Advanced Spam filter tools & Email Security
Zero day Attacks
Your spam proxy firewall should have solid and intelligent techniques against zero day attacks. These are attacks that have been let out into the wild in which there are no spam or virus signatures produced for it. Content filtering lets you stop messages that exhibit the characteristics of unwanted traffic even if they’re not recognized for malware. Your policy should decide what to do with this suspicious traffic, such as blocking it, quarantine the email, deleting it, reporting it, informing the sender, informing the recipient or do any of the combinations. Every message should be broken down to its smallest parts, completely analysed and then acted upon depending on what is found. So with zero day protection unknown attacks can be found based on the characteristics of an email.
Zero day window is the time a malware threat was out in the wild where there were no signatures created for it. This is a general term for zero day malware, not just spam attacks. Spam filters should be able to detect zero day attacks by analysing the behaviour.
Content filtering offers an essential defence against zero-day attacks by identifying and blocking traffic that looks and behaves like malware or a policy breach. As well as offering this zero-day protection, a good and effective content filter will also detect a wide range of abusive behaviour and undesirable content such as financial spreadsheets being mailed out from the accounts department before the quarterly results announcement. The zero-day protection offered by content filtering is one of the easier and most effective defences you can deploy.
Wikipedia's guide to Zero Day Attack