04/07/2008

So, in reply to some of my postings, many people replied that they want to stop the spam at the SMTP connection layer, a feature RBLs provide. You want to cut down traffic and work on the Lotus Domino email server.

We hear you loud and clear.

In a frantic week of development and testing, we have enhanced SpamSentinel to reject spam during the SMTP connection.

And the results are truly fantastic!

On our inbound SMTP gateways, SpamSentinel v 7.5 stops over 90% of email received during the SMTP connection but before the mail is accepted. This is a full 10%, better than any RBL (I tested with Spamhaus and Spamcop, which together averaged 78%). The remaining 12% is picked up and caught as spam at the Domino server or as a virus using our Norman anti-virus checking.

There are two ways to stop mail at the SMTP gateway: Silent Delete and Reject. The silent delete does not give any information to the spammers. We let them connect, and 88% of the time, we terminate the SMTP connection without saving the message. The other method is a PERMFAIL (we use the generic 554 PERMFAIL option), which rejects the SMTP connection. Given that most spammers do not really exist, and that our SMTP servers are talking many times to a BOT, I prefer the silent delete.

In our tests, this is blazingly fast, and reduces bandwidth and server activity significantly.

No False Positives in Rejected Mail
v 7.5 also has no false positives in what it rejects. This is based on actual experience for Spam-D classification which is in use across thousands of servers and based on hundreds of millions of messages processed. If SpamSentinel does make a mistake, it would show up in the Quarantine as Spam-B or Spam-C. Because this is a Lotus Notes database, users can retrieve these blocked messages.


Anyone who wants this version right away, email me Frank Paolino and I will get you the software.


Daily Spam Statistics
Here is a snapshot of the daily statistics for one of our actual SMTP inbound servers. The results on this server are better than 88%, as it is the second SMTP server, which gets mostly spam, so 92.5% of messages were silently deleted. Most people should expect 88-90%. The 4,764 messages that our Domino server has to process brings us back to the levels of spam received in early 2005!