In addition to the SPAMActive service, MAILsweeper for SMTP has many advanced features designed to reduce SPAM:

KEYWORD MANAGEMENT

a) MAILsweeper for SMTP offers Lexical Analysis of words, near words, and phrases allowing you to weigh certain phrases against a pre-defined, customizable set of dictionaries to catch spam phrases and words.  A number of pre-defined dictionaries are delivered with the product, and threshold-weighting (a score given to any word, near word, or phrase) sensitivity is adjustable should false positives be created.  Boolean capabilities (AND, NOT, etc.), Regular Expressions (word or part of a word) and Proximity Searching (word1 NEAR word2) allow specific management of word lists with minimal repetition or false positives.

b) MAILsweeper for SMTP allows you to set up a specific "spam" message quarantine folders to route to. You can also automatically delete spam messages. You can allow messages to flow, detected or undetected and create a report on incident or traffic summary. The possibilities are nearly infinite. MAILsweeper for SMTP allows you to set up different quarantine folders for different domains - so you can report on spam traffic for different organizations or different dictionary groups.

c) MAILsweeper for SMTP has the ability to "recursively disassemble" attachments up to 50 levels deep to look for spam text within files. MAILsweeper for SMTP can also search the body and header for spam phrases - you can set threshold levels differently for all three areas (within files, body, header) if necessary. MAILsweeper for SMTP can also recognize and remove HTML scripts linking email users to "spam" websites.

d) MAILsweeper for SMTP comes with approximately 175 spam words and phrases and the recommended threshold weighting. We have been improving and updating this list since MAILsweeper was developed in 1995 - the most mature product on the market. However, If a new spam phrase is discovered by our "threat lab" an email will be sent to all our customers and partners defining the new phrase (or any threat, including virus') and how to configure MAILsweeper to stop it. This is part of the Annual Support Package. If your organization discovers a "spam phrase" not in the pre defined dictionary - you can add it to your configurable list at any time.

RELAY & SPOOFING: 

MAILsweeper for SMTP uses the following features to block relay and spoof attempts:

a)    Spoof Notifier - detects emails that are likely to have originated from a source other than the apparent sender. Email message headers are analyzed for evidence of spoofing, calculates a spoof index based on the amount of evidence detected and notifies you when a specific threshold is reached.

b)    Anti Relay - There are many ways MAILsweeper for SMTP stops potential relays from occurring. Inherent to its Receiver and Delivery services are the following "anti relay" features;                                

Blacklist DNS look up: This feature forces the smtp gateway to perform IP address to domain name look ups in the DNS when an smtp host attempts to connect to the gateway.

Validate sender address in the DNS: MAILsweeper will check to see if the sender's email address is listed in  the local DNS.

Greeting message: This defines the message issued by the smtp gateway when a connection is confirmed.

Limit number of recipients: Specifies the maximum number of recipient addresses allowed in an email message.

Restrict message size: In megabytes.

Banned addresses: MAILsweeper can be configured to reject messages from specific sites of senders.

Banned Host: MAILsweeper can be used to create a list of host names or an IP address for each host from which no mail will be accepted. If a connecting host that is listed tries to send email to recipients in your local domain MAILsweeper will reject it.

Relay Host: MAILsweeper can be configured to determine which connecting hosts are allowed to relay email messages through MAILsweeper to domains other than your own. This will protect your local domain from use as a third party mail relay.

Relay Target: MAILsweeper can be configured to determine which domains are allowed to relay mail to. This option will allow other organizations, such as subsidiaries to route mail through MAILsweeper.

Limit Maximum Messages Per Connection: The maximum number of messages accepted in a single attempt to connect to the SMTP port.

Limit Maximum Concurrent Connections: The maximum number of concurrent connections to the SMTP port.

Limit Connection Timeout: The interval in seconds that a single connection to the SMTP port remains open. Set this option to protect against denial of service attacks.

Limit Command Timeout The interval between SMTP commands being sent by the SMTP port to Mailsweeper, after which the connection is closed. Set this option to protect against denial of service attacks and to clean up dead connections.

Block unspecified domains in recipient addresses: Prevents Mailsweeper from accepting e-mail messages that contain unspecified domain names in recipient addresses. Set this option to protect against unauthorized e-mail relay.