If this page does not print out automatically, select Print from the File menu.

Open-source spam filter advances

Roger Howorth, IT Week 30 Jun 2005

Open-source spam filter ASSP has been upgraded with a much improved administration interface, Sender Policy Framework (SPF) support, SMTP session limits, IP connection limits and a much better statistics page for reporting on mail traffic.

ASSP is a Perl program, so the same software runs on Linux, Unix, Windows, OS X and most other systems for which a Perl interpreter is available. The upgrade can be downloaded from the first URL below.

The most noticeable addition is the SPF support. The SPF protocol is designed to prevent messages with incorrect return-addresses from being delivered. Because most spam currently has a forged return address, this approach might rapidly become an effective anti-spam measure.

However, SPF requires domain owners to update their Domain Name System (DNS) servers to incorporate SPF-related information. It also requires recipients to verify the extra SPF details. Rather than needing to update all desktop systems, the latest ASSP software could handle this verification for an entire mail system.

The other new features are likely to interest mail system administrators.

The SMTP connection limit can be used to reduce the amount of ASSP work taken by a particular server, which could be used to manage the overall CPU utilisation on a busy server. Similarly, the IP connection limits restrict the number of connections from individual IP addresses, which would be a boon when a firm is suffering a denial of service (DoS) attack on its mail system.

DoS attacks are often caused either by extortionists attempting to disturb normal business processes, or as a side-effect of viruses.

An FBI/Computer Security Institute report released in June said over 99 percent of firms use antivirus tools, but despite this virus incidents were the most common computer security problem in 2004, with 78 percent of firms surveyed reporting virus infections.

These incidents are estimated to have cost US organisations some $55m. The same report said that DoS attacks were the next most expensive security problem.

The web-based administration interface for ASSP includes an improved hierarchical structure to hide unwanted options.

www.itweek.co.uk/2139170
This article was printed from the IT Week web site
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503
Close this window to return to the website