Spam Management
Accurately detecting spam every day
13 lines of defense. Since spammers are a crafty lot, and one man's spam can be another man's ham, Total Traffic Control employs a
variety of techniques to accurately detect and block spam at your location.
Integration with TTC Content Filter database
Total Traffic Control's content filtering database is queried to apply your Internet access rules. If an email's header or message body includes a
domain or IP address that is in the content filtering database's Spam category or any other blocked category, the email is blocked.
Currently 91 percent of the e-mail traffic attempting to enter our e-mail servers is caught and categorized as spam by Lightspeed. We also tracked our overblocked mail and typically run at an average of between 0.1 percent and 0.2 percent overblocked. We have also noticed that since Lightspeed's spam filter provides virus scanning of incoming e mails that our exchange servers very rarely see any infected messages reaching their antivirus scanners.
Johnathon Foth
Network Systems Engineer, Bakersfield City School District
Realtime blackhole list (RBL) server lookups
RBL Servers house databases of known spam sources. These databases include open mail relay servers, which allow spammers to send mail messages through
them even though neither the spammer/sender nor the recipient is a local user of the mail server.
You can specify RBL servers such as Spamhaus and SpamCop to query for known spammers. Lightspeed Systems also operates an RBL server for this purpose.
Your product is doing a great job for us, we are blocking nearly 90% of incoming mail as legitimate SPAM.
Todd R. Curry
Technology/Curriculum Coordinator
Whitelists
You may maintain an organization-wide "whitelist" — the list of email senders who are always welcome even though their server or content may be
recognized as spam. Often these are organizations that send you legitimate, solicited newsletters, offers, or customer correspondence that you don't want
misinterpreted as spam.
Your locally defined whitelists determine which IP addresses, domains, senders, recipients, or subjects are always allowed. Wildcard characters are
supported (e.g., *.gov).
Blacklists
Email matching any of the criteria in your blacklist will always be blocked. Your organization's blacklist can include IP addresses, domains, sender/receiver
email addresses, or subjects known to be sources of spam. Adding senders to your black list is easy, and wildcard characters are supported for each type of entry.
Greylisting
A simple method of defending electronic mail users against spam. In short, a mail transfer agent which uses greylisting will "temporarily reject" any email
from a sender it does not recognize. If the mail is legitimate, the originating server will try again to send it later, at which time the destination will
accept it. If the mail is from a spammer, it will probably not be retried.
Adult subject-line scanning
Because there are some subject lines that just shouldn't show up in a staff member's inbox, subject lines are scanned for adult keywords and phrases. These
keywords are contained in a modifiable text file.
Attachment virus scanning
Attachments are scanned by Total Traffic Control's virus-scanning engine and then by your existing antivirus software. Attachments are also scanned for any
dangerous extensions.
Body virus scanning
The body of the message is also scanned for virus signatures.
End-user whitelists
To relieve the administrative burden of individual spam tolerances, end users can automatically whitelist everyone they send email. They can also receive an
email that summarizes all the spam mail that was blocked the previous day. This way they can fine tune spam detection for their individual inboxes.
User-defined spam patterns for zero-hour attacks
You may define spam patterns to have up to four conditions including any combination of sender, recipient, subject line, body text, attachment name, external
IP address, and more. This is especially useful for zero-hour attacks launched via email.
Bayesian statistical analysis
Lightspeed analyzes thousands of emails a day, sampling them to produce an up-to-date pattern file of words and phrases. TTC retrieves these spam-pattern
files or "tokens" daily. Each new email message is then compared for its similarity to spam or ham.
Learn more about Bayesian statistical analysis
This has been a wonderful tool to combat SPAM, viruses and pop-ups. My users go to conferences and when talk turns to the junk and nasty things other
people are getting, my users just smile and say they do not get any. It more than justifies the decision I made to go with Lightspeed Systems.
Don Wical
Technology Consultant
Local learning
To minimize over- and under-blocking for your organization, the words and phrases that are unique to your location are automatically merged into the spam pattern
file. That means your spam blocker gets smarter and smarter every day.
User managed spam summary
Messages that are blocked by TTC can have three outcomes. First, they are bounced back to the sender with a message explaining why the email was blocked. Legitimate
senders can then resolve the issue by contacting the intended recipient. They may also be added to the organization or individual's whitelist.
Second, spam messages are archived in a SQL database for a period of time you determine.
Third, end users can review their individual spam summary reports via a daily email or a password-protected web site. In either case they can forward and/or
whitelist email that was identified as spam.