26 July 2005
Open-source spam filter advances
Open-source spam filter ASSP has been upgraded with a much improved administration interface, Sender Policy Framework (SPF) support, SMTP session limits, IP connection limits and a much better statistics page for reporting on mail traffic.
ASSP is a Perl program, so the same software runs on Linux, Unix, Windows, OS X and most other systems for which a Perl interpreter is available. The upgrade can be downloaded from the first URL below.
The most noticeable addition is the SPF support. The SPF protocol is designed to prevent messages with incorrect return-addresses from being delivered. Because most spam currently has a forged return address, this approach might rapidly become an effective anti-spam measure.
However, SPF requires domain owners to update their Domain Name System (DNS) servers to incorporate SPF-related information. It also requires recipients to verify the extra SPF details. Rather than needing to update all desktop systems, the latest ASSP software could handle this verification for an entire mail system.
The other new features are likely to interest mail system administrators.
The SMTP connection limit can be used to reduce the amount of ASSP work taken by a particular server, which could be used to manage the overall CPU utilisation on a busy server. Similarly, the IP connection limits restrict the number of connections from individual IP addresses, which would be a boon when a firm is suffering a denial of service (DoS) attack on its mail system.
DoS attacks are often caused either by extortionists attempting to disturb normal business processes, or as a side-effect of viruses.
An FBI/Computer Security Institute report released in June said over 99 percent of firms use antivirus tools, but despite this virus incidents were the most common computer security problem in 2004, with 78 percent of firms surveyed reporting virus infections.
These incidents are estimated to have cost US organisations some $55m. The same report said that DoS attacks were the next most expensive security problem.
The web-based administration interface for ASSP includes an improved hierarchical structure to hide unwanted options.
ASSP is a Perl program, so the same software runs on Linux, Unix, Windows, OS X and most other systems for which a Perl interpreter is available. The upgrade can be downloaded from the first URL below.
The most noticeable addition is the SPF support. The SPF protocol is designed to prevent messages with incorrect return-addresses from being delivered. Because most spam currently has a forged return address, this approach might rapidly become an effective anti-spam measure.
However, SPF requires domain owners to update their Domain Name System (DNS) servers to incorporate SPF-related information. It also requires recipients to verify the extra SPF details. Rather than needing to update all desktop systems, the latest ASSP software could handle this verification for an entire mail system.
The other new features are likely to interest mail system administrators.
The SMTP connection limit can be used to reduce the amount of ASSP work taken by a particular server, which could be used to manage the overall CPU utilisation on a busy server. Similarly, the IP connection limits restrict the number of connections from individual IP addresses, which would be a boon when a firm is suffering a denial of service (DoS) attack on its mail system.
DoS attacks are often caused either by extortionists attempting to disturb normal business processes, or as a side-effect of viruses.
An FBI/Computer Security Institute report released in June said over 99 percent of firms use antivirus tools, but despite this virus incidents were the most common computer security problem in 2004, with 78 percent of firms surveyed reporting virus infections.
These incidents are estimated to have cost US organisations some $55m. The same report said that DoS attacks were the next most expensive security problem.
The web-based administration interface for ASSP includes an improved hierarchical structure to hide unwanted options.
# posted by vdodon @ 04:05 
