Professional Web Design, Hosting and Marketing Services in Marbella
Spam and Antivirus FAQ
This page will explain some of the most common questions from our users regarding the spam and virus defenses on our network which affect them directly.
What type of spam protection can I expect from 123 Marbella?
The 123 Marbella Mailtrust system utilises the filtering serrvices of a company called Cloudmark to perform all its spam filtering. Cloudmark are world leaders in commerical spam protection and provide protection for over 850 million users worldwide.
Cloudmark employs networked collective intelligence, a combination of Advanced Message Fingerprinting™, corroborated global feedback and automated data analysis to deliver unmatched accuracy and the fastest response to new threats.
Developed by world-renowned experts in messaging security, Cloudmark's technologies were designed with three goals in mind:
Automatically stop current attacks, including their polymorphic variations
Stay one step ahead of new attack vectors
Filter large message streams with high efficiency and scalability
Advanced Message Fingerprinting
Advanced Message Fingerprinting™ algorithms form Cloudmark's core intellectual property, allowing automatic detection of messaging threats. Cloudmark's fingerprinting algorithms target different threat attributes embedded in a message. As each message arrives, these algorithms generate "fingerprints" that represent unique aspects of the message. Once a fingerprint has been determined to be associated with a verified spam, phishing or virus attack, all current and future messages containing that fingerprint will be immediately blocked. As a result, Cloudmark is able to identify mutations and variants in near real time.
Global Threat Network™
For new outbreaks, Cloudmark provides extremely rapid response through its Global Threat Network, the largest and most sophisticated in the industry. With Cloudmark, threat monitoring is not limited to a single department within a company, but extended to a worldwide network of 850 million reporting sources in over 190 countries. The Global Threat Network consists of service provider abuse teams, systems administrators, honeypots and trusted users. Feedback from these reporters enables Cloudmark to block the latest threats within minutes of attack origination.
Cloudmark Service and Trust Evaluation System®
All feedback by the Global Threat Network is corroborated and analyzed by Cloudmark's Trust Evaluation System. This system tracks the reporter's reputation and determines fingerprint classification based on the number of reports and the reporter's reputation. Reputation or "trust" is earned over time by consistently reporting correct feedback. It preserves the integrity of reports and ensures that the system is extremely accurate. Since feedback is continuously corroborated, any inaccuracies in message classification, such as false positives or false negatives, are corrected without manual intervention. No other system offers this continuous feedback review and seamless remediation.
The Trust Evaluation System is a key component of the Cloudmark Service, which performs the backend analysis to determine whether a message is legitimate or a threat, categorizes threats by type and distributes threat intelligence to Cloudmark customers.
Cloudmark Research
The Cloudmark Research team consists of leading innovators in messaging anti-abuse. Cloudmark Research develops new fingerprinting algorithms and backend analysis processes to combat the complete range of messaging threats. To ensure optimal effectiveness of the Cloudmark solution against the latest messaging abuse, Cloudmark Research continually analyzes and predicts global messaging abuse trends.
Cloudmark Authority®
Cloudmark Authority, installed at the service provider's messaging environment, is updated every 30-45 seconds with new threat intelligence from the Cloudmark Service. Cloudmark Authority generates fingerprints for each incoming message and checks them against an in-memory cache of known bad fingerprints to determine whether the message should be blocked. Cloudmark Authority offers complete anti-spam, anti-phishing and anti-virus protection.
The different types of spammers out there
Out there on the www there are many types of spam and spammer. This list is not definitive but includes the majority of the types of spammers that we know of and have to deal with on a daily basis.
Zombie Spammer - A spammer that hijacks other's computers where the spam is sent directly from the hijacked computer to one's server.
Zombie - A computer that has been hijacked and is a member of a bot-net.
Bot-net - A group of zombies under one group's control, typically used for spamming and for DDoS attacks, but also sometimes used to relay through legitimate servers using either AUTH hacking or trusted IP space.
Open Relay - A mail server that allows un-authenticated E-mail to be sent through it.
AUTH Relay - A mail server that has accounts where either AUTH has been hacked to send spam, or allows trusted IP space to relay spam.
Relay Spammer - A spammer that uses either Open Relays or AUTH Relays to send spam.
