Skytomato's Anti SPAM Technology Print

With the number of SPAM keep on increasing on the Internet, we have enforced the Reverse DNS blacklisting technology on our mail server for spam protection. The Reverse DNS blacklisting enforce the following RBL lists which will automatically discard the incoming mails if it is found listed in either the database. Even with these lists of preferred RBLs, it's entirely possible that some legitimate email may be caught and rejected as spam. Unfortunately, false positives do occasionally happen. However, we do have direct experience with using the below RBLs over the past several years and have them found to currently be most reliable. We delete email from these RBLs on our own shared and reseller mail servers and have very, very few complaints.

 

1. Spamhaus (SBL-XBL)

 

SBL-XBL is a combination of 2 famous spam checking against SBL ( Spamhaus Block List ) and XBL Spamhaus Exploits Block List (XBL).

 

SBL ( Spamhaus Block List ) is a realtime database of IP addresses of verified spam sources (including spammers, spam gangs and spam support services), maintained by the Spamhaus Project team and supplied as a free service to help email administrators better manage incoming email streams.

 

The SBL is queriable in realtime by mail systems thoughout the Internet, allowing email administrators to identify or block incoming connections from IP addresses involved in the sending of Unsolicited Bulk Email.

 

The SBL database is updated 24/7 by a dedicated international Spamhaus team (US, UK, NL, IT, CA, JP, CN) and is broadcast by 32 SBL zone mirror servers based in Australia, Belgium, Canada, Denmark, Germany, Greece, Italy, Japan, Netherlands, South Africa, Sweden, UK and USA.

 

XBL ( Exploits Block List ) is a realtime database of IP addresses of illegal 3rd party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc), worms/viruses with built-in spam engines, and other types of trojan-horse exploits. It incorporates CBL data, OPM data and NJABL proxy data.

 

The XBL wholly incorporates data from three highly-trusted DNSBL sources:

 

• the CBL (Composite Block List) from cbl.abuseat.org
• the BOPM (Blitzed Open Proxy Monitor) from opm.blitzed.org
• the NJABL open proxy IPs list from www.njabl.org.

 

2. SPAMCOP (SCBL)

 

The SpamCop Blocking List (SCBL) lists IP addresses which have transmitted reported email to SpamCop users. SpamCop, service providers and individual users then use the SCBL to block and filter unwanted email. The SCBL is a fast and automatic list of sites sending reported mail, fueled by a number of sources, including automated reports and SpamCop user submissions. The SCBL is time-based, resulting in quick and automatic delisting of these sites when reports stop.

 

3. DSBL

 

The DSBL ( Distributed Sender Blackhole List ) lists contain the IP addresses of servers which have relayed special test messages to listme@listme.dsbl.org; this can happen if the server is an open relay, an open proxy or has another vulnerability that allows anybody to deliver email to anywhere, through that server.

 

The Distributed Sender Blackhole List has three DNSBL lists, one can have entries added by anybody while the other only accepts entries by testers who are trusted by the DSBL staff. We have chose to use the list.dsbl.org from DSBL on our mail server.

 

list.dsbl.org:

 

• single stage open SMTP relays
• open proxies allowing the CONNECT command
• web servers using a non-secure formmail
• Only trusted testers can list hosts in this list

 

4.ORDB ( Open Relay Database)

 

ORDB.org is the Open Relay Database. ORDB.org is a non-profit organisation which stores a IP-addresses of verified open SMTP relays. These relays are, or are likely to be, used as conduits for sending unsolicited bulk email, also known as spam. By accessing this list, system administrators are allowed to choose to accept or deny email exchange with servers at these addresses.

 

In addition to the above RBLs which are applied to all our Windows / Linux shared / reseller hosting packages, the following spam protection is also supported on our mail server depending on the server platform ( Windows / Linux ) you have signed up.

 

5. Bayesian Filtering ( Windows platform )

 

Bayesian filtering is the process of using Bayesian statistical methods to classify documents into categories. Bayesian email filters take advantage of Bayes' theorem. Bayes' theorem, in the context of spam, says that the probability that an email is spam, given that it has certain words in it, is equal to the probability of finding those certain words in spam email, times the probability that any email is spam, divided by the probability of finding those words in any email:

 

 

6. SpamAssassin ( Linux Platform ) :

 

A mail filter, written in Perl, to identify spam using a wide range of heuristic tests on mail headers and body text. SpamAssassin is enabled by default in the server setting and it is not allowed for user end modification due to server resource used.