eScan BlogeScan Blog    eScan WebsiteeScan Website    eScan ForumeScan Forum    eScan FeedseScan Feeds     
    
Languages:     

From eScan Wiki

Jump to: navigation, search
Image:escan-g.jpg
· eScan  · MailScan  · Technologies   · Technical Info  · Security Awareness  · User Guides

eScan Version 10 Online Help


Anti-Spam

This section provides the decription and settings of eScan's Anti-Spam for scanning of spam / junk emails.


Contents


Description

Anti-Spam based on the NILP (Non Intrusive Learning Pattern) technology, intelligently filters all your junk and spam emails.


Status in main Protection Center Window

The green colored Tick (√) mark indicates the Anti-Spam is active and running.

The red colored Cross (X) mark indicates the Anti-Spam is inactive and stopped.


Configuration section

Status

  • Anti-Spam Status – This will display the status of the Anti-Spam in Running or Disabled mode.
  • Anti-Phishing Status – This will display the status of Anti-Phishing module is in Enabled or Disabled mode. (For more detail please check in the section B. Spam Filter Configuration Section below).
  • Action – This will display the Action that will be taken on the email considered as Spam i.e. Quarantine/Delete.


Stop / Start buttons – Clicking stop / start button will disable or enable the Anti Spam.
Settings button – To configure the Anti-Spam for email scanning click on the Settings button.


I. Advanced


A. General Options section
  1. Send Original Mail to User (default) - This option when enabled will send the email (though tagged as spam) to the original recipient of the email also. Note: If the email has been tagged as SPAM, the email will be in the SPAM folder of the email client (i.e. Outlook Express). SPAM folder in the mail client is created by eScan.
  2. Do not check content of Replied or Forwarded Mails – This option when enabled will not check contents of email that are either replied or forwarded.
  3. Check Content of Outgoing Mails – This option when enabled will also check outgoing emails for restricted contents.


Buttons
a) Phrases – Clicking on this button, will enable the users to define a list of phrases to be checked in the body of an email and take the necessary actions i.e. either Quarantine / Delete the email.


  • User specified whitelist of words/phrases - This will list the words/phrases defined and whitelisted by the users (Color Code - GREEN).
  • User specified List of Blocked words/phrases - This will list the words/phrases defined and block listed by the users(Color Code - RED).
  • User specified words/phrases disabled - This will list the words/phrases defined but disabled (excluded for scanning) by the users (Color Code - GRAY).


Options on Right Click:
  • Add Phrase: To add a word/phrase, right click and select Add Phrase. Add the word/phrase in the section and select the Action (Quarantine the Mail/Delete the Mail) to be taken on the email if the word/phrase is found in the content of the email.
  • Edit Phrase – select this option to edit/modify the word/phrase or the action to be taken.
  • Enable Phrase – shall enable the listed word/phrase for Content check in the email and the defined action will be taken.
  • Disable Phrase – shall disable the listed word/phrase for Content check in the email and no action will be taken.
  • White List – shall add the listed word/phrase in the White list for Content check. White listed word/phrase will not be checked for Email Content Scanning.
  • Block List – shall add the listed word/phrase in the Block List for content check. Block listed word/phrase will be checked for Email Content Scanning.
  • Find – this will help to search and locate a word / phrase.


B. Spam Filter Configuration Section
  1. Check for Mail Phishing – This option when enabled will check for fraudulent emails and will be quarantined.
  2. Treat Mails with Chinese / Korean character set as SPAM - This option when enabled will scan emails with Chinese / Korean characters. This check is based on our research done on various spam email samples collected world wide, wherein it is observed that spammers do use Chinese / Korean characters in their emails.
  3. Treat Subject with more than 5 whitespaces as SPAM – This option when enabled will check if "spacing" between characters / words in the subject of emails. This is also as per our research and studies on various types of spam emails.
  4. Check content of HTML mails – This option when enabled will scan emails in HTML format along with Text.
  5. Quaranting Advertisement mails – This option when enabled, will check for advertisement types of emails and will be quarantined.


