtime Block Lists (SURBL)
Header checking
Keyword filtering
Block IP addresses
Check language character sets
White lists and black lists
Challenge & response
Address verification
Sender Policy Framework (SPF)
Spam message management
Policy Patrol can reject, delete,
quarantine, redirect and add a tag to spam messages. In addition it can
forward the message to the user's junk mail folder:
Quarantine, delete,
add tag or header
Forward to user's junk mail folder
Exchange Server 2003 anti-spam integration
Monitoring
Anti spam reports
POP3 Downloader
Regular anti-spam updates
Remote management
System requirements
Bayesian filtering
Policy Patrol uses Bayesian filtering to statistically analyze email
content in order to determine whether the message is legitimate or spam.
By comparing the contents of an email message with words in a legitimate
and spam database, Policy Patrol calculates the probability that a
message is spam. Policy Patrol includes automatic email learning to keep
the filters up to date.
Real-time black lists (RBL)
By using real-time black lists Policy Patrol can stop spam from even
entering your mail server, thus saving the bandwidth for downloading the
messages. However, you can also decide to accept the messages and
quarantine, add a tag or header, or delete the mails in Policy Patrol
(with the possibility to undelete). Each list can be handled differently
by Policy Patrol, for instance you can reject all messages from known
spammers lists, but quarantine messages from an open relay list (these
lists are more likely to contain false positives since some genuine
customers might not be aware that their mail server is being used for
relaying).
Spam URL Realtime Block Lists (SURBL)
As opposed to RBL lists that include sender IP addresses and
domains, SURBL lists are used to check URLs contained in the body of
email messages. Even if spammers try to bypass existing heuristic and
Bayesian filters by replacing text with images or including minimal
text, they will still need to include a URL to be contacted on.
Therefore checking the URLs against a list of known spam domains
provides an important additional layer of protection and can be
successful where other filtering methods fail. SURBL lists require zero
administration, are constantly updated and fine-tuned and most of them
are free to use. SURBL Lists also provide specific protection against
the growing problem of phishing since they include domains of known
phishing sources.
Header checking
Policy Patrol analyzes message headers for spam characteristics
using a sophisticated weighting system. Each spam characteristic is
given a score according to the certainty with which it indicates spam.
When the total score reaches the message threshold, the message is
considered as spam. New spam characteristics are automatically added
when they become available (see regular anti-spam updates).
Keyword filtering
Policy Patrol offers sophisticated keyword filtering using case
sensitivity and word scores, allowing you to combine word scores found
in the subject and body of a message to trigger a rule. Furthermore
Policy Patrol includes word pattern matching enabling the program to
find variations of words with one single regular expression. The product
ships with sample anti-spam filters with frequently used spam words and
phrases (including regular expressions) which can be used to block
unwanted messages. Since Policy Patrol removes all HTML tags before
checking the email text, the product is capable of successfully stopping
spammers who try to circumvent spam filters by placing HTML comment tags
within the text. Policy Patrol can also be configured to specifically
check the HTML code, which can be useful for checking links and/or
scripts.
Block IP addresses
Policy Patrol can be configured to block certain IP addresses or
IP address ranges known to be spam senders.
Check language character sets
Policy Patrol can block mails that use certain character sets,
for instance Chinese or Korean character sets.
White lists and black lists
Policy Patrol allows you to create your own white lists and
black lists and can also automatically add email addresses to these
lists. This allows you to for instance create a white list for all email
addresses that your users send messages to. Addresses can also be added
from selected quarantined items, allowing you to for instance add the
sender of a quarantined newsletter to a white list in order to let the
message through next time. It is also possible to create a public folder
where users can drag and drop spam or legitimate messages to. Policy
Patrol will update the white/black lists and Bayesian databases
accordingly.
Challenge & response
Policy Patrol includes an advanced anti-spam challenge/response
system, allowing you to configure when a challenge/response request
should be sent. For instance if the sender is not in a white list, or
only if there is reason to suspect spam. The sender will be able to
verify the message through a website, upon which the message will
automatically be delivered.
