50CHAPTER 4: ANTI-SPAM CONFIGURATION

Redirect to: The message will be delivered to the mail address specified in Action Data.

Reject mail: The mail will not be accepted and the connecting mail server is forced to return it.

BCC (Blind Carbon Copy): The message will be copied to the mail address specified in Action Data.

Action data — Depending on the specified action:

Modify Subject Header: The specified text will be inserted into the subject line, such as [BULK].

Add header: A message header will be added with the specified text, such as [BULK].

Redirect to: Send the message to a mailbox such as spam@example.com.

STA

STA (Statistical Token Analysis) is a sophisticated method of identifying

 

spam based on statistical analysis of mail content. Simple text matches

 

can lead to false positives because a word or phrase can have many

 

meanings depending on the context. STA provides a way to accurately

 

measure how likely any particular message is to be spam without having

 

to specify every word and phrase.

 

STA achieves this by deriving a measure of a word or phrase contributing

 

to the likelihood of a message being spam. This is based on the relative

 

frequency of words and phrases in a large number of spam messages.

 

From this analysis, it creates a table of “discriminators” (words associated

 

with spam) and associated measures of how likely a message is spam.

 

When a new incoming message is received, STA analyzes the message,

 

extracts the discriminators (words and phrases), finds their measures from

 

the table, and aggregates these measures to produce a spam metric for

 

the message between 1 and 100.

 

STA uses three sources of data to build its run-time database:

 

The initial database tables based on analysis of known spam.

 

Tables derived from an analysis of local legitimate mail. This is referred

 

to as “training.”

Page 50
Image 50
HP Email Firewall Appliance manual To specify every word and phrase, Message between 1, To as training