Brightmail Anti-Spam Solution

The Brightmail Anti-Spam Solution consists of three core components:

• The Probe Network
• The BLOC
• The Brightmail Server

The Probe Network

The Probe Network is a massive number of email addresses that Brightmail maintains just to attract spam. Brightmail seeds these addresses by doing things like putting them in web sites where they are usually harvested by automatically or other places "where they'll be found by spammers." Probes addresses with a high number or responses can be optimized and classified by the Brightmail Logistics and Operations Center (BLOC), allowing different confidence levels to be assigned, based on the message content they receive. Spammers, however, never know if they are sending mail to an unsuspecting recipient or to a Brightmail probe account. Messages caught by the Probe Network are sent directly to the BLOC.

The BLOC

At the BLOC, incoming messages are evaluated to determine if they are spam and if so, rules to block those spam messages are immediately written. Those rules are then sent to the Brightmail Servers at customer sites.

Brightmail Server

The Brightmail Server, which is integrated with the mail server, receives anti-spam rules in real-time directly from the BLOC. As incoming mail reaches the mail server, the latest anti-spam rules developed by the BLOC go into effect. Suspected spam messages, called gray mail, are diverted to a special storage area. Users can check these messages when or if they choose. The Brightmail Server is implemented as multi-threaded client and server architecture, making rule updating and message processing more efficient. Rule updates are sent directly to the Brightmail Server, creating a centralized rule storage area.