Types of rules in Xeams for email filtering

Xeams uses several types of rules to assign a score to an email. These rules are defined below.

greenCheck.pngCustom filters

Custom Filters Custom filters are the most powerful and effective filters used in Xeams to detect junk messages. Often spammers use several tricks to avoid being filtered. These custom filters are specially designed to detect such tricks. We believe that these custom filters are so effective that leaving just these filters on you can eliminate 90% of all junk messages.

greenCheck.png IP/Domain Based Rules

RBL The word "RBL" stands for Real-Time Blackhole List. It refers to several services on the Internet that keep a database of IP addresses belonging to known spammers, virus sources and other exploits. Xeams queries these servers to check if the IP address exists in such a list.
SPF Check The word "SPF" stands for Sender Policy Framework. SPF records are used to prevent email forgery on the Internet. Many companies publish their SPF data through their DNS server, which includes a list of IP addresses where an email can originate. Xeams tries to match the SPF record for incoming messages and assigns a score if a mismatch is found.
DKIM Check Sender's domain name is checked for forgery using the DomainKeys Identified Mail (DKIM).
DMARC Incoming emails are checked for DMARC alignment, which is based on sender's domain rather than the IP address.
Black/White listing Administrators can either black list or white list IP addresses in Xeams. A black listed IP address is assigned a positive score, whereas a white list IP address is assigned a negative score.

greenCheck.png Content Filters

Finger print analysis Xeams uses a proprietary method of creating a finger print of every email. This finger print is then compared with future messages to determine if it is part of a bulk-mail campaign.
Image analysis Embedded images in emails are analyzed for patterns.
Body and Header Xeams utilizes a two-pass approach to analyze the body of every message. It then compares it with a known list of keywords containing a score. Rules can be specified for the following sections:
  • Subject
  • Body
  • Attachments
  • Header
Anti-Virus There are three types of virus detection in Xeams

  1. Built-in detector, which checks for obvious signs of an attachment containing a virus
  2. Integration with CLAMAV - an open source virus protection
  3. Integration with any other virus detector that works from command line. More info...
Adaptive Filters Adaptive filters are self-learning filters that gets smarter by analyzing the patterns of previously sent and received emails. These filters include:
  • Bayesian analysis
  • Manually marking messages junk or good
  • Sender history tracking
Challenge Response Challenge response is a mechanism where the system sends a challenge email to the sender to verify if it is a valid message. This type of filter is disabled by default but can be enabled if the users want to use it.