Anti-Spam - How it Works

In order for CIPAFilter to process mail, it needs to be the single primary recipient of e-mail, prior to delivering mail to the mail server. CIPAFilter becomes a SMTP mail relay server for the e-mail domain(s), processes the mail, and delivers the virus scanned, legitimate mail to your mail server.

CIPAFilter's anti-spam system is broken into Two(2) Primary Stages, as well as allowing the user's to take advantage of the ability to unsubscribe to any remaining mail they do not wish to receive. This typically only affects a few users, while most e-mail users will notice a tremendous drop in unwanted junk e-mail, if not having it almost completely eliminated.

Stage 1 - CIPAFilter Grey-Listing

This initial phase is the heart of the Anti-Spam system and is designed to rid most Spam e-mail and attacks the majority of spammers and the way they send Spam. The first time an e-mail message is received from a unique sender (CIPAFilter uses several criteria to determine this), CIPAFilter will generate a temporary unavailable messages, basically pretending to be busy and unable to accept and process the message. This causes the e-mail to be queued on the sending mail server and retried usually within 15-30 minutes. Once the e-mail returns CIPAFilter recognizes the sender based on the same criteria recorded earlier, and passes the message through to the second phase.

This stage does not affect legitimate e-mail servers, as the system is only generating an already built-in busy message that is part of the SMTP protocol - something that other e-mail servers utilize at times as well. It does not cause the e-mail to bounce or get returned to the sending mail server. At times, there might be a few servers that do not queue mail, which is a mis-configuration, and these can be dealt with by simply white-listing the domains. This is not common however.

The goal of the first stage is to prevent the majority of spammers and attack the way they send e-mail, but cleverly utilizing already built-in SMTP functionality. Many spammers cannot get around this system because the methods they use to send spam require them to remain anonymous, find illegitimate ways to send e-mail, and remain incompliant, and so forth.

Stage 2 - CIPAFilter Spam Forwarding

CIPAFilter utilizes a customized version of the open-source software known as "SpamAssassin". SpamAssassin uses many traditional methods of identifying Spam, such as checking RBL-lists, looking for keywords, and is very good at identifying Spam in many ways other competitive products do. CIPAFilter engineers have customized SpamAssassin in order to be more effective at accurately identifying Spam.

When SpamAssassin finds a message to be Spam, it will "TAG" the e-mail headers and subject line with "SPAM: x.x", where x.x is a score. The higher the score the more probably and worse the Spam is. Most all messages tagged as Spam are truly Spam, however, in some cases a legitimate message may get tagged inappropriately for many reasons, but usually with a low score.

Spam Forwarding allows the administrator to have CIPAFilter automatically forward any Spam-tagged e-mail above a certain score to a junk mail account. This eliminates the users from seeing the Spam, but never actually deletes the mail, ensuring that you could look at the junk folder if needed. However, false positives are so uncommon, this is typically never necessary.

The combination of Grey-listing and SpamAssassin and CIPAFilter's heavy modifications and years of experience using this system has created a very effective method of taking care of more Spam while still making sure legitimate messages are not blocked, and decreasing administrative headaches and management.