CHAPTER 13. ANTI-SPAM
The Kaspersky Internet Security component which detects spam, processes it
according to a set of rules, and saves you time when using email, is called
Anti-
Spam
.
Anti-Spam uses the following method to determine whether an email is spam:
1. The sender’s address is scanned for matches on black and white lists of
addresses.
•
If the sender’s address is on the white list, the email is marked
as
accepted
.
•
If the sender’s address is on the black list, the email is marked
as
spam
. Further processing depends on the action you select
(see 13.3.8 on pg. 180).
2. If the sender’s address is not found on the white or black list, the email
is analyzed using PDB technology (see 13.3.2 on pg. 172) for phrases
typical of spam, using the database created by training the Anti-Spam
component.
3. Anti-Spam examines the text of the email in detail and scans it for lines
from the black or white list.
•
If the text of the email contains lines from the white list of lines,
the email is marked as
accepted
.
•
If phrases from the phrase black list are encountered, the email
is marked as
spam
. Further processing depends on the action
you specify.
4. If the email does not contain phrases from the black or white list, it is
analyzed for phishing. If the text of the email contains an address
contained in the anti-phishing database, the email is marked as
spam
.
Further processing depends on the action you specify.
5. If the email does not contain phishing lines, it is scanned for spam using
special technologies:
•
Image analysis using GSG technology
•
Message text analysis using the iBayesian algorithm for spam
recognition
6. Finally the email is scanned for advanced spam filtration factors
(see 13.3.5 on pg. 178) specified by the user when Anti-Spam was
