Manualshelf

User Guide

ManualsBrandsKaspersky Lab ManualsOtherKASPERSKY ANTI-SPAM 3.0
11121314151617181920
Architecture of Kaspersky Anti-Spam and principles of spam filtering 15
initiation of new filtering processes when there are no available processes
left
monitoring the status of running processes
termination of child processes upon an appropriate signal (e.g., SIGHUP).
If traffic volume is considerable, the number of running filtration processes can
reach several dozens. When the mail server load becomes lower, idle filtering
processes will terminate. Maximum and minimum number of running filtration
processes are defined by the anti-spam engine settings (see Appendix A.3.1 on
page 101).
When the filtering process (ap-mailfilter) starts, it loads the existing filtration
policies and the content filtration databases. As soon as a connection to a client
module is established, the filtering process receives from the module message
headers and body, performs their analysis and returns the results to client
module.
If message sender has to be checked for compliance with the SPF policy, the
filtering process transmits a request to the SPF daemon (ap-spfd), which sends
necessary queries to a DNS server and returns the results to the filtering
process.
The application analyzes messages and applies to them rules defined in the
filtration policies only if there is a valid license key available.
All licensing checks are performed by the licensing module (kas-license) upon a
request from a filtration process.
Having finished processing a message, the filtering process does not terminate.
Instead, it keeps waiting for a new request. A filtering process terminates after it
processes the maximum number of messages specified for a single process (as
a rule, 300) or remains idle for a long time.
The script for automated downloading of updates (sfupdates) runs according
to its schedule (using the cron service) and provides for downloads of the latest
version of the content filtration databases from the update servers, it also builds
the current database version and installs it for further use by the filtration server.
Control Center is a web-based interface, which allows the administrator to
configure the product and spam filtration policies.
Monitoring system controls the status of Kaspersky Anti-Spam components
and notifies system administrator about problems occurring in the operation of
the filtration server and other product components.
Kaspersky Anti-Spam 3.0 processes e-mail traffic using the following algorithm:
1. Client plug-in module integrates with an installed mail server.
2. Mail server transfers to the client module messages for analysis by the
filtration server.