Button
Advanced (Advanced Spam Filtering options) – For advance setting in Spam Filter Configuration click on the Advanced button.
  1. Enable Non Intrusive Learning Pattern (NILP) check – Non Intrusive Learning Pattern (NILP) is an advanced Bayesian Filtering method with the intelligence to analyze each mail according to the Behavioral Patterns of the user and comes with a self learning capability. It is one of the component of the Anti-Spam Module that helps prevent spam emails from reaching the user’s mailbox/inbox.
  2. Enable eMail Header check – This option when enabled, will check the validity of certain generic fields like From id, To id, CC id.
  3. Enable X-Spam Rules check – This option when enabled, will check the contents in the body of the email as per defined in the database of eScan. The database contains a list of words / phrases each assigned a score / threshold. This database will referred and accordingly action on the email will be taken.
  4. Enable Sender Policy Framework (SPF) check – This option when enabled will check the SPF record of the sender domain. (This option, when enabled, requires direct internet connection).
  5. Enable Spam URI Realtime Blacklist (SURBL) check – This option when enabled, will check the URL’s in the message body of an email. If the URL is listed in the SURBL site, the email will be blocked from being downloaded..(This option, when enabled it is recommended to have a direct internet connection).
  6. Enable Realtime Blackhole List (RBL) check – This option when enabled, will check the senders IP address in the RBL sites. If the sender ip address is blacklisted in the RBL site, the email will be blocked from being downloaded.(This option when enabled it is recommended to have a direct internet connection).
  7. RBL Servers - This contains a list of servers / sites which maintains a list of Spammers details and can be changed as per one’s requirement (add / delete).
  8. Auto Spam Whitelist – This contains a list of valid email addresses which can bypass the above Spam filtering options. Thus allowing emails from the whitelisted are allowed to download to the recipient’s inbox.


C. Mail Tagging Options –
  1. Do not change email at all – This option when enabled will not add Spam Tag to the email, identified as Spam
  2. Both subject and body is changed. [Spam] tag is added in Subject. Actual spam content is embedded in Body – This option when enabled will add a Spam Tag in the Subject and the Body of email identified as Spam. This helps to identify the Spam emails.
  3. "X-Mailscan Spam: 1" header line is added. Actual spam content is embedded in Body – This option when enabled will add a Spam Tag in the Body of the email identified as Spam and a header line is added to the email
  4. Only [Spam] tag is added in Subject. Body is left unchanged – This option when enabled will add the Spam Tag only in the Subject of the email identified as Spam.
  5. "X-Mailscan-Spam: 1" header line is added. Body and subject both remain unchanged - This option when enabled will add a header line to the email but no tag is added to the Subject or body of the email.


II. Disclaimer

The disclaimer is a footer or signature that gets added /appended to all emails. The disclaimer can be added in the space provided.
(a) Add Disclaimer to Outgoing emails - This option when enabled adds the disclaimer to all outgoing emails and as a result the recipient is made aware that the email received is scanned and virus free.
(b) Add Disclaimer to Incoming emails - This option when enabled adds the disclaimer to all incoming emails and as a result the recipient is made aware that the email received is scanned and virus free.
(c) Outgoing mails excluded from adding disclaimer – This option is activated /enabled when the option (a) is enabled. Using this option, the disclaimer is restricted from being added /appended to certain or specific email addresses or domains.



Notification Setting button – To configure the eScan Warning Notification Settings on actions taken on the emails click on the Notification button.


  • Virus Alerts section – Selecting the Alert Dialog-box will pop-up an alert window displaying the action taken on a particular email.


  • Warning Mails section – This contains a predefined Notifications which will be sent either to the recipient.
  1. Attachment Removed Warning to Sender – When selected a notification email will be sent to the sender of the email informing about the Attachment removed by eScan attached in the email.
  2. Attachment Removed Warning to Recepient – When selected a notification email will be sent to the recepient of the email informing about the Attachment removed by eScan attached in the email.
  3. Virus Warning to Sender – When selected a notification email will be sent to the sender of the email informing about the virus in the email and the action taken by eScan.
  4. Virus Warning to Recepient – When selected a notification email will be sent to the recepient of the email informing about the virus in the email and the action taken by eScan.
  5. Content Warning to Sender – When selected a notification email will be sent to the Sender of the email informing about the email sent has been considered as SPAM and has been quarantined at the recipient end.
  6. Content Warning to Recepient – When selected a notification email will be sent to the recepeint of the email informing about the email sent has been considered as SPAM and has been quarantined.


