DNS(English Domain Name System - domain name system) is a system that allows you to convert symbolic domain names into IP addresses (and vice versa).
Domain- a certain zone in the Internet domain name system (DNS), allocated to a country, organization or for other purposes.
How DNS works
The domain name system has a hierarchical structure using an arbitrary number of components (domain), separated from each other by a dot ( .
). On the Internet, the root domain or domain top level managed by the InterNIC center. A system of two-letter top-level domains has been created for each country (about 300):
-USA, -Canada, -Germany, -Russia, -former USSR, -France, -Finland, -Italy, -Switzerland, -Great Britain.
And also for various types organizations:
-commercial organizations;
EDU-educational establishments;
GOV- government agencies;
MIL-military institutions;
- other organizations;
-network resources.
In Russia, the “RU Domain Coordination Center” is responsible for the .RU domain.
To determine the IP address by domain name a DNS service is used, consisting of many DNS servers containing a distributed database of domain name-IP address mappings. Every network must have at least one DNS server that maintains a local domain name database and performs IP address lookup on the domain name.
This search is carried out as follows:
- a query is made to the local DNS server;
- if the DNS server knows the answer, it returns it to the client (the corresponding entry is in its table or cache);
- if the DNS server does not know the answer, it follows the link to the next DNS server until the corresponding record is found (recursive scheme).
A host name and an IP address are not identical - a host with one IP address can have many names, allowing you to support many websites on one computer (this is called virtual hosting). The reverse is also true - one name can be associated with many IP addresses.
Reverse DNS lookup
DNS is used primarily to resolve symbolic names to IP addresses, but it can also perform the reverse process. For this purpose, existing DNS tools are used. The fact is that various data can be associated with a DNS record, including a symbolic name. There is a special domain in-addr.arpa, entries in which are used to convert IP addresses into symbolic names. For example, to obtain the DNS name for the address 11.22.33.44, you can query the DNS server for the record 44.33.22.11.in-addr.arpa, and it will return the corresponding symbolic name. The reverse order of writing parts of an IP address is explained by the fact that in IP addresses the most significant bits are located at the beginning, and in symbolic DNS names the most significant (closer to the root) parts are located at the end.
DNS records
Let's take a closer look DNS records, what are they needed for:
SOA Record(start of authority record) indicates on which server the reference information about this domain is stored:
Start Of Authority
example.org. 86400 IN SOA ns1.agava.net.ru. noc.agava.com. (
2006092102 ; Serial
10800 ; Refresh
1800; Retry
3600000; Expire
86400); Minimum TTL
This record is created when a zone is created for a domain. If this entry does not exist, the registrar receives error messages like:
It is not possible to obtain an SOA record for the EXAMPLE.ORG domain from the ns2.agava.net.ru.(89.108.64.2) DNS server.
The name field can contain the @ symbol to indicate the name of the current zone. In this example, you could have used @ instead of example.org.
There is no time field. The class is IN (Internet), the type is SOA, and the remaining elements make up the data field.
Server ns1.agava.net.ru is the main name server for this zone.
The entry noc.agava.com indicates the address Email for technical contacts in the format user.machine (not user@machine).
Serial- Serial number. Serial number of the zone file. It should increase every time changes are made to the domain data. When the secondary server wants to check whether data needs to be updated, it checks the SOA record serial number on the primary server.
Refresh- Update. Time in seconds that determines the frequency of checks by the secondary server serial number on primary and starting new exchange, if there is new data on the primary one.
Retry- Repeat. When the secondary server is unable to connect to the primary server after the update time has expired (for example, if the host is down), this value determines the delay time in seconds between update retries.
Expire- Term. If repeated upgrade attempts are unsuccessful within this time, the secondary server destroys its copy of the zone file(s) data and stops responding to requests for that domain. This helps stop the repetition and circulation of very old and potentially inaccurate data.
TTL- Lifetime. This field specifies the time, in seconds, that a resource entry for this zone remains valid in the cache of other servers. If the data changes, this value should be small. TTL is a commonly used acronym that stands for Time To Live.
NS entry(name server) points to the DNS server for this domain.
NameServers
example.org IN NS ns2.agava.net.ru
example.org IN NS ns1.agava.net.ru
Also, for domains below the second level, we can add DNS to partner servers, for example:
love.example.org IN NS ns2.loveplanet.ru
love.example.org IN NS ns1.loveplanet.ru
This will work provided that a zone for these domains is created on the loveplanet.ru servers.
