Rules-based Engine

Each mail is evaluated based on its merit rather than where is originates from. AntispamNow! 2.0 introduces a totally new engine which is:

This engine works by applying thousands of rules against an email. Each rule will contribute to a total score, which will be used to decide whether an email is spam or not.

The rules fall under a number of categories such as heuristics, HTML patterns, semantic analysis, counter-reaction. Counter-reaction rules are very effective since they are designed to detect any techniques used by spammers in the email to defeat first generation antispam software. For example, a common technique used is to obfuscate certain spam-related words. Words such as Viagra might be spelt as V14GR4. Detection of such technique will increase the total score for the email making it likely to be categorized as spam.

Local Spam

The final release of AntispamNow! 2.0 also includes a feature to catch popular Malaysian spam. These spam are mainly advertisements of training programs, office equipments and professional services. They are normally not caught by the primary, rules-based, engine since they appear just like normal mails. However the feedback that we get from our beta-testers, they would like these mails to be filtered. Hence we maintain a small database of local spammers which is automatically updated for our AntispamNow! customers.

We look at providing similar databases to filter local spams for markets in this region including Singapore, Thailand, Korea, Japan and China.

Bounce-backs (SMTP delivery notification alerts)

In AntispamNow! 2.0, we also incorporate an option for administrators to block bounce-back emails. In the past bounce-back emails were very useful to inform the users whether the mails that they sent successfully reached the recipient. In the event of a failure, the sender would get a bounce-back notifying the failure (and possibly with the reason of the failure). However, feature has been rendered useless for some users.

Firstly, some spammers design their spam to look like such bounce-back emails to get through spam filters.

But perhaps more worryingly, many users are bombarded with bounce-back emails for emails which they did not send. Normally spammers will send out spam mails "on behalf' of a valid user (a practice known as "spoofing"). Since many of the spam sent will fail for reasons such as incorrect recipient address, bounce-back email will be sent to the "spoofed" sender address. So if the spammer happens to be using your email address, your mailbox will be flooded with bounce-back emails.

This same feature can also block read-receipts replies.

Automatic Update

Updating of AntispamNow! engine is done automatically and requires no downtime to the software. The engine is very small - around 1MB.

Auto-whitelisting

The auto-whitelisting feature pushes AntispamNow! false positive rate even closer to zero. Any addresses which are sent to by an internal users are automatically added to their whitelist. Any future mails from such addresses will be guaranteed to get through the filter. This will ensure that any email conversations that the users have with their business-partners will never be filtered.

Russian (Cyrillic) and CJK mails

This is another feature introduced by AntispamNow! 2.0. Users can decide to totally block emails composed in Russian, Chinese, Japanese or Korean languages. This feature is for users who, for example, receive Russian spam but do not use the language, hence are not expected to receive mails in the language.