Reflexion effectively blocks spam without fallible filters
Challenge-and-response approach gives users ample control over who can and can't contact them
Most anti-spam engines use a variety of filtering engines to block messages based on originating IP address of the sender, the domain, words in the message, or a wide variety of other indicators. There are two inherent problems with this approach, however: Spammers are able to change their approaches in order to bypass filters, and at times, filters can block legitimate mail. I regularly receive bounced messages, for instance, because some black-hole lists such as sorbs.net have decided I shouldn't operate an e-mail server on a dynamic DNS address.
RTC (Reflexion Total Control) 3.0 takes a different approach to blocking spam. Rather than filtering messages, it gives each of your users a different alias e-mail address for everyone they correspond with. This is initiated with a challenge/response approach.
For example, suppose someone outside your company sends an e-mail for the first time to Joe Smith at email@example.com. The e-mail will bounce back to the sender with a request to resend it to a new, automatically generated address, such as firstname.lastname@example.org. When the sender replies, he or she will be able to send e-mail freely to the address without being challenged. A legitimate sender presumably will comply with the request; however, most specialized spam-sending e-mail servers won't.
Furthermore, with RTC, users are allowed to generate additional alias addresses themselves to use, for instance, when filling out registration forms on Web sites. A different address could be used for each site, which would allow you to determine which Web vendor sold the address to a third party.
Return to (Unwanted) Sender
Addresses can be set up such that they receive messages only from one domain. Likewise, an address can be set so that it can be shared, and if messages from other senders arrive, those senders are given their own unique addresses to send to. Thus, by its nature, RTC protects against directory harvest attacks, given that mail sent to an alias address from an unapproved sender is blocked.
Although this may seem complex, the process is generally transparent to end-users. They don't have to remember the dozens or hundreds of addresses; RTC maintains them all.
The initial installation is a little more complex than it is for some filtering products because there are a number of additional options from which the administrator must choose. Initial configuration of the IP network information can be done with a keyboard, mouse, and monitor, or via serial terminal.
When that has been accomplished, the rest of the configuration can be completed from the admin's Web console, which is laid out nicely, is easy to navigate, and provides very good help screens. If you need to change IP network information, you will have to go back to the serial terminal; there is no provision to alter network information from the Web console.
When the initial configuration has been completed, you can set up accounts for each end-user. You'll need to enter each account separately; there is no mechanism for bulk importing addresses from a list or from Active Directory or other directories.
Setting the Stage