MX Record(mail exchange) or mail exchanger specifies the mail exchange server for a given domain.
Mail eXchangers
example.org IN MX 10 cluster.relay.agava.net
example.org IN MX 20 mail.example.org
The number in front of "cluster.relay.agava.net" is the priority value, a lower number means higher priority. MX records are used by the email system to route mail more efficiently. Using MX records, mail messages are sent not directly to the recipient, but to the mail server on the recipient's node.
In the above example, mail will arrive to the cluster.relay.agava.net server first (priority 10
Record A(address record) - an address record associates a host with an IP address.
Internet Addresses
example.org IN A 192.0.2.77
This entry can be viewed using the host command (for *NIX systems):
$ host example.org
example.org has address 192.0.2.77
The main purpose of an address record is to establish a correspondence between a machine's domain name and an IP address. In fact, this is the main task of the entire domain name system. For this reason, the resource description address record is one of the key zone description records.
Here we will touch on the question of how to change the MX record for your domain. To do this, you need to write us a request from the contact e-mail "a (for individuals) or send a scan of the application letter in free form on the organization’s letterhead with the seal and signature of the manager or responsible person (for legal entities) with a request to change/add an MX record, indicate the IP or name of a new mail server.
CNAME record(canonical name record) or canonical name record is used to redirect to another name.
CNAME denotes the canonical name or synonym of an existing hostname, which must have an A record. Example:
love.example.org IN CNAME loveplanet.ru
SPF records (Sender Policy Framework), which prevent spammers from sending letters on behalf of domains that do not belong to them.
SPF allows the domain owner to specify a specially formed string in the TXT record of the DNS server, indicating a list of servers capable of sending email messages on behalf of this domain.
Mail Transfer Agents receiving mail messages can query SPF information using a simple DNS query, thereby verifying the sender's server.
Example of SPF data in a DNS TXT record:
example.org. IN TXT "v=spf1 a mx -all"
v= specifies the version of SPF to use. The following is a list of verification mechanisms: in this case, “a” and “mx” allow the sending of letters for all A and MX records of the example.org domain. The line ends with "-all" - indicating that messages that fail verification using the listed mechanisms should be ignored.
PTR Record(Pointer) - record-pointer of the “reverse zone”.
The task of finding a domain name by IP address is the reverse of the direct task - finding an IP address by domain name. As mentioned above, the direct problem is solved in DNS using records of type A (Address). The inverse problem is solved using pointer records of the PTR (Pointer) type, which, together with SOA and NS records, constitute a description of the so-called “reverse” zone.
The “reverse” problem is solved by a special domain, the structure of which coincides with the structure of IP addresses. This domain is called IN-ADDR.ARPA. We will not go into the intricacies of his work here; you can read about it in detail at:
Let us only note that We do not register PTR records, due to the impossibility of this operation on virtual hosting.
SRV records(Server selection) indicates the location of servers for certain services, for example, Jabber, Active Directory.
Agava is one of the oldest hosting companies, providing hosting services since 2001. Agava, in terms of the number of clients, is one of the ten most popular hosting services on the Runet; see statistics on acquisitions and losses of .RU domains. The company has its own modern data center in Moscow - “Agava-North”; for tariff plans of the Euro line, servers located in the data center in Prague are used. The company has a license to provide telematic communication services.
Agava boasts a plethora of pricing plans. Since hosting is provided both on the platform and, accordingly, Unix and Windows hosting plans are available for ordering. If we talk about tariffs, they differ not only in the number of available databases or parked domains, but also various restrictions on memory and CPU time usage. This allows you to select best rate depending on traffic and demands on server resources from the site. There are tariffs of the same plan for.
The process of ordering hosting is somewhat complicated due to the amount of information that must be entered into the order form. In my opinion, all this can be greatly simplified.
Free trial period.
Test period 7 days, available only for tariffs on the platform Windows test period is not provided.
There are a number of restrictions during the test period:
- Mail is not available;
- SSH is not available;
- It is not possible to add additional domains;
- Only one subdomain is allowed;
- Only one MySQL database is allowed.
