Anti-Spam Parameters

The default SpIDer Mail settings, including Anti-Spam settings, are optimal for most cases. Do not change them unnecessarily.

3.Make sure Dr.Web operates in administrator mode (the lock at the bottom of the program window is open

). Otherwise, click the lock

5.In the Anti-Spam section, enable or disable mail scan for spam using a corresponding switcher

2.In the open Anti-Spam parameters window, enable or disable the necessary options.

Option

Description

Allow Cyrillic text

Select this check box to prevent SpIDer Mail from marking Cyrillic emails as spam without prior analysis. Otherwise, such emails are most likely to be marked as spam.

Allow Asian text

Select this check box to prevent SpIDer Mail from marking emails with the most spread Asian encodings as spam without prior analysis. Otherwise, such emails are most likely to be marked as spam.

Add the prefix to subjects of spam messages

By default, SpIDer Mail adds the [SPAM] prefix to the Subject field of all spam messages. You can change this prefix.

Instructs SpIDer Mail to add a special prefix to subjects of spam messages.

Using a prefix allows you to create filter rules for spam in those mail clients (for example, Microsoft Outlook Express) where it is not possible to enable filtering by headers.

Dr.Web Anti-spam technologies consist of rules that can be divided into several groups:

•Heuristic analysis—a technology that empirically analyzes all parts of a message: header, message body, and attachments, if any.

•Detection of evasion techniques—a technology that detects evasion techniques adopted by spammers to bypass anti-spam filters.

•HTML signature analysis—a technology that compares messages containing HTML code with a list of known patterns from the anti-spam library. Such comparison, in combination with the data on sizes of images typically used by spammers, helps to protect users against spam messages with HTML code linked to online content.

•Semantic analysis—a technology that compares the words and phrases of a message (both visible to the human eye and hidden) with words and phrases typical for spam using a special dictionary.

•Anti-scamming—a technology that filters scam and pharming messages including so-called “Nigerian” scams, loan scams, lottery and casino scams, and false messages from banks and credit organizations.

•Technical spam—a technology that detects bounces that are delivery-failure messages sent by a mail server. Such messages are also sent by a mail worm. The bounces are detected as unwanted.

•X-DrWeb-SpamState: <value>, where <value> indicates whether the message is considered by SpIDer Mail as spam (Yes) or not (No).

•X-DrWeb-SpamVersion: <version>, where <version> indicates Dr.Web Anti-spam version.

•X-DrWeb-SpamReason: <spam rate>, where <spam rate> includes a list of evaluations on various spam criteria.

You can use these headers and the prefix in the Subject field, if selected, to configure email filtering for your mail client.

If you use IMAP/NNTP protocols, configure your mail client to download complete messages from mail server at once, i.e. without previewing their headers. This is required for correct operation of the spam filter.

Spam filter processes email messages composed in accordance with the MIME RFC 822 standard.

To improve performance of the spam filter, you can report to Doctor Web errors in spam detection.

1.Create a new email and attach the message that was processed incorrectly. Messages included in the email body are not analyzed.