SpamSentinel Version 9
STILL
 the best anti-spam and anti-virus solution for Domino!


Release Date: Oct 2016

We continue to update our SpamSentinel and Manage By Example products to give you the best IBM Notes/Domino anti-spam package for minimal administration and ease of use - please see below for a full list. Also, be sure to check out our popular Sidebar Applications - Canned Replies, Agenda and more!

As always, please feel free to contact us at support@maysoft.com if you have any questions or require support - we would also be happy to hear of any improvements or new features that you would like to be added.

SpamSentinel 9 runs on Lotus Domino versions 6 and higher, 32-bit and 64-bit.


SpamSentinel 9: Total Email Protection

Protect your Users by Protecting your Email.


What is New in Release 9?

We have completely overhauled SpamSentinel to meet the needs of our customers.

When we built Version 1 in 2003, spam was the major issue. We were dealing with people trying to sell you something and filling your Inbox with unwanted commercial email messages.

Today, the biggest threat is from thieves, crooks and confidence men: People trying to steal from you. They want to steal money or information that they can use to sell for money. Either way, they are 100 times more dangerous than a “sales spam”.

For example, Fraud and Cryptolocker (and its variants), are very aggressive attempts at theft. This is a veritable deluge of new viruses, 10 times what we have seen in the past. Our response to these new outbreaks is to release fixpacks and upgrades more frequently, perhaps weekly, to respond to new attacks as they emerge.

This means that SpamSentinel R9 more aggressively removes messages from the mail stream.

New Anti-Spam Engine

We have replaced one of our three main engines with a more precise engine that has less false positives than its successor. This will reduce the need to whitelist. Whitelists provide an opening in protection through which spam and viruses can enter.

New Anti-Virus Engine and Approach

We have evaluated and chosen a major player as our anti-virus option. This will reduce missed viruses and pull unwanted viruses from the mail stream.

R9 no longer tries to clean zip files infected with viruses. If a file is infected, we send it to an administrative quarantine (= no end user access), or delete it. If we see one virus, we might miss another one, and the consequences of a virus infection are too great to allow this message to be delivered to the user.

Anti-Virus is no longer optional. We have built it into the core product due to ever-increasing virus threats.

More Aggressive Spam Blocking

R9 takes a more aggressive blocking approach. It will move messages to the quarantine or delete them if they are high probability spam without user review. There are too many spam messages with URL links to malicious sites to risk a user clicking the link and downloading a malicious virus.

Phishing

Phishing is an attempt to steal. Fraud attacks are attempts to steal money and information from organizations via targeted phishing attacks.

R9 companion product InboxGenius tackles fraud and phishing by using organizational knowledge inside email and corporate address books to identify forgeries.

Email Sender Identity

Identity in email is the next Best Practice. Email as an anonymous medium is susceptible to misuse and abuse. Recognizing a sender is a very strong indicator of good mail, and helps sort out incoming mail. Conversely, unknown senders also helps separate out incoming mail, too.

For example, strangers do not walk directly into the CEOs office from outside. They must go to a “waiting room”. Likewise, their email should not be allowed directly into the CEO’s Inbox without the CEO’s permission either. We have developed technology that can protect the Inbox from “Outsiders” (unknown senders) by putting them all into a "waiting room" aka "-Other Inbox". That email can be left in the "waiting room" forever. Or, the CEO can decide to allow the message into the Inbox by dragging and drop. Then, future emails from that sender will always appear in the Inbox.

This is our strongest feature protecting the Inbox, using sender Identity to protect the Inbox.



Be sure to check out our popular Sidebar Applications at http://www.maysoft.com/web3.nsf/page/Products-Sidebar-Apps - Canned Replies, Agenda and more!

Click here to learn more about our previous release: Improvements in 8.5.2.2

5 Layer Approach to Effective Virus Blocking using SpamSentinel

Layer 1:
Spam Blocking

Blocks most viruses as "spam" that should be deleted.

39% of viruses are stopped this way.
Most viruses are generated and sent out in large waves of emails, so they exactly resemble spam.

The messages are classified at our highest level of spam, as Spam-D and immediately deleted or quarantined.
Layer 2:
Zero Hour Pattern Detection

Identifies viruses in the wild before they are
"named".

42% of viruses are stopped this way.

The Zero Hour approach does not rely on file scanning but provided malware detection based on identifiable patterns such as:
  • Sender IP addresses
  • Malicious code in attached malware
  • Combinations of characters from the subject and body of the email
  • Email distribution patterns – such as senders (how many, location) and the volume of the emails sent over a period of time.
  • Structure patterns – in the email messages and attachments.
Layer 3:
Traditional Anti-Virus Scanning

Identifies viruses based on known signatures.

15% of viruses are stopped this way.
SpamSentinel Antivirus looks specifically at the file attachments to accurately detect:
  • Malware hidden in PDF files, HTML and Java scripts, and archive files
  • Full anti-malware detection of worms, Trojans, spyware, adware and other potentially unwanted applications types

Malware detection is based on:
  • Heuristics – basic and emulator-based.
  • Algorithmic scanning methods – using an internal detection language.
  • Signature-based scanning – for exact malware file identification.
  • Emulation – for encrypted and polymorphic virus detection.
  • Full support for all types of ZIP, Bzip2, RAR, 7zip, NSIS and CAB compression techniques
Layer 4:
Restricted Attachments

Stops missed viruses by stopping and quarantining executable files.

4% of viruses are stopped this way.
Most viruses exploit the ability to launch right from the email message. That means they prefer to be executable files (EXE files). New variations are sent every day. Restricting EXE and other attachments is the last layer preventing viruses from entering your organization.
Layer 5:
Scan Microsoft Office documents for macros.
Malicious macros can download and execute malware/viruses in the background without the user's knowledge. SpamSentinel now creates safe copies of these documents for viewing and password protects the original file to prevent accidental opening.