However, in addition to this, in order to start using a test account, you must also confirm, via SMS, the number entered during registration mobile phone or provide a scan of your passport. Confirmation via SMS is available only for Russians mobile operators. It’s not clear why all these delays are needed?
Control Panel.
On virtual Unix hosting, standard CPanel is used to manage the site and hosting. On Windows hosting, Plesk is used for management. Both panels have a Russian interface and allow you to quite effectively manage all available hosting options. Below you can see English versions of these panels.
Technical capabilities of Agava virtual hosting.
It is not possible to track from the hosting control panel what load the site creates on the server. Server load limits vary and depend on tariff plan hosting, .
Inexpensive hosting will be a good start for beginners and is suitable for creating static HTML sites. If your project grows into a commercial resource, you can always choose a more powerful hosting plan with support for PHP and MySQL, for large, high-load sites and professional platforms. Electronic document management (EDF) is available for legal entities (including LLCs), which allows you to quickly exchange documents and carry out transactions with hosting and domain services.
Specifications hosting include high-performance SSD RAID, Linux CentOS or Windows for ASP.NET with support for Python, Java, PHP, Perl and the Django framework (on tariffs starting from Host-A). The ftp server is accessed via FTP and SSH protocols.
The security of your website is important to us, so in addition to the hosting service you will receive for free:
- protection against DDoS attacks;
- unlimited traffic;
- double anti-virus scan;
- SSL certificate.
For better site security, you can additionally order treatment of infected files and advanced spam protection.
When you transfer hosting to REG.RU to any tariff, you will receive a month of service as a gift!
Fighting spam at the user level is the last line of defense. Quite a lot of tools are being developed for this milestone. Just recently, Agava released a spam filter for private users, Agava Spamprotexx. This program is not a trial version created by a group of enthusiasts. This software product was developed by professionals working directly at Agava. Agava company is developing software for more than 6 years and has a staff of over 100 experienced employees. The company's projects on the Russian Internet are among the top five in terms of traffic.
Agava Spamprotexx works based on statistical methods
Some programs of a similar class, for example SpamFilter from DeSofto, delete messages on the server of those letters that the program classifies as spam with a certain level of probability. Agava Spamprotexx does not do this: the mail is downloaded completely. Letters classified as spam are stored in a specific folder, from where the user deletes them himself. This measure helps ensure that loss is avoided necessary information as a result of false-positive results (normal email, classified as spam) of the program. The program does not care what protocol the user uses to receive mail: POP or IMAP, and the program does not even need to specify the specific type of mail protocol.
 |
Agava Spamprotexx works with all email clients and does not require their configuration, while most common filters work as proxy servers: they take mail to themselves and then give it to the client. That is, the client turns to the proxy for mail, which requires changing the settings. Changing the settings itself is not particularly difficult in similar programs, but for an unskilled user it can present certain difficulties. Agava Spamprotexx saves you from this hassle.
If necessary, you can disable the spam filter in one click and work with mail without it. The need for such a shutdown arose once during the testing period of the program: when there was an error sending mail. When contacting the developers, it turned out that the error had already been fixed and an update was needed. Agava Spamprotexx has a function automatic update, but there is no manual, on-demand option. In such cases you have to download updated version manually, using some download manager, and then install new version on top
Program settings
The basic principle of settings is a minimum of hassle for the user
The program settings are very simple and are divided into groups of parameters.
Are common— basic program settings. In this window, you must enter mailing addresses for letters intended for training the program, a label for indexing spam messages, and define a folder for placing filtered letters (if the user is not satisfied with the folder, created by the program default). In the same window you can enable/disable Agava Spamprotexx integration into email clients Microsoft: Outlook Express and Microsoft Outlook.
In these mail clients To train Agava Spamprotexx to receive incoming spam, simply transfer the letter using drag&drop to the appropriate baskets built into the command panel of the mail client. In email clients from other developers, you have to perform a few simple steps to learn. It's less convenient than Outlook, but still not difficult.
Friends— “white” list of verified correspondents. Letters from correspondents from the “white” list are not checked by the program at all. The "white" list consists of email addresses and their corresponding text names. It often happens that spam comes from known addresses - this is called e-mail forgery. At the same time, spammers rarely forge the corresponding text name along with the address. Therefore, the whitelist in Agava Spamprotexx is more reliable than in other programs.
