Artificial Intelligence for Greylisting Anti-spam

Abstract

Current methods for detecting email system mostly works by examining content characteristic of incoming messages. Due to huge impact to recourses, such as bandwidth wasting, increased processing load, the greylist technology was developed to exploit the incompatibility of spammers mail servers, when they doesn’t respond on the request to repeat message resend. Both of these methods, applied to the spam problem separately, give some disadvantages. The first one, analyzing the n-grams of text symbols in emails, gives some portion of misclassification, being unable due to some reasons make correct decision. The second one needlessly delays legitimate mail forcing to wait appropriate time gap for response or even losses it, if the sending server is not properly configured. Combining both techniques into one system, we can improve spam filtration effectiveness. The first stage of classifiers eliminates the unnecessary rejection and delay, when email is legitimate. If the message appears being spam and will be correctly labeled by all classifiers, it will be immediately discarded before reaching conventional greylist stage. If the spam or legitimated message is detected partly, i.e. with some misclassification it will be treated as greylist message and temporary rejection technique applied at the greylisting stage, where it will be discarded or delivered to the inbox. Ill. 4, bibl. 8 (in English; summaries in English, Russian and Lithuanian).