User Guide
CHAPTER 1. KASPERSKY ANTI-
SPAM 3.0
Kaspersky
®
Anti-Spam 3.0 (hereinafter also referred to as Kaspersky Anti-
Spam or the product) is a software suite filtering e-mail in order to protect mail
system users from unsolicited mass mail (spam).
Kaspersky Anti-Spam uses administrator-defined rules to process received
messages accordingly. Namely, it delivers a message without modifications,
blocks it, generates a notification informing that a message could not be
received, adds or modifies message header and performs other actions specified
by the administrator.
The application checks every e-mail message for the presence of signs typical
for unwanted mass mail (spam).
First, it checks various message parameters: the sender's and recipient's
addresses (envelope), message size and its various headers (including From
and To). In addition, Kaspersky Anti-Spam runs the following checks as a part of
its analysis procedure:
• a check of message sender's address (e-mail and / or IP address) using
black and white lists;
• the presence of the sender's IP address in a DNS-based real time black
hole list (DNSBL);
DNSBL (DNS based black hole list) is a database that lists IP
addresses of mail servers used for uncontrolled mass mailing.
Such servers receive mail from anyone and deliver it further to
arbitrary recipients. Using of DNSBL will allow automatic
blocking of mail receipt from that mail server. Various services
use different policies for generation of such lists. Please
examine carefully the policy of each service before you start
using it for mail filtration.
• availability of a DNS record for the sending server (reverse DNS lookup);
• a check of the sender's IP address for compliance with the list of
addresses allowed for a domain based on the Sender Policy Framework
(SPF);
• a check of addresses and links to sites in message text using the Spam
URL Realtime Blocklists (SURBL) service.