This is very similar to the rules that can be set up in most popular e-mail client software applications.
The first is in hindsight-once either an IP address or domain or even a specific e-mail address has been found to be generating unsolicited e-mail, that IP address, domain, or e-mail address can be added to the list and blocked for all future messages. IP blocking rules are relatively simple and can be set up in one of two ways. Spammers often use fake e-mail addresses to cover their tracks, so a reverse lookup eliminates those return addresses that are obviously fake. Reverse lookups basically take the return e-mail address from the sender of the e-mail strip off the name and the symbol and check to see if the domain name is firstly valid and secondly if there is a mail server listening on that given domain name. Now you may be thinking how does the application know if an e-mail message is genuine or unsolicited? There are several ways, including reverse lookup, IP blocking (sometimes using blacklists), and heuristic scanning. The administrator can either allow the delivery to go through, manually delete the file, or add a new rule to stop that particular domain or mail server in the future. The software either removes it totally without any question or flags it and quarantines it for the administrator to check at a later date.
Once installed and configured, these applications then filter each and every e-mail message to that server looking for identifiers and clues that can signify that a particular e-mail that is being received is unsolicited. The vendors who submitted products for this review are in the business of providing applications that integrate with existing mail server software such as Sendmail or Microsoft Exchange, or sit as an intermediary between the mail server and the client. (For more information see Symantec's hoax centre or HoaxKill). These can also have damaging effects, particularly for less experienced users, because some hoaxes encourage the user to delete files in the belief that they are infected with a virus.
Hoaxes are e-mails purporting to warn and inform e-mail recipients of a virus, worm, or security issue with your PC and urging you to immediately forward the e-mail to everyone in your e-mail address book, local community, and then greater metropolitan area. (For more information see one example here or another example here.) Other e-mail that also falls into this unwanted/undesirable e-mail category and is virtually impossible to stop is hoax mail. There are many different categories of spam from the "go all night like a stallion" from those companies who obviously fail to realise that I personally don't need any help in that department to the "This is not a get rich quick scheme but you can make US$50,000 in 10 easy steps" that immediately make me think "if it's that simple, what am I doing here?" These then escalate to the more directly fraudulent and malicious scams going around such as the notorious 419, advanced fee, or Nigerian scam that has apparently netted some shifty characters some relatively easy money. For some reason these annoying e-mails have increasingly been making more and more headlines over the past few months (while the actual level of spam has not really increased that much, or at least that's what some researchers say.) In this review we take a look at the software that attempts to take unwanted e-mail and puts it into a can-and not the type with the easy-to-open key, either. We evaluate five packages that aim to ease the burden on your mail servers.
Spam drives users crazy, makes life difficult for mail administrators, and drives up costs.