Glossary of anti spam and email security terms
Definitions of terms used in email security and anti-spam solutions
[ A ]
- Address / Email Harvesting: The process of obtaining lists of email addresses for use in bulk mail or spam.
- Alias: An alias is an email address that forwards all email it receives to another email account.
[ C ]
- Catch Rate: The catch-rate measures the efficiency of a spam solution. The calculation used is: (# of spam messages caught ÷ # of total spam messages) x 100
- Content Filtering: Spam scanning plain text for key phrases and the percentage of HTML, images and other indications that the message is spam.
[ D ]
- Denial of Service (DoS): An attempt to make a computer resource unavailable to its intended users. Considered an Internet crime.
- Dictionary Attack: A system of combining letters and numbers in an attempt to find active email addresses. Any addresses to which messages are delivered, as opposed to being bounced back, are legitimate.
- Directory Service: A network service that identifies all resources on a network and makes them accessible to users and applications. The software stores and organizes information about a computer network’s users and network shares and allows network administrators to manage users’ access to the shares. Resources include email addresses, computers and peripheral devices. There are a number of directory services that are used, including Active Directory and LDAP.
- DNSBL: DNS Block List. See RBL.
[ E ]
- ESMTP: Extended SMTP. See SMTP.
[ F ]
- False Negative: A false negative occurs when spam is not recognized by a spam solution and delivered to a mail inbox.
- False Positive: A false positive occurs when legitimate mail is incorrectly recognized by a spam solution and not delivered to a mail inbox.
- Filter Scripting: Advanced filtering logic method to block many or all spam tactics.
- Fingerprinting: Smart file type detection. A technology that scans email attachments in search of forbidden file formats (e.g. *.exe) in order to prevent them from concealed with modified file extensions.
[ H ]
- Headers: The top portion of a message that contains the sender’s name, date the message was sent, recipients’ names, title, routing details, message priority, and other information.
[ I ]
- IMAP4: Internet Message Access Protocol 4. A mail retrieval standard that supports server-side folder creation and management. Mail resides on the server until users move messages to folders they have created on their PCs.
[ L ]
- LDAP: Lightweight Directory Access Protocol. Standard protocol for the exchange of directory entries between servers.
- LDIF: LDAP Data Interchange Format. The format used by an LDAP server when returning information for LDAP requests.
[ M ]
- MIB: Management Information Base. A MIB is a file that contains descriptions about the characteristics of a modusGate™ Server (or any other managed device on a network for which a MIB has been created). The characteristics described in the MIB are the functional elements for the modusGate™ Server which can be monitored using SNMP software.
[ N ]
- NVC: Norman© Virus Control. Software sold by Norman© Data Defense that provides server-side anti-virus protection. modusGate™ uses the same virus definition files as Norman© Virus Control.
[ O ]
- ODBC: Open Database Connectivity. ODBC is an application programming interface (API) used to access thirdparty databases.
- Open Proxy: A proxy that allows computers to use it to make connections to services on their behalf, whether they would normally have permission to access the service or not.
- Open Relay: An SMTP (mail) server configured in such a way that it allows anyone on the Internet to relay (i.e. send) mail through it. Often open to attack and hijacked to send large amounts of spam.
[ P ]
- Phishing: A scam that uses spam to deceive people into disclosing their credit card numbers, bank account information, passwords and other sensitive information. Phishers often masquerade as trustworthy or well-known businesses.
- POP3: Post Office Protocol 3. A standard mail protocol for authenticating and retrieving mail over the Internet. Unlike IMAP (where mail resides on the server), POP3 moves messages from the server to the users’ computers.
[ Q ]
- Quarantine: Mail that has been blocked because of suspicious content, viruses or forbidden attachments.
[ R ]
- RBL: Real-time Black List. A DNS-based Blackhole List (DNSBL, also known as Real-time Blackhole List or RBL), is a means by which an Internet site may publish a list of IP addresses, in a format which can be easily queried by computer programs on the Internet A free service offered by some organizations such as ORBS or MAPS that provides a list of known spammers, updated in real-time. This term is used interchangeably with DNSBL.
- Reverse DNS: A process to determine the hostname associated with a given IP address. This feature ensures that users are from legitimate domains.
[ S ]
- Sieve: Simple scripting language used to filter email. One of the more powerful features of sieve is filtering spam. Sieve is defined in RFC3028.
- SMTP: Simple Mail Transport Protocol. The protocol used to deliver email to its destination.
- SNMP: Simple Network Management Protocol. SNMP is part of the TCP/IP protocol. SNMP applications run in a network management station (NMS) and issue queries to gather information about the status, configuration, and performance of external network devices.
- Spam: Unsolicited, bulk email. Also known as junk mail.
- SPF: Sender Policy Framework. SPF helps to prevent return-path address forgery and makes it easier to identify spoofs. For more information, go to www.openspf.org or RFC 4408.
- Spoof: In the context of network security, a spoofing attack is a situation in which a person or program successfully masquerades as another by falsifying data. With phishing, a legitimate Web page (such as a bank’s) is reproduced in look and feel by the phisher. The intent is to trick users into thinking that they are connected to a trusted site. The phisher then harvests personal information.
- SURBL: Spam URI Real-time Block Lists. A SURBL detects spam messages based on message body URIs instead of the spam senders. They allow you to block messages that have spam hosts mentioned in the message bodies. For more information, go to www.surbl.org.
[ U ]
- URI: A string of characters used to identify or name a resource. The main purpose is to enable interaction with representations of the resource over the Internet using specific protocols.
- URL: Universal or Uniform Resource Locator. An Internet address used by Web browsers to access a specific site or a document (resource).
[ V ]
- Virus : Any piece of code that replicates and executes itself. Viruses usually deliver a piece of malicious code that carries out a destructive operation on the host machine.