Logo

A division of Busted Networks Ltd

home services networking products support contacts hdr-butn-fill.gif (965 bytes)

CALL 01243 553251

home>products>Red_Earth>Policy Patrol SPAM Filter

Datasheet

Manual

Quick Start

Policy Patrol SPAM Filter

Anti spam for Exchange and Lotus Domino

Policy Patrol Spam Filter works with Exchange and Lotus Domino and uses a multi-layered anti-spam approach to effectively detect spam messages, analyzing headers, content and third party lists. Spam messages can be forwarded to a junk mail folder, quarantined or deleted and can include a header or tag. Quarantined mails can be viewed from the program or via the web. Policy Patrol includes an advanced challenge/response system and allows users to update white lists and black lists via public folders and mailboxes.

Version 4 now includes many new features including Sender Policy Framework, public folder management, move to junk mail folder and improved anti-spam challenge/response. What else is new in version 4?

By blocking unwanted mails, Policy Patrol Spam Filter for Exchange and Lotus Domino reduces network traffic, saves bandwidth and improves employee productivity. Policy Patrol ships with a default configuration that will start blocking spam within seconds after installation. Policy Patrol is used by companies such as USA.net, Nissan, Daewoo, Targus, Canadian Pacific Railway, Lotto, Fujitsu Services (Central Government customer) and many more.

 

Anti-spam techniques

Policy Patrol uses a multi-layered approach to block and filter spam messages, utilizing a combination of different anti-spam techniques:


Bayesian filtering
Real-time black lists (RBL)
Spam URL Realtime Block Lists (SURBL)
Header checking
Keyword filtering
Block IP addresses
Check language character sets
White lists and black lists
Challenge & response
Address verification
Sender Policy Framework (SPF)
 


Spam message management

Policy Patrol can reject, delete, quarantine, redirect and add a tag to spam messages. In addition it can forward the message to the user's junk mail folder:

Quarantine, delete, add tag or header
Forward to user's junk mail folder
Exchange Server 2003 anti-spam integration
Monitoring
Anti spam reports
POP3 Downloader
Regular anti-spam updates
Remote management
System requirements
 


Bayesian filtering
Policy Patrol uses Bayesian filtering to statistically analyze email content in order to determine whether the message is legitimate or spam. By comparing the contents of an email message with words in a legitimate and spam database, Policy Patrol calculates the probability that a message is spam. Policy Patrol includes automatic email learning to keep the filters up to date.



Real-time black lists (RBL)
By using real-time black lists Policy Patrol can stop spam from even entering your mail server, thus saving the bandwidth for downloading the messages. However, you can also decide to accept the messages and quarantine, add a tag or header, or delete the mails in Policy Patrol (with the possibility to undelete). Each list can be handled differently by Policy Patrol, for instance you can reject all messages from known spammers lists, but quarantine messages from an open relay list (these lists are more likely to contain false positives since some genuine customers might not be aware that their mail server is being used for relaying).



Spam URL Realtime Block Lists (SURBL)
As opposed to RBL lists that include sender IP addresses and domains, SURBL lists are used to check URLs contained in the body of email messages. Even if spammers try to bypass existing heuristic and Bayesian filters by replacing text with images or including minimal text, they will still need to include a URL to be contacted on. Therefore checking the URLs against a list of known spam domains provides an important additional layer of protection and can be successful where other filtering methods fail. SURBL lists require zero administration, are constantly updated and fine-tuned and most of them are free to use. SURBL Lists also provide specific protection against the growing problem of phishing since they include domains of known phishing sources.



Header checking
Policy Patrol analyzes message headers for spam characteristics using a sophisticated weighting system. Each spam characteristic is given a score according to the certainty with which it indicates spam. When the total score reaches the message threshold, the message is considered as spam. New spam characteristics are automatically added when they become available (see regular anti-spam updates).



Keyword filtering
Policy Patrol offers sophisticated keyword filtering using case sensitivity and word scores, allowing you to combine word scores found in the subject and body of a message to trigger a rule. Furthermore Policy Patrol includes word pattern matching enabling the program to find variations of words with one single regular expression. The product ships with sample anti-spam filters with frequently used spam words and phrases (including regular expressions) which can be used to block unwanted messages. Since Policy Patrol removes all HTML tags before checking the email text, the product is capable of successfully stopping spammers who try to circumvent spam filters by placing HTML comment tags within the text. Policy Patrol can also be configured to specifically check the HTML code, which can be useful for checking links and/or scripts.



Block IP addresses
Policy Patrol can be configured to block certain IP addresses or IP address ranges known to be spam senders.



Check language character sets
Policy Patrol can block mails that use certain character sets, for instance Chinese or Korean character sets.



