eScan BlogeScan Blog    eScan WebsiteeScan Website    eScan ForumeScan Forum    eScan FeedseScan Feeds     
    
Languages:     

From eScan Wiki

Jump to: navigation, search
Image:escan-g.jpg
· eScan  · MailScan  · Technologies   · Technical Info  · Security Awareness  · User Guides
Domain & IP Reputation Check Technology

Contents


Overview

Individuals and organizations often use e-mail as their mode of correspondence. However, of late, most people have started complaining about their inboxes being flooded with unsolicited bulk e-mails or spam e-mails. Spam e-mails often contain links to malicious Web sites, such as phishing Web sites and may contain virus and other malware.

It is therefore imperative for users to determine whether the e-mail that they have received is authentic and from a trusted source. The reputation of the sender depends on criteria, such as the number of invalid e-mail addresses to which the sender is sending mails, the number of spam complaints made about the sender, and the IP address of the sender. This concept is called IP-based sender reputation and it is used to determine the reputation of an IP address based on what it has sent out in the past.

This approach has its own share of disadvantages. If an organization uses a marketing service for marketing its products, it may share its IP reputation with other organizations that use the same service provider. So, if one of the organizations is involved in spamming, all other organizations will have the same IP reputation. Moreover, if an organization changes its IP address, its IP reputation will depend on the reputation of the new IP. But, if the organization uses an actual domain name instead of an IP address, its reputation will be independent of the computer or location. This concept is called domain-based sender reputation.

However, most organizations use both IP-based and domain-based sender reputation. Therefore, eScan uses the DIRC technology to block spam e-mails.

Description

How DIRC Works?

eScan’s DIRC technology verifies the credibility of Web domains by tracking suspicious activities happening on their Web pages. ISPs usually follow authentication standards such as Sender Policy Framework (SPF), Sender ID, and DomainKeys and Domain Key Identified Mail (DKIM). DIRC also verifies the integrity of the IP addresses by comparing them with a list of known e-mail senders (Real-time Blacklist Servers [RBL servers] and Auto-Spam Whitelist) and by using a dynamic service that assesses the reputation of e-mail senders on a real-time basis. If the e-mail fails to conform to any one of the criteria, DIRC tags it as [SPAM] and takes the appropriate action on it.


Benefits of DIRC

The following are some of the benefits of the DIRC technology:

  1. It frees the reputation of the organization from the being dependent on only the IP address of the underlying computer or only the domain.
  2. It prevents spam mails from reaching the inbox of the user.


Summary

In this chapter, you learnt about the DIRC technology and how eScan uses it to block spam e-mails.


Return to Technologies




eScan Copyright © 2015 MicroWorld Technologies Inc.- AntiVirus & Content Security.       Send your feedback to solutions@escanav.com eScan Wiki

    Privacy policy  About eScan Wiki  Disclaimers   This page has been accessed 13,629 times.