Anti-Spam

This page presents an overview of spam technologies and links to resources. This is primarily for aspiring student Computer Systems Administrators.

Anti-Spam Technologies

We can categorize techniques to filter spam into three different categories:

  1. Spam filters on the MTA
  2. Spam filtering Appliances
  3. Spam filtering services

Spam Filters on the MTA

Spam filters that run on the MTA work great for small companies or individuals. There exist both for pay and open source projects. Filtering may be done in a number of ways, to broad categories include: Filter email using a proxy so that the MTA doesn't know anything about the filtering mechanism or use mechanisms within the MTA to rank email using one or more spam recognition software packages. Whether your MTA knows that filtering happens or not makes not difference to the user. How filtering happens may make a big difference. Section NetworkSecurity/Spam#FilterTechniques delves more deeply into the how, and my not be of as much interest to some sysadmins or casual users.

To see current list of email filters for MTAs see: http://spam.abuse.net.

Spam Filter Appliances

Spam filter appliances proxy email to internal servers and simplify the system administrators work. These are usually more expensive, but can handle a much larger volume of traffic. Barracuda networks, Symmantic (Brightmail), Borderware, and IronPort are a few to look at. http://www.bestantispamappliance.com/ has a nice review of several appliances, but it may be a bit dated.

Spam Filtering Services

By design these services require you to point your MX record to their servers which first filter it before sending it on to your mail server. The biggest advantage to outsourcing your spam filtering come from the fact that this requires almost no ongoing maintenance beyond setup. If your company doesn't want to spend money on an IT position or your IT department is spread too thin to perform filtering in house, than this may be your best bet. Better to use your IT department to solve your business problem, than to put them on a task that has been solved many times and probably better than they can do it on a limited time/money budget. A good example of this is Postini (now owned by google). Also see http://www.spamfilterservices.com/ for a list and review of different services out there.

Filter Techniques

Filtering techniques may significantly impact your users in several ways. False positives by your filtering solution identify good email as spam and deprive your users of mail they may need or expect to get. False negatives rob your users of time and your company of money

NetworkSecurity/Spam (last edited 2011-04-10 19:29:31 by 24-151-193-255)