Solutions are implemented by keeping in mind the cost and time constraints for the processing of emails to be filtered. Receiving thousand of emails on the email server situate load and degrading the performance of the email server.
The Anti spam system uses combine key method for recognizing the relevant datasets required as per defined rules. The anti spam engine detects the parameters from the email message header, database stores and learns the email parameters just like a switch maintaining a MAC table in its database. The selection of Parameters will depend on the security policy of the organization.
The unique identification (UID) or fingerprint will be stored in the database of the anti spam system against each recipient email address. Before delivering the email to the recipient, the spam engine searches for the UID of the email which is received on the organization’s domain, so that the processing time can be minimized. The emails of which UID has already been stored in the database will be delivered to the recipient
The spam engine proceeds further and check the sender’s IP address and email address in the outbound recipient’s category, if the criteria have been fulfilled, then the email message will be delivered to the recipient. And if not, the email will be stored in the unknown emails category which can be released after checking whether any new host needs to be added in the safe list. Email size, images parameters can also be defined for providing more restrictions as per IT policy.
The Firewall should be deployed in such a way that the traffic, whether it is inbound or outbound should not pass to the organization critical servers without filtration via firewall. The rules defined in the firewall device or server should not conflict with other rules. It is not necessary to be aware of the traffic coming from the internet, but it is necessary to filter inbound traffic