• Blog
• Announcements
• Info
• Thoughts

• Company
• Board of Directors
• Management Team
• Reference Customers
• Job Opportunities
• Press Room

• Contact
• Americas
• Europe
• Asia Pacific

• Homepage
• Email Reinvented
• Find Out More

• Login

• Partners
• Technology
• Anti-Spam and E-mail Content
• Anti-Virus
• Reputation
• E-mail Certification
• Encryption and Compliance
• Collaboration
• Hardware
• User Agents
• Delivery
• OEM
• Full List
• Partner Contact

• Products
• IMP Base Platform
• IMP Central Data Repository
• IMP Centralized Management
• Maintenance / SLA
• Services
• IMP Options
• Applications
• Advanced Queue Management
• Protocol Flow Control

• Resources
• Case Studies

• Support
• FAQ
• Extranet

Print this page

Protocol Flow Control

Due to the nature of bulk E-mail and the associated volume of messages, bad senders usually show similar characteristics in their transport protocol usage, statistical sending patterns and time-based traffic patterns. The Protocol Flow Control Toolkit adds depth to the reputation metadata in the platform, exposing events in the underlying messaging and transport protocols. With this additional data, users can execute new and dynamic policies that offer better, dynamic filtering of malicious message streams.

Once identified, the toolkit creates new filter responses to bad senders, ranging from time-limited temporary or permanent failures through tar pitting to TCP-based traffic shaping of individual connections. Like the other features of the workflow policy processor, they can combine to meet customer needs.

This extended filtering is well suited to deal with targeted attacks or difficult to detect spam volume spikes. It reacts quickly and provides extremely efficient protection of the messaging infrastructure. In conjunction with external reputation data sources, it can enhance spam message filtering.

Benefits

• Higher filtering rates
• Content-agnostic
• Quick reaction time
• Removes malicious traffic spikes
• Detects and handles zombie networks
• Drops messages early and with little or no false positives
• Reliably removes well in excess of 75% of spam in combination with third-party reputation data

Features

The Protocol Flow Control toolkit extends filtering capabilities to identify and manage difficult to find bad bulk senders. Through its unique dynamic filters and extended reputation metadata, it filters and protects the message store and other infrastructure from malicious traffic spikes.

Dynamic Filters

Dynamic filters are time-limited rules that apply to particular E-mails, E-mail senders or both. They can chain and combine to handle escalating events, triggered by definable thresholds. The dynamic filters can also activate based on accumulated events from content filters, allowing feedback loops from the content phase (for example, it is possible to permanently block senders sending too many viruses who have also shown specific protocol characteristics unique to bad senders).

Protocol and Event Statistics

The Protocol Flow Control Toolkit exposes in-depth statistics for messaging and transport protocols at varying levels in the Workflow Policy Processor. These statistics generate derivative parameters that can act as triggers for dynamic filters. Through these trend parameters, new information about senders becomes available to the workflow policy processor to allow for better filtering and quality-of-service management.

System Requirements

Protocol Flow Control requires IMPs with firmware OOS version 2.5 or newer.

For larger deployments, it is recommended to use Protocol Flow Control on O-series IMPs.