|
|
|
|
|
|
|
|
Applies To: Models 1000, 2000, 3000
STA creates valid message signatures, called 'Tokens', from outbound e-mail. Without outbound e-mail being delivered by ePrism, it won't be able to learn what the local language of an organization is. As internal mail is considered a trusted source of messages, STA analyzes and classifies the outbound delivery of these messages to create valid tokens. These tokens are taken from valid messages to minimize false positives when comparing and classifying messages coming from the Internet. If STA analyzes an outbound message and gives it a probability of 0, the message is not trained into STA. If the same message was replied to, the probability of the message receiving a score of 0 is very likely. However, if STA analyzes an outbound message and gives it a probability of 90, the message is trained into STA, such that messages that are similar and arrive from Internet won't be incorrectly flagged.
STA also gathers SPAM signatures from DCC, when it is enabled and working. Messages that are classified as BULK by DCC are provided to STA for analysis. If STA assigns a probability of 90+ to a message classified by DCC as bulk, then there is no need for STA to train the information as it already knows the message is SPAM related. If STA assigns a probability of 0-50 to the message classified by DCC as BULK, then it would train that message as SPAM into the STA SPAM database. Messages that are classified as BULK by DCC, are not classified by STA. The content of the message is only learned. If a message was not classified as BULK by DCC, then STA would take action to determine the probability of the message being SPAM or not.
