Message Sniffer
What is Message Sniffer?
Message Sniffer (SNF) is a high performance email scanner that uses advanced pattern recognition and machine learning technologies to accurately identify spam and other security threats at your email server or gateway (before they can get to your inbox). This powerful technology comes bundled with a suite of full-time support services that maintain the system for you to ensure top performance.
The Message Sniffer software is designed to be installed on an email server or filtering appliance. Message Sniffer is driven by a professionally managed rulebase, available via subscription, that is continuously monitored and updated by intelligent machines and highly trained analysts. This teamwork between synthetic intelligence and extraordinary people reduces your administrative workload to a minimum and allows SNF to respond quickly (within minutes) to new threats while also predicting future hazards so they can be blocked before they arrive.
The scanning engine is designed to provide carrier grade speed, availability, and accuracy on a wide range of platforms (Windows, Linux, BSD, etc.). Its highly scalable architecture can be configured to fit comfortably embedded in a small email appliance processing a few hundred messages per day; connected to a small corporate email server; or deployed on ISP grade hardware handling millions of messages per hour.
Message Sniffer accurately captures more than 99% of spam, viruses, and malware right out of the box. It also learns about your environment automatically to optimize its performance and accuracy without your intervention; and it can be easily customized to meet your requirements.
How does it work?
Message Sniffer is about raw power, reliability, and effectiveness. The Message Sniffer engine requires no "training period" and does not rely on DNS based spam blocking lists (DNSBLs) or external database lookups which can be slow to respond and can introduce heavy loads to critical network infrastructures. Message Sniffer is the only scanner available on the market that is fast enough to perform comprehensive content scanning at wire speed during the SMTP conversation without introducing noticeable delays and without calling upon external resources in real time.
Message Sniffer's adaptive, comprehensive scanning engine examines an entire message and its structure in a single pass searching for combinations of spam, virus, and malware features including message source behaviors, unusual headers, structural artifacts, obfuscation techniques, email address and URL targets, binary and image signatures, unusual code fragments, and even coding styles.
The results from each scan can be injected as customizable message headers or passed along to your system as scan result codes along with as much detail as you wish. This allows you to leverage your existing infrastructure and build effective filtering systems that meet your specific needs.
Message Sniffer is compatible with most email server software (MTAs) and provides a wide range of integration options: SNF can be called as a command line scanner, integrated into postfix and sendmail servers as a milter, queried with an open XML based protocol via TCP, or integrated directly with your own custom software as a .SO or .DLL. The scanning engine is open source so you can modify it or even build it into your own software directly. In addition, there are SNF plug-ins for MDaemon and CommuniGate Pro plus several third party filtering products available that integrate SNF directly.
While training is not required, the Message Sniffer engine does become more accurate and more efficient over time by learning new patterns from your system and sharing pattern rule and IP reputation data with other SNF nodes using advanced machine learning technologies. Each SNF instance is a small part of a much larger "brain" that constantly learns about new spam, viruses, and malware.
