Context filtering

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Context filtering is an anti-spam / mail policy method that does not deal with the contents of the mail but rather uses the context of the SMTP connection to decide whether a mail will be accepted or not.

This method usually prevents reception of an e-mail in the first place; thus, common anti-spam features like quarantine, redirect or delete can not be applied. This method also distorts statistics of anti-spam programs because it is usually unknown how many mails (Spam or otherwise) would have been received through a certain connection.

Filtering by context includes methods like DNSBL lookups, domain or IP blacklists, etc. This method has an extremely low rate of false positives and false negatives.

On the plus side, this method is usually saving bandwidth and server utilization.

The most common context filter is DNSBL filtering. The efficiency of this method depends on the blacklist used.

For high volume mail sites, it is recommended to set up local copies of the DNSBLs of your choice and fill them through DNS zone transfers. This reduces the permanent traffic through external DNS lookups. Some DNSBLs also allow only a certain amount of queries by day for every IP address to keep their expenses on bandwidth low.