                     

                                 Spam Stopper                      

                   (C) Copyright 1997-98 Computerized Horizons

                              All Rights Reserved



INTRODUCTION
============

     This program will automatically delete spam (unsolicited
E-mails) sent to your users, so that they do not have to spend
the time, energy, money, etc. to download and read them.  The users
always have control, so they override the default settings, if they
wish to receive any spam.

     This program can help differentiate you from other ISPs that
are unable to block spam.



INSTALLATION
------------

     Just type A:INSTALL, and add your activation code in the Level 4
CNF options.  Then, you'll likely want to add Spam Stopper to your
menu tree, so that users can change their settings (and add their own
filters).  ALSO MAKE SURE to change the Level 4 CNF option DOMAINS
to list all E-mail domains a user can have (either your normal
domain, or a list of all domains that users may use for their
E-mail address).

     If you enable the Spam Routing detection (to make sure that
mass spammers do not route E-mail through your system), you MUST
also set the SPAMIP and DOMAINS options!


DEMO MODE
---------

     If you have not purchased Spam Stopper from Computerized Horizons,
you may run it in the demo mode.  The demo mode lets you choose one
User-ID that Spam Stopper will work for.  By default, this is set to
"Sysop".  Just enter the User-ID in the Level 4 CNF option ACTCOD.


SYSOP OPERATION
---------------

     You'll want to check the CNF options to see if there is anything
you want to change.

     To edit the Master Filter, just edit the file HORSPAM.LST (using
any text editor).  This can be done while the system is up.  It is
quite simple, each line is a separate filter.  There are three levels
of Master Filters:  KILL, MAYBE and EXEMPT.  The name of the filter
appears first, and then the text of the filter.

     For example, "KILL cyberpromo.com" would cause messages with the
text "cyberpromo.com" to get deleted (unless, of course, the user it
was sent to turned off the "Master List Filtering"), whether their
level is set as NORMAL or HIGH.  You can use MAYBE (IE "MAYBE dear sir")
as you would KILL, except that it will only kill the message if the
user has their spam detection level set to HIGH.

     You can also use EXEMPT, such as "EXEMPT horizons@fcc.com", which
would make sure that any messages with "horizons@fcc.com" would not
get deleted, even if they contained keywords that would otherwise
cause them to be deleted.  The EXEMPT filters are especially useful if
you find that Spam Stopper thinks that listserver messages are spam.

     The text/keywords must be at least 4 characters long.  This is a
safety feature to prevent you from accidentally entering "KILL A", for
example, which would block all E-mails with the letter A in them.  The
keywords are checked in the headers (if applicable) and the body of
the message.


USER OPERATION
--------------

     When a user starts Spam Stopper, they are given the choice of
toggling the 5 various Spam Stopper filters (Advertisement blocking,
Master List filtering, New Spam blocking, Custom Filters, and
Header Analysis), getting help, or adding their own filters.

     Advertisement blocking will block any messages that have the
word "Advertisement" (case insensitive) as the first word of the
subject (as per the proposed Murkowski bill).

     Master List filtering will block any messages that contain text
listed in the Master List, which is system-wide and not user
configurable.  It is expected that users will want to keep this on,
but they have the option to turn it off.

     The Master List filtering can either be set to NORMAL or HIGH.
The NORMAL setting will block a lot of spam, but not all.  However,
it has the benefit of almost never causing "false alarms."  The HIGH
setting will block almost all spam, but could possibly cause false
alarms (which would delete a non-spam E-mail).

     New Spam blocking is a feature unique to Spam Stopper.  The
theory behind it is similar to virus scanners that can detect viruses
that haven't been created yet.  Rather than scanning for certain text
from known spammers, Spam Stopper analyzes messages and compares them
to other messages to determine if the message is a spam.  Although it
won't catch all new spam, it will catch a lot (especially if you have
a lot of users that are being sent spam).

     The Custom Filter option just toggles whether or not the custom
filter is active.  A user can choose what text to filter, similar to
the Master List (except they don't have the choice of MAYBE for 

     Finally, there is the option for Header Analysis.  This will
analyze the headers of messages to check for telltale signs of
spammers.  About 85% of all spam can be detected with the Header
Analysis.  However, be aware that mass distributed messages (such
as a company sending 1,000's of E-mails to its customers that have
requested such a message) may trigger the Header Analysis to delete
the message.


SPAM ROUTING
------------

     The Worldgroup 3.0 versions of Spam Stopper (that use the
Galacticomm SMTP server) have a "Spam Routing detection" option
that will prevent mass spammers from using your system to send
their spam.

     To use this, you first need to set the Level 4 CNF option
ROUTING to YES.  Then, you will need to set the DOMAINS option to
list all the valid domains that users at your site can receive
E-mail on.  You must also set the SPAMIP option to list the IP
range(s) that your users may be coming from.

     If you wish to totally block outside usage of your SMTP
server (if your users will only be coming from your range of IP
addresses), you can set LENIENT to NO.  This will guarantee that
mass spam will not be routed through your system, unless the
person does so from one of your IP addresses (in which case you
can easily find out who it was).

     If your users may be coming from an outside IP address to
send their E-mail, you will need to set LENIENT to YES, in order
to let them use your SMTP server.  However, you can still have
some protection against mass spammers by using the HELOTXT,
FROMTXT, and MAXOUT options.

     The HELOTXT option will force people from outside IP
addresses to have certain text in their HELO field.  This means
that their E-mail software must be set up to have a domain
listing within your domain.  For example, if you set the HELOTXT
option to "smiles.com", a user with their E-mail domain set to
"user.smiles.com" will be able to use your SMTP server, even if
they are not on one of your IP addresses.

     The FROMTXT option works in a similar way, except it forces
the FROM address to have certain text in it.  For example, if you
set this to "smiles.com", then a user who has their return E-mail
address set to "user@smiles.com" will be able to send E-mail
through your SMTP server, even if they are not on one of your IP
addresses.

     The MAXOUT option lets you limit the number of CC's that can
be associated with an E-mail that is sent from someone outside
your IP range.  For example, if you set this to 3, then your users
will only be able to send a copy of an E-mail to a maximum of 3
users if they are coming in from an IP address outside your IP
range (users in your IP range will not be restricted).  Most mass
spammers use lots of CC's.

     
LOG FILE
--------

     Spam Stopper produces a log file, which keeps track of what
messages it has deleted, as well as when it detects mass spam (the
same spam affecting many users).  It is recorded in HORSPAM.LOG.


