Filters
» Show this page in 
: I filtri
Every email entering our network from the outside is processed by a series of filters before being distributed to the user. The purpose of these filters is to limit the amount of incoming spam. All the filters operate mainly at the level of the SMTP protocol, based on where is the message coming from or, rarely, on "signatures" found in the message headers or within the mail body.
Main filtering metrics are:
- the "reputation" of the IP or the network the message is coming from, to verify if the email is coming from a netblock known to be a spam source or a dynamic IP network
- the "reputation" of the sender address/domain, to see if the sending entity is known for spamming
- the behaviour during the SMTP transaction: our systems implement various chechs in order to verify that "the other side" of the SMTP connections is a real mailserver and not a spam drone. These checks are based on HELO-strings checks, pipelining violations, greylisting algorithms, etc. This limits with a good success rate spam coming from botnets
- the presence, within the message body, of links pointing to known spam-related sites. This is particularly effective against evasion techniques like fast-flux, but also against phishing and operations that rely heavily on sites owned or abused by spammers
- the presence, within message headers, of "signatures" usually seen in spam messages sent through so-called "spamwares"
Fonte: