aboutemailreputation
ScanMail provides Email Reputation features as a part of spam prevention. As the first line of defense, Trend Micro™ Email Reputation Services helps stop spam before it can flood your network and burden your system resources.
When your email server accepts an initial connection from another email server, your email server records the IP address of the computer requesting the connection. Your email server then queries its DNS server, which in turn queries the Reputation database(s) to determine if there is a record for the IP address of the requesting computer. If the host is listed in a database, Email Reputation recommends an appropriate action. You can also customize actions.
This service helps block spam by validating requested IP addresses against the Trend Micro reputation database, powered by the Trend Micro Threat Prevention Network. This ever-expanding database currently contains over 1 billion IP addresses with reputation ratings based on spam activity. Trend Micro spam investigators continuously review and update these ratings to ensure accuracy.
Email Reputation Standard Service is a DNS single-query-based service. Your designated email server makes a DNS query to the standard reputation database server whenever an incoming email message is received from an unknown host. If the host is listed in the standard reputation database, Email Reputation reports that email message as spam. You can set up your Message Transfer Agent (MTA) to take the appropriate action on that message based on the spam identification from Email Reputation Services.
Tip: Trend Micro recommends that you configure your Message Transfer Agent (MTA) to block, not receive, any email from an IP address that is included on the standard reputation database.
This service identifies and stops sources of spam while they are in the process of sending millions of messages. This is a dynamic, real-time anti-spam solution. To provide this service, Trend Micro continuously monitors network and traffic patterns and immediately updates the dynamic reputation database as new spam sources emerge, often within minutes of the first sign of spam. As evidence of spam activity ceases, the dynamic reputation database is updated accordingly.
Like Email Reputation Standard, Email Reputation Advanced is a DNS query-based service, but two queries can be made to two different databases: the standard reputation database and the dynamic reputation database (a database updated dynamically in real time). These two databases have distinct entries (no overlapping IP addresses), allowing Trend Micro to maintain a very efficient and effective database that can quickly respond to highly dynamic sources of spam. Email Reputation Advanced Service has blocked more than 80% of total incoming connections (all were malicious) in customer networks. Results will vary depending on how much of your incoming email stream is spam. The more spam you receive, the higher the percentage of blocked connections you will see.
See also: