“Spam” is a ubiquitous term for a message sent to a client device that is typically unsolicited by a user of a client device. Spam may be advertising and/or may include one or more malware attachments to the spam message that could launch an attack against a receiving client that opens one of the attachments. A client that sends such unsolicited messages is termed a “spammer.” A spammer may send tens of thousands, or more, spam messages to clients in a short period of time.
Current methods of detecting spam messages rely upon a messaging server examining the clear text of the spam message, examining the clear text version of any attachments to the message, and may also include examining an address of the sender.
Modern messaging services can encrypt message text from end-to-end. Thus, intermediate messaging servers cannot access the clear text of a message or its attachments to help determine whether the message is, or is not, spam.