Presentation is loading. Please wait.

Presentation is loading. Please wait.

IMF Mihály Andó IT-IS 6 November 2006. Mihály Andó 2 / 11 6 November 2006 What is IMF? ­ Intelligent Message Filter ­ provides server-side message filtering,

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "IMF Mihály Andó IT-IS 6 November 2006. Mihály Andó 2 / 11 6 November 2006 What is IMF? ­ Intelligent Message Filter ­ provides server-side message filtering,"— Presentation transcript:

1 IMF Mihály Andó IT-IS 6 November 2006

2 Mihály Andó 2 / 11 6 November 2006 What is IMF? ­ Intelligent Message Filter ­ provides server-side message filtering, ­ Integrated with Exchange Server 2003 sp2, ­ Based on SmartScreen technology from Ms Research, - SmartScreen tracks over 500,000 e-mail characteristics based on data from hundreds of thousands of MSN Hotmail subscribers who volunteered to classify millions of e-mail messages as legitimate or as spam. ­ Per-message spam confidence level ratings, ­ Updates are available every first and third Wednesday (Automatic Updates).

3 Mihály Andó 3 / 11 6 November 2006 How it works? Action: - archive - delete - reject - no action Action: move to junk e-mail

4 Mihály Andó 4 / 11 6 November 2006 What is the SCL? ­ SCL: Spam Confidence Level ­ The server calculate one number for every mail, this is the SCL. ­ This is a number from 0 to 9. - 0 indicates lowest probability whereas 9 indicates near certainty of the email being spam - -1 = IMF is switch off.

5 Mihály Andó 5 / 11 6 November 2006 How to enable IMF for a user ? ­ Activate the Junk e-mail folder. - Safe Senders / Safe Recipients / Blocked Senders ­ ­ Precondition: IMF activated on gateways

6 Mihály Andó 6 / 11 6 November 2006 Test A – 100% SPAM SCL ThresholdMove to junk e-mail 7 13.5% 6 76.6% 5 91.1% 1 98.5% ­ ­ Test: - - More then 10000 e-mails extracted from mailboxes, all of them being spam - - Evaluation of spam detection rate using different threshold

7 Mihály Andó 7 / 11 6 November 2006 Test B – “good” mails SCL Threshold Move to Junk e-mail (false positive) 7 0.2% 6 2.1% 5 10% 1 52.2% ­ ­ Test: - - More then 10000 e-mails extracted from mailboxes, all of them being legitimate e-mails - - Evaluation of spam detection rate using different threshold

8 Mihály Andó 8 / 11 6 November 2006 Test A, B – summary SCL Spam detection rate False positive rate 7 13.5%0.2% 6 76.6%2.1% 5 91.1%10% 1 98.5%52.2%

9 Mihály Andó 9 / 11 6 November 2006 IMF / Cern spam tool ­ IMF limitations - Gateway threshold or store threshold, but no per user threshold !!! - Global white-list: only based on IP address  (but end-users can maintain their own white-list of senders or recipients) ­ CERN Spam tool features not in IMF - No filtering based on character sets - End-users can not white-list e-mails with a particular subject - No dynamic Bayesian filtering based on spams reported by end-users  Limitation or … benefit ? ­ IMF features not in CERN Spam tool - trust e-mails from your contacts (automatically, no need to upload your contacts on a regular basis)

10 Mihály Andó 10 / 11 6 November 2006 Conclusion ­ Rather efficient but lacking flexibility ­ Great improvements expected with Exchange 2007 / Forefront Security - Per user configuration, Daily updates of spam signature,… ­ In the meantime, we could - Continue evaluation by enabling IMF on gateways,  Enabling “junk e-mail” only for test users - Make Cern anti-spam solution compatible with the anti-spam framework of Exchange:  Use “SCL” instead of custom “cern spam score”  Introduce “junk e-mail”  Merge Cern with-list / Outlook with-list

11 Questions ? (25 CHF / question) 5 4 3 21 0

Download ppt "IMF Mihály Andó IT-IS 6 November 2006. Mihály Andó 2 / 11 6 November 2006 What is IMF? ­ Intelligent Message Filter ­ provides server-side message filtering,"

Similar presentations

Working with Outlook 2007 at CERN Outlook Main window Customize views Send e-mails Organize e-mails: Category, Follow-up flag, To-Do Bar Create signatures.

Working with Outlook 2007 at CERN Outlook Main window Customize views Send s Organize s: Category, Follow-up flag, To-Do Bar Create signatures.
1 Effective, secure and reliable hosted email security and continuity solution.

1 Effective, secure and reliable hosted security and continuity solution.
TrustPort Net Gateway Email traffic protection. WWW.TRUSTPORT.COM Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.
Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.
© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.

© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.
Clean Out the Junk! Outsmarting Unsolicited E-mail NUIT Tech Talk Presentation February 18, 2005 Sherry Minton Dan Frommer.

Clean Out the Junk! Outsmarting Unsolicited NUIT Tech Talk Presentation February 18, 2005 Sherry Minton Dan Frommer.
Windows XP Service Pack 2 Steve Wheeler Windows Technology Evangelist Microsoft Presentation Team.

Windows XP Service Pack 2 Steve Wheeler Windows Technology Evangelist Microsoft Presentation Team.
E-Mail Filtering Managing Unwanted Mail. Managing unwanted spam mail : Server Side Filtering Spam filtering at Monash comes in two forms. Server Side.

Filtering Managing Unwanted Mail. Managing unwanted spam mail : Server Side Filtering Spam filtering at Monash comes in two forms. Server Side.
What’s New in WatchGuard XCS 10.0 Update 2 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 2 WatchGuard Training.
Tony Brett Oxford University Computing Services OUCS Learning Technologies Group December 2005 Outlook: E-mail and more Tony Brett Oxford University Computing.

Tony Brett Oxford University Computing Services OUCS Learning Technologies Group December 2005 Outlook: and more Tony Brett Oxford University Computing.
Guide to Operating System Security Chapter 10 E-mail Security.

Guide to Operating System Security Chapter 10 Security.
Implementing Exchange Server Security Ward Solutions.

Implementing Exchange Server Security Ward Solutions.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.

23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.
Managing and Avoiding Junkmail. Junk E-mail  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.

Managing and Avoiding Junkmail. Junk  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.
Exchange deployment at CERN and new ideas for SPAM fighting Michel Christaller, Emmanuel Ormancey, Alberto Pace.

Exchange deployment at CERN and new ideas for SPAM fighting Michel Christaller, Emmanuel Ormancey, Alberto Pace.
MSG328 Anti-Spam in Exchange2003 Max Ciccotosto Program Manager - Exchange Microsoft Corporation.

MSG328 Anti-Spam in Exchange2003 Max Ciccotosto Program Manager - Exchange Microsoft Corporation.
Approaches to Fighting Spam in an Exchange Environment Greg Taylor Senior Consultant - MCS.

Approaches to Fighting Spam in an Exchange Environment Greg Taylor Senior Consultant - MCS.
Email Filter Services. Advantages of Using Spam Filters Effective Filter Bigger Bandwidth Space Easy Interface Accurate Results.

Filter Services. Advantages of Using Spam Filters Effective Filter Bigger Bandwidth Space Easy Interface Accurate Results.
Presenter notes This Microsoft Outlook 2010 presentation is a prepackaged solution designed to help attendees maximize the e-mail application. You may.

Presenter notes This Microsoft Outlook 2010 presentation is a prepackaged solution designed to help attendees maximize the application. You may.

Similar presentations

Ads by Google