Address verification
Policy Patrol is one of the few products that can stop NDR spam
attacks. An NDR (Non Delivery Report) spam attack is when a spammer
sends a large number of mails to a fake email address at your company
with the intended spam victim as the sender. The result is that your
mail server will send a non-deliverable report to the sender, i.e. the
spam victim, with the original spam message attached.
Policy Patrol can prevent this by performing recipient verification. If
the recipient is not found in the Active Directory/Exchange 5.5 or Lotus
Domino directory, the message is rejected (i.e. not downloaded),
therefore saving bandwidth. Legitimate emails that have been mistakenly
addressed will still generate an NDR, however this NDR will not be sent
by your mail server but by the sender's own mail server.
Sender Policy Framework (SPF)
The Sender Policy Framework (SPF) allows you to verify whether
the sender is actually who they say they are. This means that by using
SPF, Policy Patrol can block spoofed emails and thwart phishing
attempts.
Quarantine, delete, add tag or header
Policy Patrol can reject (i.e. not download messages that are
listed on real-time black lists or do not have valid recipients),
quarantine (i.e. place spam messages on hold on the server), delay,
delete, add a custom header, or add a tag to the subject of spam
messages.
Forward to user's junk mail folder
If you have Exchange 2000, Exchange 2003 or Exchange 5.5, Policy
Patrol can automatically forward spam to the individual user's junk mail
folder. If you do not have Exchange Server you can configure Policy
Patrol to add a header to spam messages and set up a rule in Outlook
that places these messages in a 'Spam' folder for the user to review.
Policy Patrol can also forward spam messages to a public folder.
Exchange Server 2003 anti-spam integration
Policy Patrol can apply a Spam Confidence Level (SCL) to a
message, allowing Outlook 2003 to place messages with a certain SCL
Level in a separate “spam” folder. This feature requires Exchange Server
2003 or Windows Small Business Server 2003.
Monitoring
Spam messages on hold can be monitored from the Policy Patrol
Administration console (locally and remotely) or from a web browser
(Policy Patrol Web Manager). For every message, Policy Patrol displays
an anti-spam report that shows the results of each anti-spam check
performed (including words and their score if appropriate). This allows
you to adjust your filters and conditions accordingly. By setting user
permissions, administrators can allow certain users to perform actions
for selected folders, such as viewing, deleting or delivering messages.
Anti spam reports
Policy Patrol includes several anti-spam reports providing an
overview of the number of spam messages received, the top spam domains,
spam senders and spam receivers, DNSBL and SURBL lists results and much
more. Anti-spam reports can be auto generated and emailed.
POP3 Downloader
Policy Patrol includes a POP3 downloader that allows you to
download POP3 emails and forward these to Exchange Server. Policy Patrol
will also check these emails for spam.
Regular anti-spam updates
Policy Patrol includes a default configuration that stops spam
right out of the box. Regular anti-spam updates are made available to
maintenance holders.
Remote management
Policy Patrol can be configured remotely by installing the
Policy Patrol Administration console on a remote machine and connecting
to the Policy Patrol installation. If you have more than one
installation of Policy Patrol, you can administer all installations from
the same Administration console.
System requirements
To use Policy Patrol you require the following:
Windows 2000 Professional or (Advanced) Server, Windows XP Professional
or Windows Server 2003.
Microsoft Exchange Server 2003, Exchange Server 2000 or Exchange Server
5.5 (or Windows Small Business Server), Lotus Domino or other mail
server.
Microsoft .NET Framework 1.1 (if you do not have this installed the
Policy Patrol installation will download this for you).
|
|
Evaluation |
|
Download a 30 day
evaluation version of Policy Patrol Enterprise and try it for
yourself. Works with Exchange Server or Lotus Domino Server. |
|
Evaluation download
 |
| |
|
