Clearswift Anti-Spam

Inside the Clearswift Secure Email Gateway appliance, there is a multi-layer Anti-Spam solution designed to deliver 99% detection with minimal false positives.


The anti-spam feature detects messages as being spam, phishing attempts, or newsletters, and allows system administrators to configure policies to either block, sanitize, hold, tag, or deliver.

  • Reputations – This is powered by TRUSTmanager. Every external message is checked against a real time database that contains the reputation of millions of IP addresses. If the reputation of senders IP is classed as BAD then the message can be dropped instantly.
  • Greylisting – If the sender’s reputation is suspicious then we can initially reject the connection and request the sender to retry and deliver the message. This eliminates spam botnets and also reduces the amount of malware received by the system.
  • BATV – This detects non-delivery spam being received by the system caused by people spoofing your internal email address and sending out spam mail, which if it causes a non-delivery report to be generated, it will be sent to the spoofed sender.
  • Anti-Spoof – There are a number of algorithms built into the system to detect a spoofed message. This functionality is also aided by the use of SPF, DKIM and DMARC.
  • RBL – An integrated Real-time Block List that can be supplemented with multiple other RBLs, such as Spamhaus, Protected Sky, IBM, SORBS, etc. This is another system designed to look at the sender’s IP address to check if it has been involved in spamming.
  • Message Authentication Services – The Gateway features 3 methods of message authentication:
    • SPF: Checks sender IP against published list of sending IP’s in DNS
    • DKIM: Receiver checks that if a DKIM header has been added by the sender it has been created using the same keypair as published in the sender’s DNS record
    • DMARC: Uses SPF and / or DKIM results and performs additional checks to determine if message is valid
  • Validate Sender – This checks to see if the sender's domain exists or not.
  • LDAP – This integrates with Active Directory and checks to see if the recipient does exist before accepting the message.
  • Phishing – This looks for the presence of URLs/attachments that indicate that this is a phishing message and not just bulk spam or newsletter. It allows phishing emails to be separated from “normal spam”.
  • Signatures – This identifies message that are sent in bulk
  • Content – This looks for offensive content.
  • Tricks – This looks for messages formatted or sent to bypass anti-spam rules.

Discover what Fortra's Clearswift Secure Email Gateway can do

See how Fortra's Clearswift Secure Email Gateway appliance allows you to block, sanitize, hold, or deliver messages based on your organization's needs.