• Rss
  • LinkedIn
  • Youtube
  • Twitter
  • Instagram
  • English English English en
  • Deutsch Deutsch German de
Sales: +49 5251 304-800 | Support: +49 5251 304-636
NoSpamProxy
  • HOME
  • PRODUCT
    • NoSpamProxy Cloud
    • NoSpamProxy Protection
    • NoSpamProxy Encryption
    • NoSpamProxy Large Files
    • NoSpamProxy Disclaimer
  • SUPPORT
    • Knowledge Base
    • Forum
    • Training courses
    • Support Request
    • Software-Download
    • Resources
  • PARTNERS
    • Finding Resellers
    • Becoming Reseller
    • Partner Portal
  • COMPANY
    • Team
    • Testimonials
    • Career
    • Contact
  • EVENTS
    • Events
    • Webcast Training
  • BLOG
  • FREE TRIAL VERSION
    • Price request
    • Free trial version
  • English
    • Deutsch
  • Search
  • Menu Menu

How NoSpamProxy classifies emails as spam: The Spam Confidence Level (SCL) explained

Stefan Feist | Technischer Redakteur
Author: Stefan FeistTechnical Writerhttps://www.linkedin.com/in/stefan-feist-23b257b0/–Connect on LinkedIn

NoSpamProxy examines every single email and evaluates it with the help of various intelligent technologies: The comprehensive evaluation of the sender reputation, Level of Trust, the applied filters or the new, AI-based 32Guards are just a few examples that show that NoSpamProxy is the most secure protection against spam and malware.

24.06.2022|last modified:26.10.2022

The decisive factor in the evaluation of emails is the Spam Confidence Level (SCL). In the end, the SCL is the value that decides whether an email is declared as spam or not. But how does the SCL work in NoSpamProxy?

The Spam Confidence Level matters

The Spam Confidence Level (SCL) is the most important value in the evaluation of emails: If the SCL of an email is above a certain threshold value, this email is rejected. This value is 4 by default, but can be adjusted individually. An SCL of 0 means that an email has been classified as neutral. Values smaller than -10 or larger than +10 are limited to -10 or +10 respectively.

Filters and their influence on the Spam Confidence Level

The basis for calculating the SCL are the results of the filters that were applied to the respective email. Filters do the actual work of checking the email, as they assign SCL points based on the filter results. How many SCL points are awarded for each filter result can be customised for individual filters: For example, NoSpamProxy can be configured so that the reputation filter awards 4 SCL for an unsecured connection, but 5 SCL points for a failed SPF check.

The results of all active filters can be weighted using a multiplier: In this way, the filter’s score is offset against the multiplier and the influence of the individual filters within a rule is affected. This has a decisive influence on the final SCL value.

Example calculation of the Spam Confidence Level

This example is based on the following filter configuration:

  • Emails are to be checked and rejected as soon as the SCL is greater than or equal to 4.
  • Three filters are activated: Realtime Blocklists, Spam URI Realtime Blocklists and the word filter.
  • The word filter is configured to search for the words sex, Viagra, Cialis etc. and assigns two penalty points per hit.
  • The two blocklist filters are to award two points per hit.
  • Level of Trust is switched off.

An email is processed that contains eight prohibited words and a prohibited link. The link is contained on a blocklist. Furthermore, the submitting IP address is on two blocklists.

FilterSpam Confidence LevelMultiplierSCL
Realtime Blocklists428
Spam URI Realtime Blocklists224
Word filter10 (limited because the value was >10)110
Total22

The email therefore receives an SCL of 22 and is thus rejected.

The modular structure of the rules in NoSpamProxy makes it possible to adapt filter configurations exactly to the needs. For a complete list of available filters, see Filters in NoSpamProxy.

Fighting False Positives with Level of Trust

It is possible that filter results lead to very high SCL values. This is the case, for example, if the word filter is active for a rule and the email contains several unwanted expressions. The SCL value can then quickly rise to over 4, especially if no other filter is active.