The white list is maintained automatically. If you send an email to someone, their address and text name are added to the white list. If you provide a non-spam message for training, its address and text name will also be added to the white list. If you provide the filter with a spam message for training, its address will be removed from the white list. In order for an address from the “white” list to be protected from deletion, you must manually check the deletion confirmation box next to the specific address. The white list can also be maintained manually.
Ports— the ability to configure certain ports to work under certain protocols, if they differ from those used by default.
 |
Algorithm— the ability to control the coefficient, which serves as a threshold for classifying a message as spam. The default filtering value is 60% - the company's recommended threshold. But the user can either lower the value of this threshold or raise it. If you need to get as few false positives as possible, set the spam cutoff in this Spamprotexx tab to 80 or even 90%. In this case, the user will have to forward larger number samples of spam messages for training, but this will reduce the number of non-spam messages that are incorrectly marked as spam.
Statistics— analysis of the program’s operation. None of the existing spam filters can guarantee 100% protection against spam. First of all, because spam technologies are constantly changing and improving. But the user must monitor the effectiveness of the program, otherwise how can he evaluate the effectiveness of the program and, ultimately, the effectiveness of the funds he has invested.
 |
Program operation
Agava Spamprotexx does not slow down receiving and sending mail at all. By integrating into the mail reception process at a low level, the spam filter checks received and sent mail. Using the learning function, the user configures filters to suit his individual correspondence characteristics. All emails marked as "Spam" end up in a designated folder, which the user can view as needed. The developers claim that Agava Spamprotexx saves up to 20 minutes of user time for every hundred spam messages. This doesn't include nerves.
To learn the program you need to forward a message to a specific address
Training, as already written, is carried out by forwarding messages that have passed through the filter to specific addresses(the algorithm for this operation is described in detail in the User Guide) or by transferring these messages to the appropriate trash bins. During the learning process, the transfer or forwarding operation has to be performed less and less often.
In general, we can say with confidence that Agava Spamprotexx classifies letters quite confidently. It can significantly make life and work easier for those users whose e-mail addresses are freely available on websites, forums, and so on.
Exclusive rights to publish and distribute the program in Russia, the CIS and Baltic countries belong to Novy Disk CJSC. You can get acquainted with the spam filter by downloading the distribution kit from the Agava website. You can purchase Agava Spamprotexx in DVD-box on Softkey or through the company’s online store New disc".
System requirements:
- operating system Microsoft Windows 98SE/ME/NT/2000/XP;
- Pentium processor 100 MHz;
- 32 MB random access memory;
- Internet Explorer 4.0;
- Screen resolution 800x600 with 16-bit color depth.
Purpose of the product
We all receive a large amount of unwanted advertising correspondence every day when using email. When communicating online, we leave our email address on certain resources, which is found by robots that check servers for the presence of email addresses. The lists of addresses collected by robots are then used by spammers to send junk in the form of advertising that the user did not subscribe to and which he does not need at all. Despite the fact that the fight against spammers is becoming tougher from year to year, attempts are being made to introduce legislative bans on sending spam, the flow of unwanted correspondence is only increasing.
To solve this problem, many mail services use specialized software that works in conjunction with mail servers, analyzes incoming mail and filters out some unwanted correspondence. However, not at all mail servers There is protection against spam, and in such cases the user is forced to manually sort incoming correspondence. AGAVA company offers all users a program Spamprotexx, which filters all incoming mail, evaluates each letter and, if spam is detected, moves it to a special folder in the mail client.
In this review, we will look at the capabilities of Spamprotexx, test its operation and evaluate the quality of spam filtering.
To familiarize yourself with the program's capabilities, you can download a fully functional version that will work for 30 days. At the end of this period, the program must be buy. Its price is 10 dollars. The distribution size is 1.2 megabytes.
Installation
The installation of Spamprotexx is completed by a wizard who asks several standard questions during the installation. To complete the installation of the program, you must restart your computer.
Interface
The main window of the program is shown in the figure below.
The purpose of the settings is clear from their names. You can change the two default email addresses for filter training. During the work process, either “breakthrough” spam or normal letters should be sent to these addresses. The filter will evaluate and adjust its further work based on the evaluation results. The label is also set here. which will be added by the filter to the subject of spam emails.
On the tab Friends shown in the figure above, you can fill in a list of addresses from which mail will not be scanned by the filter. On the same tab, you can tell the filter to learn from letters from friends, as examples of non-spam letters. All recipients of letters to whom the user writes are automatically added to the friends list.
