Filter
Top Products
ZyWALL 5/35/70 Series User’s Guide
Chapter 15 Anti-Spam 262
CHAPTER 15
Anti-Spam
This chapter covers how to use the ZyWALL’s anti-spam feature to deal with junk e-mail
(spam).
15.1 Anti-Spam Overview
The ZyWALL’s anti-spam feature identifies unsolicited commercial or junk e-mail (spam).
You can set the ZyWALL to mark or discard spam. The ZyWALL can use an anti-spam
external database to help identify spam. Use the whitelist to identify legitimate e-mail. Use the
blacklist to identify spam e-mail.
15.1.1 Anti-Spam External Database
If an e-mail does not match any of the whitelist or blacklist entries, the ZyWALL calculates a
digest (fingerprint ID) of the e-mail and sends it to the anti-spam external database. The anti-
spam external database checks the digest against (more than a million) known spam patterns.
The anti-spam external database uses the following spam detection engines in checking each
e-mail.
• SpamBulk: This engine identifies e-mail that has been sent in bulk or is similar to e-mail
that is sent in bulk.
• SpamRepute: This engine checks to see if most people want the e-mail.
• SpamContent: This engine checks to see if the message would generally be considered
offensive.
• SpamTricks: This engine checks to see if the e-mail is formatted to be economical for
spammers or to circumvent anti-spam rules.
The anti-spam external database then uses a proprietary Bayesian
1
statistical formula to
combine the results into one score of how likely the e-mail is to be spam and sends it to the
ZyWALL. The possible range for the spam score is 0~100. The closer the score is to 100, the
more likely the e-mail is to be spam. You must subscribe to and activate the anti-spam external
database service in order to use it (see
Section 15.1.7 on page 266 for details).
1. Bayesian analysis interprets probabilities as degrees of belief rather than as proportions,
frequencies and such. Bayesian analysis frequently uses Bayes' theorem, hence the name.