Static Spammer - A group dedicated to spamming that uses their own servers (contracted or owned).
AFF Spam (Advance Fee Fraud) - Consists of scams where the object is to get the recipient to hand over cash in expectation of a return. This typically consists of Nigerian spam, Lottery spam, "buy from your store" spam, and "representatives wanted" spam.
Phishing Spam - Scams designed to trick the recipients into handing over valuable information. These messages are typically sent through sites using content management tools (Wiki's, message boards, blogging software, and PHPNuke-type content management tools). The content is also often hosted on the same.
Bulk Mailers - Companies that are not committed exclusively to spamming, but most of which will leak spam from time to time. Some are better than others at preventing spam, and some have service designs that lend themselves to abuse.
Niche Spam - Small-time spammers that generally target a very specific demographic such as a region or a type of business. They often use either their own official E-mail server or that of their ISP, and they can be hard to catch without manual blacklisting.
Backscatter - Messages that result from automated responses to forged addresses, typically resulting from gateways that don't validate recipient addresses, but also caused by auto-responders, vacation messages, open relays, AUTH relays and AV blocking mechanisms.
Form Spam - Spammers that target contact forms to send their spam to the hard coded recipients, or in some cases attempt to recode the recipients if that value is specified within the form.
Spim - Instant messaging spam. Typically sent by zombies.
Blog Spam - Also affects things like guestbooks, comment mechanisms and message boards. Used either for spamdexing or to directly advertise one's products. Primarily done by zombies.
Spamdexing - The act of spreading links to a site by posting them in blogs, guestbooks and message boards with the goal of improving search ranking of the sites listed.
What are "Email Headers" and how do I check mine?
Firstly, a more advanced explanation of email headers is here , but read on for a more simple version.
Every single Internet e-mail message is made up of two parts, the "header" and the "message body".
The message body is the part that you see when you open and read an email.
The headers are the hidden code and details that contain all the information about where the email originated and is very important in troubleshooting if there is a problem.
This is an example of what headers look like in Outlook. (Note the "Internet Headers")
To get this screen in your email programme, please select one of the following..
Outlook Express 6
1 Right click on a message.
2. Select 'Properties'.
3. If you have already double clicked on a message, drop down the 'File' menu and select 'Properties'.
4. Click on the 'Details' tab.
5. You can click 'Message Source....' and supersize the resulting window be able to read the header better.
Outlook 2002 /2003
1. Right click on a message.
2. Select 'Options...'
3. If you have already double clicked on a message, drop down the 'View' menu and select 'Options...'
4. The full header will be in the 'Internet headers:' field.
5. Click 'Close' to go back to reading your email.
You will then be able to copy and paste the header information.
How do I whitelist senders so they bypass my spam filtering?
If someone has been sending you emails for a long period and suddenly they dont come through anymore, its quite possible that they have been blacklisted by our spam firewall.
The only way to solve this is to "whitelist" them using the "safelist" feature in your online email management account (your webmail).
Follow these simple steps to whitelist an email address.
1) Login to your Web Mail
2) Once logged in, click on the "settings" link located in the top right hand corner of the screen
3) In the pop up window, select the "Spam Settings" icon
4) Select the "Safelist" tab
5) Click the "add" button
6) in the pop up window, type in the email address you wish to whitelist" then click the add button
7) That email address will then come through to your account without being checked for spam
My Emails are being bounced by Hotmail. How can this be solved?
There are two things that are possibly happening to you.
1) Email from your email account are bounced by hotmail or never arrive.
2) Email sent to hotmail by a form on your web site are being bounced or never arrive.
Hotmail uses Sender ID to identify legitimate emails destined for their email servers. If your domain or mail server does not have sender id set up, then the likeliness that your emails will be bounced increases significantly.
What is the solution?
We (123marbella) will have to create SPF and Sender ID on your domain name. This is usually done through the dns settings for your domain. There may be a small administrative charge to create and implement the spf and senderid policies to your domain and dns setting.
Submissions to Windows Live Mail/MSN Hotmail You are encouraged to e-mail Microsoft after you post your SPF record to the DNS. This will help ensure that your record is automatically included in the SIDF cache and reduce DNS latency. Send an e-mail message with your domain name in the body of the message (for example, mydomain.com) to senderid@microsoft.com.
