Other issues in this category (16)
Who issues the spam verdict
Dr.Web users are well aware that Dr.Web Security Space incorporates an anti-spam. The most curious ones also know that the anti-spam is part of the mail monitor SpIDer Mail (so it is namely the mail monitor that contains the anti-spam settings).
In 2002 Doctor Web was the first to implement a mail monitor for Windows that worked independently of the mail client applications installed in a system. Later this became an anti-virus industry standard.
But few people probably realise that the anti-spam doesn't decide if a message is spam.
This is somewhat unexpected, right?
The anti-spam adds spam weight values to message headers. The module that brought the anti-spam into action decides whether or not a message is spam.
Why does it work this way?
To determine if a message is spam, Dr.Web uses several routines. The results are added together using a special formula.
But there is a small problem. To bypass spam filters, spammers are constantly modifying their messages. A message is scanned for viruses and spam while a mail client is retrieving it. However, information that will enable the anti-virus to determine that another bulk of emails has been dispatched by spammers will only arrive with the next anti-virus update.
Alas, the Dr.Web Anti-virus that protects PCs can't rescan previously received emails (unlike Dr.Web products for mail servers).
An anti-virus scanner can examine databases containing email messages (repositories), but it can neither cure infections nor change an email’s status (spam/not spam) because many email databases do not feature an open format.
Advanced users can use header information about a message’s weight to fine-tune email filtering in their mail clients
Let's see how this can be done in Outlook 2007.
- In Microsoft Outlook go to Tools and open the tab Rules and Alerts.
- Select the E-mail rules pane, and click New Rule.
- Select Start from a blank rule and enable the Check messages when they arrive option. After that, press Next.
- In the conditions list, choose “with specific words in the message header”.
- In the condition window, choose “specific words”. In the newly opened window, enter “X-DrWeb-SpamState: YES” without the quotation marks. Press Add, OK, and then press Next.
- Check the Move it to specified folder checkbox, and select the folder you want to place spam into by clicking on the specified folder option. If you would prefer to store spam in a new directory, press Create to create the directory. Press Next and then click Finish.
To finish configuring the rules, close the rules window.
Note that rules can be far more complex.