This is where Level of Trust comes into play, which can be activated individually for each rule. The Level of Trust system is a multi-layered concept that assesses the trustworthiness of a communication relationship or domain. In short, Level of Trust awards trust bonuses for the quality of the connection history. In doing so, NoSpamProxy incorporates various criteria. The two most important are listed below:

  • Domain relationship: Regular outbound emails to a specific email domain are rewarded.
  • Address relationship between sender and recipient: Outbound emails to certain external addresses are rewarded with a high trust bonus.

The idea behind this is simple: If there is mutual communication between two communication partners, the probability that one of the partners is a spammer is low.

Example calculation Spam Confidence Level with Level of Trust

FilterSpam Confidence LevelMultiplierSCL
Realtime Blocklists428
Spam URI Realtime Blocklists224
Word filter10 (limited because the value was >10)110
Level of Trust-105 (=2+2+1)-50
Total-28

The email would have been delivered in this example because the SCL is less than 4 after including the Level of Trust.

Filters and Actions

In addition to filters, which influence the spam confidence level depending on the result, there are also actions in NoSpamProxy. Actions are fundamentally different from filters because they can also change emails: For example, they can add a footer or remove unwanted attachments.

Actions, however, can also reject emails that would actually pass after being evaluated by the filters. This means, for example, that a malware scanner can still reject the email even though it has not been detected as spam, because, for example, there is a sufficiently high level of trust value.

The actions available in NoSpamProxy are therefore higher-level settings with which filters can be overruled if necessary and over which the level-of-trust system has no influence.

32Guards can do both

The AI-based 32Guards occupies a special position. On the one hand, 32Guards is a filter that influences the calculation of the spam confidence level, and on the other hand, it is an action that can directly reject threats temporarily or permanently.

The evaluation of emails by 32Guards is based on the evaluation of email metadata. At the end, this evaluation results in a final assessment of the email. Examples of spam indicators are suspicious file names or the frequent occurrence of new or unknown URLs in a very short time.

Based on the analysed metadata, 32Guards creates a threat assessment, which in turn is used as a basis for further actions in NoSpamProxy.

Not yet using NoSpamProxy?

With NoSpamProxy you can reliably protect your company from cyber attacks. Request your free trial version now!

Get your free NoSpamProxy trial now!
  • share 
  • share 
  • tweet 
  • email 

SEARCH

PRODUCT

  • All Topics
  • NoSpamProxy Cloud
  • NoSpamProxy Protection
  • NoSpamProxy Encryption
  • NospamProxy Large Files

Knowledge Base

Knowledge Base

Note: The information in this knowledge base is only relevant for NoSpamProxy up to version 13.2. All information for NoSpamProxy 14 and higher can be found in the online documentation.

CATEGORY

  • All Topics
  • News
  • Product
  • Tech & Support
  • Events
Subscribeto RSS Feed

NoSpamProxy

  • NoSpamProxy Cloud
  • NoSpamProxy Encryption
  • NoSpamProxy Large Files
  • NoSpamProxy Disclaimer
  • Price request
  • Team
  • Career
  • General terms and conditions
  • Data Protection Information for Business Partners and Applicants
  • Cybersecurity (PSIRT)

Partners

  • Becoming a reseller
  • Partners
  • Order Certificates
  • Newsletter

Categories

  • All topics
  • News
  • Support
  • Updates
  • Order certificates

Latest News

  • Info IconCritical Outlook vulnerability: No threat to NoSpamProxy customers24.03.2023 - 15:09
  • Default filter settings in NoSpamProxy 1422.03.2023 - 10:00
  • NoSpamProxy UpdateGlobal Rollout NoSpamProxy Version 14.0.515.03.2023 - 15:20
IMPRINT • EULA • Privacy Policy • © 2023 Net at Work GmbH
  • Rss
  • LinkedIn
  • Youtube
  • Twitter
  • Instagram
New zero-day vulnerability: How to protect yourself from FollinaInfo IconNoSpamProxy 14 unterstützt als erstes Mail-Gateway SMIME 4 PreviewNoSpamProxy 14 is the first mail gateway to support S/MIME 4
Scroll to top