This tab contains a list of ports that the filter listens on and the port number to which mail client connections are forwarded for filtering. All port numbers can be changed, as well as added or removed.
Using the slider on this tab, you can adjust the sensitivity of the filter. After the filter evaluates the letter using the Bayesian algorithm, it will compare the score received by the letter with the response threshold specified on this tab. The higher the response threshold, the higher the score a letter must receive in order for the filter to mark it as spam. Thus, increasing the response threshold leads to the filter passing more messages that may be spam.
On last tab Statistics summary information about the operation of the filter, statistics on filter activations, and the state of its training process are displayed.
Right-clicking on the tray icon opens a menu with which you can configure automatic checking for program updates, view the filter operation log, and temporarily disable it.
Working with the filter, training it
The filter's operation is based on the Bayesian algorithm, which evaluates each incoming letter. The Spamprotexx developers have attempted to solve several known problems in the operation of filters using the same algorithm. In detail they described on the developer's website, so we'll look at them briefly.
- Spamprotexx has a mechanism for correcting errors in training, when a letter may be mistakenly sent by the user to the filter database as spam. To correct such an error, it is enough to forward the same letter to the filter database again, but this time as not spam. Spamprotexx will delete the first, erroneous entry.
- Some filters may overtrain, receiving a lot of typical, identical emails as examples of spam. Such filters will gradually assign higher and higher ratings to similar emails. Spamprotexx pre-evaluates the letter, and if he can evaluate it, then the letter will not participate in training.
- The filter analyzes html in letters, paying attention to, for example, text highlighting in color and font size. Due to the fact that html is “parsed”, the filter does not include html tags in the lists of spam words, it pays attention to the characteristic signs of spam. For example, it is unlikely that someone in regular correspondence will highlight several words in bold red font size 24.
- Due to the fact that the filter pays attention to letter headers, even very short letters will be correctly evaluated by it.
- Spamprotexx has a list of short, frequently used words and does not pay attention to them when evaluating a letter. For example, prepositions can be used both in spam emails and in normal correspondence. Therefore, the filter does not evaluate the letter based on such words.
Working with the filter is as simplified as possible for the user. After installing the filter, two baskets appear on the toolbar of the email client.
Training the filter comes down to simply dragging spam and non-spam emails into the appropriate trash bin with the mouse. The second way to learn is to forward the letter as an attachment to one of two virtual addresses that are configured on the tab Are common. Such letters are not sent anywhere, but are analyzed by the filter and used in the future to evaluate new incoming letters.
Immediately after installing the filter and receiving mail for the first time, the filter added a label to the subject of two spam emails. The user is given the opportunity to set up a rule for such letters; they can be moved to a special folder or deleted immediately. Thus, the filter starts working immediately after installation and does not require preliminary training. It is likely that some well-written spam emails will not be marked as spam by the filter. For such cases, the trash can is intended on the toolbar of the email client, where you should move spam emails missed by the filter. Unfortunately, this method only works for Outlook and Outlook Express. For other email clients, there is a second way to train the filter: forwarding a spam letter to a special, virtual address. In the same way, you can “explain” to the filter that the letter it has flagged is not spam. The filter will analyze such a letter and take into account its characteristic features in the future to evaluate new incoming letters. For TheBAT! AGAVA offers plugin, the installation of which will eliminate the need to forward letters to virtual addresses and it will be enough to choose from context menu one of the points Mark as spam or Mark as not spam.
Conclusion
Spamprotexx is an easy-to-use and effective anti-spam tool. The filter is very easy to train, works with any email clients and can analyze email traffic passing through any ports, not just standard ones. Unfortunately, the simple method of dragging spam emails not recognized by the filter to the trash can only works in Microsoft email clients. In all other clients, the letter must be manually sent as an attachment to one of the virtual email addresses, with the exception of TheBAT!, for which there is a special plugin. The filter begins to work immediately after installation; further training only improves the quality of work, but is not mandatory. The developers took into account the shortcomings of other anti-spam tools and created procedures in the filter to solve some fairly well-known problems in the operation of this class of software. The price of the product is only 10 dollars. This is another compelling argument in favor of purchasing it and using it as an excellent addition to a firewall and antivirus to create the most comfortable and safe environment when working on the Internet.
