SpamSentinel Version 8
STILL
 the best anti-spam and anti-virus solution for Domino!


Release Date: Nov 2013

Welcome to SpamSentinel Version 8.0.0.2 
We have updated our core engines with the latest code available, continuing to bring you the best anti-spam and anti-virus option for Lotus Notes/Domino. There are a number of new features, along with the regular round of fixes - please see below for the full list. As always, if you have any questions, feedback or requests for new functionality we would be very happy to hear from you. 

SpamSentinel 8 runs on Lotus Domino versions 6 and higher, 32-bit and 64-bit.


Version Highlights:

Version 8 is mostly about improving virus protection from email viruses, both Zero Hour and via Email Attachments.

In this version we have really worked hard to stop viruses. We have many blog postings about the bad effects of these viruses at Frank's Blog

Many of our customers want to better understand our approach to blocking viruses in SpamSentinel V8 - please see the chart at the end of this page that explains it in detail.


SpamSentinel Version 8.0.0.2 Improvements


SpamSentinel Interceptor 2.6.5.6
  • No changes have been made to the SpamSentinel Interceptor

SpamSentinel Duo Engines 4.0.0.1 
  • Updated with Authentium AV SDK 5.4.6.7
  • Updated with Cloudmark SDK version 1.9.4.20

SpamSentinel Router 2.6.2.9
  • No changes have been made to the SSRouter

SpamSentinel Scanner 8.0.0.2
  • Fixed potential problem that could cause the Scanner to shutdown when the number of scan boxes exceeds the limit.
  • Increased the number of scan boxes allowed to 20
  • Added "Monitored Recipients". This address will be blind copied on any outbound email which both contains a word from the 'BCC Trigger Words' list and also matches either a Monitored Recipient from the list in the Policy Management database or a Monitored Recipient Domain Sub-String
  • 'SendTo' Body search now saves all matches as a text list
  • Added additional fields to log documents written to the Logging database
  • Updated to .Net 3.5
  • Updated Xceed library to 4.5
  • Updated Engine to check for Cloudmark 'Virus' category
  • Updated 'SpamS_VirusNames' field to replace 'Unnamed Virus' with 'Zero Hour Virus'
  • Updated code to not allow 'Zero Hour Virus' to be sent to user, even if white listed
  • Updated code to increment statistics for Cloudmark zero hour virus


SpamSentinel Reporter 2.0.3.5
  • No changes have been made to the SpamSentinel Reporter

SpamSentinel Administration Database
  • Added UI options to support new features

SpamSentinel Manager 2.6.2.8 
  • No changes have been made to the SpamSentinel Manager.

SpamSentinel Monitor 3.0.0.1
  •  Allow separate proxy server settings for Engine 1 and Engine 2
  • Added support for a third Duo Engine
  • Added support for 'Mail_Enable_Mailbox_Compatibility' notes.ini variable
  • Added support for the new Commtouch anti-virus definition files compatible with SDK 5.4.6.7
  • Removed SpamSentinel.Zip.Dll
  • Added Xceed Zip 4.5 library
  • Compiled for .Net 3.5
  • Updated code for anti-virus download to use new Zip library unzip functions


Non-Windows/Checking Machine Installations (AS400/Linux/Solaris)
  • Engine, Scanner, Monitor and database updates have been made as above.


We would also like to remind you that our popular Manage By Example (MBE) tool* is now included in the SpamSentinel package. "SpamSentinel MBE", unlike earlier versions, does not require any changes to the mail template and runs as an add-in on the servers hosting your mail files. It replaces the daily report as the most up-to-date way to manage suspect messages. We also include the MBE installer to allow you to easily install onto mail servers that do not necessarily run SpamSentinel.

MBE 4.7.0.3
  • Eliminated file locking issues caused by Domino bug
  • Added compatibility with the new MBE Sidebar application


*Manage by Example 
(MBE) is a critical component to SpamSentinel. MBE gives your users complete control over the grey area of Spam-B and Newsletters, freeing up your administrators and help-desk staff. MBE ensure zero false positives by providing end user verification of suspect/Spam B messages. The Junk Mail folder is used for delivery of Undecided mail (Spam-B). For most customers, this completely replaces the daily report. MBE will install as disabled - due to possible unknown configuration variables - instructions and video can be viewed at:http://www.maysoft.com/mbe to complete MBE installation - calling support is always an option during or after installation.

Please be aware that the new SpamSentinel MBE tool will only be installed on servers that run Windows or Linux. Servers running AS/400 or Solaris should use MBE version 3. 

Click here to learn more about our previous release: Improvements in 7.7.2.8

4 Layer Approach to Effective Virus Blocking using SpamSentinel

Layer 1:
Spam Blocking

Blocks most viruses as "spam" that should be deleted.

39% of viruses are stopped this way.
Most viruses are generated and sent out in large waves of emails, so they exactly resemble spam.

The messages are classified at our highest level of spam, as Spam-D and immediately deleted or quarantined.
Layer 2:
Zero Hour Pattern Detection

Identifies viruses in the wild before they are
"named".

42% of viruses are stopped this way.

The Zero Hour approach does not rely on file scanning but provided malware detection based on identifiable patterns such as:
  • Sender IP addresses
  • Malicious code in attached malware
  • Combinations of characters from the subject and body of the email
  • Email distribution patterns – such as senders (how many, location) and the volume of the emails sent over a period of time.
  • Structure patterns – in the email messages and attachments.
Layer 3:
Traditional Anti-Virus Scanning

Identifies viruses based on known signatures.

15% of viruses are stopped this way.
SpamSentinel Antivirus looks specifically at the file attachments to accurately detect:
  • Malware hidden in PDF files, HTML and Java scripts, and archive files
  • Full anti-malware detection of worms, Trojans, spyware, adware and other potentially unwanted applications types

Malware detection is based on:
  • Heuristics – basic and emulator-based.
  • Algorithmic scanning methods – using an internal detection language.
  • Signature-based scanning – for exact malware file identification.
  • Emulation – for encrypted and polymorphic virus detection.
  • Full support for all types of ZIP, Bzip2, RAR, 7zip, NSIS and CAB compression techniques
Layer 4:
Restricted Attachments

Stops missed viruses by stopping and quarantining executable files.

4% of viruses are stopped this way.
Most viruses exploit the ability to launch right from the email message. That means they prefer to be executable files (EXE files). New variations are sent every day. Restricting EXE and other attachments is the last layer preventing viruses from entering your organization.