Most frequently asked questions about Guardian Intel.
We receive Spam to our honey traps on dedicated systems at different global locations. This guarantees high reliability, failure over safety, and diversity. The traffic in real-time is monitored, parsed, and analyzed.
Honey Trap Processing
Honey Pot Processing
We see traffic from all over the world, and depending upon the campaign and time frame, we see this mix constantly change.
The best way to answer your question is to ask us to set up a trial stream and look and see if what we provide fits your purpose.
We redact trap addresses to reduce the probability that they will be revealed.
All outgoing traffic reports to users of our Threat Intelligence do not contain any information about our trap domains, trap addresses, or our receiving MTAs, IP addresses, or any part of our network.
We receive emails containing email addresses that do not belong to our trap network and are usually misdirected spam or spam directed to open relays. In this case, these addresses remain untouched as there is no need to redact the receiving side of the spam mail.
The redaction process is automatically applied to the entire mail header and body.
Our systems ensure that any redaction we do does not interfere with hash-based filtering mechanisms.
We rewrite the mail as described below: In the example, we use the trap address [email protected]
Step 1 - Matching
If the addresses belong to our trap network, they are marked as “to be redacted.” These addresses are converted into a search pattern consisting of the domain part.
/trap.tld/i
→ matches the above domain part. This pattern is executed on both header and body of the original mail.
Step 2 - Rewriting
If there is a match, the mechanism starts to redact the matching pattern as follows:
x
X
1
Example
[email protected] is redacted to [email protected]
Dear Spam_2011 is redacted to Dear Spam_2011
http://example.com/unsubsribe.php?Spam_2011%40trap.TLD is redacted to http://example.com/unsubsribe.php?Spam_2011%40xxx.XXX
Spam message languages are often essential to our customer’s training in spam heuristics filtering. Thus, Abusix classifies content in the message and body using a common language detection library.
Description
Our challenge with language filtering is to deliver as much spam in a language feed to make it valuable to you and achieve a balance between:
In language identification, we:
Thus, Abusix needs to identify emails by language, with more content and special symbols.
So, if what we do isn’t 100% perfect for you and you want to tighten or loosen the filter in some manner, please let us know, and we will try to make adjustments accordingly.
JSON Field / Filter
Our JSON contains a Language Field, which may also be used as a filter.
Languages
We detect and filter the following languages:
Send us a message
Having trouble with your setup or a technical issue? Get in touch with our team of Abusix experts.
Click the chat button at the bottom and send us your questions. Alternatively, you can email us at [email protected]
Also, follow our LinkedIn Channel for updates & subscribe to our YouTube Channel for the latest Abusix how-to-videos.
Most frequently asked questions about Guardian Intel.
We receive Spam to our honey traps on dedicated systems at different global locations. This guarantees high reliability, failure over safety, and diversity. The traffic in real-time is monitored, parsed, and analyzed.
Honey Trap Processing
Honey Pot Processing
We see traffic from all over the world, and depending upon the campaign and time frame, we see this mix constantly change.
The best way to answer your question is to ask us to set up a trial stream and look and see if what we provide fits your purpose.
We redact trap addresses to reduce the probability that they will be revealed.
All outgoing traffic reports to users of our Threat Intelligence do not contain any information about our trap domains, trap addresses, or our receiving MTAs, IP addresses, or any part of our network.
We receive emails containing email addresses that do not belong to our trap network and are usually misdirected spam or spam directed to open relays. In this case, these addresses remain untouched as there is no need to redact the receiving side of the spam mail.
The redaction process is automatically applied to the entire mail header and body.
Our systems ensure that any redaction we do does not interfere with hash-based filtering mechanisms.
We rewrite the mail as described below: In the example, we use the trap address [email protected]
Step 1 - Matching
If the addresses belong to our trap network, they are marked as “to be redacted.” These addresses are converted into a search pattern consisting of the domain part.
/trap.tld/i
→ matches the above domain part. This pattern is executed on both header and body of the original mail.
Step 2 - Rewriting
If there is a match, the mechanism starts to redact the matching pattern as follows:
x
X
1
Example
[email protected] is redacted to [email protected]
Dear Spam_2011 is redacted to Dear Spam_2011
http://example.com/unsubsribe.php?Spam_2011%40trap.TLD is redacted to http://example.com/unsubsribe.php?Spam_2011%40xxx.XXX
Spam message languages are often essential to our customer’s training in spam heuristics filtering. Thus, Abusix classifies content in the message and body using a common language detection library.
Description
Our challenge with language filtering is to deliver as much spam in a language feed to make it valuable to you and achieve a balance between:
In language identification, we:
Thus, Abusix needs to identify emails by language, with more content and special symbols.
So, if what we do isn’t 100% perfect for you and you want to tighten or loosen the filter in some manner, please let us know, and we will try to make adjustments accordingly.
JSON Field / Filter
Our JSON contains a Language Field, which may also be used as a filter.
Languages
We detect and filter the following languages:
Send us a message
Having trouble with your setup or a technical issue? Get in touch with our team of Abusix experts.
Click the chat button at the bottom and send us your questions. Alternatively, you can email us at [email protected]
Also, follow our LinkedIn Channel for updates & subscribe to our YouTube Channel for the latest Abusix how-to-videos.