White lists and black lists
Policy Patrol allows you to create your own white lists and black lists and can also automatically add email addresses to these lists. This allows you to for instance create a white list for all email addresses that your users send messages to. Addresses can also be added from selected quarantined items, allowing you to for instance add the sender of a quarantined newsletter to a white list in order to let the message through next time. It is also possible to create a public folder where users can drag and drop spam or legitimate messages to. Policy Patrol will update the white/black lists and Bayesian databases accordingly.



Challenge & response
Policy Patrol includes an advanced anti-spam challenge/response system, allowing you to configure when a challenge/response request should be sent. For instance if the sender is not in a white list, or only if there is reason to suspect spam. The sender will be able to verify the message through a website, upon which the message will automatically be delivered.



Address verification
Policy Patrol is one of the few products that can stop NDR spam attacks. An NDR (Non Delivery Report) spam attack is when a spammer sends a large number of mails to a fake email address at your company with the intended spam victim as the sender. The result is that your mail server will send a non-deliverable report to the sender, i.e. the spam victim, with the original spam message attached.

Policy Patrol can prevent this by performing recipient verification. If the recipient is not found in the Active Directory/Exchange 5.5 or Lotus Domino directory, the message is rejected (i.e. not downloaded), therefore saving bandwidth. Legitimate emails that have been mistakenly addressed will still generate an NDR, however this NDR will not be sent by your mail server but by the sender's own mail server.



Sender Policy Framework (SPF)
The Sender Policy Framework (SPF) allows you to verify whether the sender is actually who they say they are. This means that by using SPF, Policy Patrol can block spoofed emails and thwart phishing attempts.

 

Quarantine, delete, add tag or header
Policy Patrol can reject (i.e. not download messages that are listed on real-time black lists or do not have valid recipients), quarantine (i.e. place spam messages on hold on the server), delay, delete, add a custom header, or add a tag to the subject of spam messages.



Forward to user's junk mail folder
If you have Exchange 2000, Exchange 2003 or Exchange 5.5, Policy Patrol can automatically forward spam to the individual user's junk mail folder. If you do not have Exchange Server you can configure Policy Patrol to add a header to spam messages and set up a rule in Outlook that places these messages in a 'Spam' folder for the user to review. Policy Patrol can also forward spam messages to a public folder.



Exchange Server 2003 anti-spam integration
Policy Patrol can apply a Spam Confidence Level (SCL) to a message, allowing Outlook 2003 to place messages with a certain SCL Level in a separate “spam” folder. This feature requires Exchange Server 2003 or Windows Small Business Server 2003.



Monitoring
Spam messages on hold can be monitored from the Policy Patrol Administration console (locally and remotely) or from a web browser (Policy Patrol Web Manager). For every message, Policy Patrol displays an anti-spam report that shows the results of each anti-spam check performed (including words and their score if appropriate). This allows you to adjust your filters and conditions accordingly. By setting user permissions, administrators can allow certain users to perform actions for selected folders, such as viewing, deleting or delivering messages.



Anti spam reports
Policy Patrol includes several anti-spam reports providing an overview of the number of spam messages received, the top spam domains, spam senders and spam receivers, DNSBL and SURBL lists results and much more. Anti-spam reports can be auto generated and emailed.



POP3 Downloader
Policy Patrol includes a POP3 downloader that allows you to download POP3 emails and forward these to Exchange Server. Policy Patrol will also check these emails for spam.



Regular anti-spam updates
Policy Patrol includes a default configuration that stops spam right out of the box. Regular anti-spam updates are made available to maintenance holders.



Remote management
Policy Patrol can be configured remotely by installing the Policy Patrol Administration console on a remote machine and connecting to the Policy Patrol installation. If you have more than one installation of Policy Patrol, you can administer all installations from the same Administration console.



System requirements
To use Policy Patrol you require the following:

Windows 2000 Professional or (Advanced) Server, Windows XP Professional or Windows Server 2003.
Microsoft Exchange Server 2003, Exchange Server 2000 or Exchange Server 5.5 (or Windows Small Business Server), Lotus Domino or other mail server.
Microsoft .NET Framework 1.1 (if you do not have this installed the Policy Patrol installation will download this for you).
 

Evaluation

Download a 30 day evaluation version of Policy Patrol Enterprise and try it for yourself. Works with Exchange Server or Lotus Domino Server.

Evaluation download

 

 

Registered as Busted Networks Limited in England and Wales as Company Number 3745185
Registered office Busted Networks Limited, The Victoria, 25 St. Pancras, Chichester, West Sussex, PO19 7LT
VAT registration number 787 5689 46

(c) InfoShop 2000-2013