SpamTitan has four tests, described below, that protect against email spoofing.
ANTISPOOF_DOMAIN and ANTI_DOMAIN_FUZZY are enabled and managed from Overview > Antispoof-Spoofing at the domain level.
ANTISPOOF_NAME and ANTI_SPOOF_NAME_FUZZY are automatically enabled for a user when that user's full name is entered in their user policy. Go To Policies > User Policies at the domain level to add or edit a user policy.
Anti-spoofing Test |
Description |
||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ANTISPOOF_DOMAIN |
This test checks if the From or Envelope From domain matches the recipient's domain. If triggered, the test adds 25 to an email's spam score. This test is enabled from Overview > Antispoof-Settings (default: OFF). See Enabling and Managing Anti-Spoofing. |
||||||||||||||||
ANTISPOOF_DOMAIN_FUZZY |
This test checks if a recipient's domain fuzzy matches the Envelope From or MIME-Encoded From domain. The fuzzy match range (difference between the two words) is 10% or less. For example, domain.com would fuzzy match with d0main.com, but not with d0m41n.c0m. If triggered, this test adds 5 to an email's spam score. This test is enabled from Overview > Antispoof-Settings (default: OFF). See Enabling and Managing Anti-Spoofing. |
||||||||||||||||
ANTISPOOF_NAME |
This test provides impersonation protection. Impersonation is when spam is sent using the From name of a high profile person in a company, for example, the CEO. A full name is at least two words (usually first name and last name), for example, John Smith. If triggered, this test adds a default score of 5 to an email's spam score. This test is automatically enabled for a user when that user's full name is entered in their user policy. Go to Policies > User Policies to add or edit a user policy. See Policies. ANTISPOOF_NAME (and ANTISPOOF_NAME_FUZZY) carry out a number of checks to compare a user's name as entered on their user policy with the email From name:
|
||||||||||||||||
ANTISPOOF_NAME_FUZZY |
This test provides additional impersonation protection by checking to see if the MIME-Encoded From name fuzzy matches the full name (if it has been added) for a user policy. The fuzzy match range (difference between the two words) is 10% or less. For example, Jonathan Doe would fuzzy match with J0nathan Doe, but not with J0n4th4n D03. If triggered, this test adds a default score of 5 to an email's spam score. This test is automatically enabled for a user when that user's full name is entered in their user policy. Go to Policies > User Policies to add or edit a user policy. See Policies. |