  • Delete Mails From User section – If any email from a particular sender or a domain has to be banned or not allowed to be downloaded, can be listed in this section. For eg. xyz@domain.com (for a single sender) or *@domain.com (for an entire domain).


Reports section

Statistics
Total Quarantined Mails – Shows the total number of emails Quarantined.
Total Clear Mails – Shows the total number of clean emails received and delivered.


a. View Quarantined Mails – This displays all the emails that have been quarantined (i.e. marked as spam) by eScan for any of the defined rules /policies in eScan.


Buttons


  • Refresh – Clicking on this button refreshes the View Quarantined Mails Window.
  • Stop – Clicking on this button stops the current process if started - for example – searching for a quarantined email.
  • View – Clicking on this button will open the email and can be viewed.
  • Find – Clicking on this button will search for a specific quarantined email.
  • Delete – Clicking on this button will permanently delete the selected quarantined email.
  • Message Source – Clicking on this button will provide more detail of the quarantined email like the Sender id, Sender IP address, etc…
  • Hide emails – Clicking on this option will hide the quarantined emails.


Other Options –
  • Subfolder Also – Selecting this option will show all the quarantined emails received on the current day including those received on the previous days.
  • Show Attachment (s) – Selecting this option will show the attachment in the list.
  • Open email(s) with MailClient – Selecting this option, the quarantined email can be opened / viewed using the default mail-client, for eg. Outlook Express, Microsoft Outlook. If this option is unchecked, then the email can be viewed using the eScan mail viewer.
  • Show Only Hidden eMails – Selecting this option will only display the hidden emails.
  • Show Only Unhidden eMails - Selecting this option will only display the unhidden emails.
  • Show all eMails – Selecting this option will display all the email including hidden emails.
  • Add Sender’s eMail-ID to White List - This option is accessible when right clicking on a particular email. Clicking on this option will add the email-id of the sender in the eScan white list. When next time the email is received from the whitelisted sender id, will not be quarantined and delivered to the recepient.


b. View Ham Mails - This displays all the emails that have not been quarantined (not marked as spam) by eScan.


Buttons
  • Refresh – Clicking on this button refreshes the View Ham Mails Window.
  • Stop – Clicking on this button stops the current process if started - for example – searching for a Ham email.
  • View – Clicking on this button will open the email and can be viewed.
  • Find – Clicking on this button will search for a specific quarantined email.
  • Delete – Clicking on this button will permanently delete the selected quarantined email.
  • Message Source – Clicking on this button will provide more detail of the quarantined email like the Sender id, Sender IP address, etc…


Other Options –
  • Subfolder Also – Selecting this option will show all the Ham emails received on the current day including those received on the previous days.
  • Show Attachment (s) – Selecting this option will show the attachment in the list.
  • Open email(s) with MailClient – Selecting this option, the Ham email can be opened / viewed using the default mail-client, for eg. Outlook Express, Microsoft Outlook. If this option is unchecked, then the email can be viewed using the eScan mail viewer.
  • Train as Spam - This option is accessible when right clicking on a particular email. Clicking on this option will add the email-id of the sender in the eScan Black list. When next time the email is received from the blacklisted sender id, will be quarantined.


c. View Report – This will display a summary / report of all the emails that has been received (including quarantined and allowed emails).


Glossary

Main Feature Index





eScan Copyright © 2015 MicroWorld Technologies Inc.- AntiVirus & Content Security.       Send your feedback to solutions@escanav.com eScan Wiki

    Privacy policy  About eScan Wiki  Disclaimers   This page has been accessed 54,682 times.