Controlling mail message flow by content analysis
|
|
- Eugenia McKenzie
- 8 years ago
- Views:
Transcription
1 Controlling mail message flow by content analysis Ralf Hildebrandt Patrick Ben Koetter Open Source Days 2008 Copenhagen, 04. October 2008
2 1 Stages of spam-prevention Where can spam be controlled? Split anti spam measures SMTP Session Control Content Control 2 Integrating amavid-new into Postfix smtpd_proxy_filter content_filter Where is the difference? 3 The nature of content control Risks Requirements 4 amavisd-new History Architecture
3 5 Implementations Typical Mailserver Typical Mailgateway A dedicated Scanhost 6 Basic Setup Logging Virus Scanners Spam Scanners Quarantine Notification 7 Housekeeping Quarantine Management Quarantine Notification Quarantine Release Log analysis and statistics
4 8 Individualization Maps LDAP Policy Banks Policy Banks Example 9 Beyond the standard stuff Keeping SpamAssassin up to date Extending SpamAssassins rules Extending ClamAV patterns Pen-Pals p0f - passive operating system fingerprinting DKIM - Domainkeys Identified Mail
5 Scan before and after queue can be scanned before and after queueing
6 Split anti spam measures Measures are typically split
7 A day in the life of a mail server More than 98% of mail is spam.
8 A not so good idea... Content scanning is resource expensive. Don t let the full load hit the content scanner
9 SMTP Session Control reduces load Reject early! Use SMTP Session Control to minimize the mail that hits after queue measures
10 Limitations of Before-Queue-Scanning In a perfect world content inspection takes place before queuing, but clients may run into a timeout.
11 SMTP Session Control Best practices require RFC compliance from your senders require RFC compliance first kill spam later order restrictions from cheap to expensive allow for exceptions!
12 smtpd_recipient_restrictions I Cheap restrictions: smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, check_client_access cdb:/etc/postfix/mynetworks permit_sasl_authenticated, reject_unauth_destination, reject_unlisted_recipient,... These keep your users from sending the worst nonsense.
13 smtpd_recipient_restrictions II Cheap restrictions:... check_helo_access pcre:/etc/postfix/helo_checks.pcre, reject_invalid_helo_hostname reject_non_fqdn_helo_hostname check_recipient_access cdb:/etc/postfix/roleaccount_exceptions, check_sender_access cdb:/etc/postfix/sender_checks check_sender_access pcre:/etc/postfix/sender_checks.pcre... We re checking the HELO for obvious signs of forgery and block some senders.
14 smtpd_recipient_restrictions III Expensive restrictions:... check_client_access check_sender_mx_access check_sender_ns_access check_sender_mx_access check_sender_mx_access check_sender_mx_access check_client_access cidr:/etc/postfix/drop.cidr cidr:/etc/postfix/drop.cidr cidr:/etc/postfix/drop.cidr cidr:/etc/postfix/bogon_networks.cidr, cidr:/etc/postfix/wildcard_mx_records.cidr, cdb:/etc/postfix/mx_accepts_no_bounces cdb:/etc/postfix/client_checks The checks using cidr:/etc/postfix/drop.cidr check if a sender domain s MX or NS record point to networks controlled by spammers. This cidr:/etc/postfix/bogon_networks.cidr check if a sender domain s MX record points to private netspace....
15 smtpd_recipient_restrictions IV Expensive restrictions:... reject_unknown_reverse_client_hostname reject_rbl_client zen.spamhaus.org reject_rbl_client bl.spamcop.net reject_rbl_client b.barracudacentral.org check_sender_access cdb:/etc/postfix/rhsbl_exceptions reject_rhsbl_sender dsn.rfc-ignorant.org
16 Consequences Postfix rejects a lot of connections early content_filter and smtpd_proxy_filter are relieved from a lot of load (90% rejection rate)
17 header_checks header_checks check headers only: /^Received: from.*by nomail\.charite\.de/ REJECT Fake nomail.charite.de Received: Header found /Date:.*([3-9].:..: 2[4-9]:..: :[6-9].: :..:6[1-9])/ REJECT Invalid time "${1}" in Date header
18 mime_header_checks mime_header_checks check MIME-headers only: /name=\"(.*)\.(386 bat chm cmd com do exe hta jse lnk msi)\"$/ REJECT Unwanted attachment $1.$2
19 body_checks body_checks checks everything that s not a header: if /^Received: from.*by mail(-ausfall)?\.charite\.de/!/ \(Postfix\) with /i REJECT Fake charite.de Received: Header found, this \ is a bounce for a mail our system did not send! endif
20 smtpd_proxy_filter Accept mail from the internet, pass it on to the filter on [ ]:10025 Caution Enable XFORWARD this allows amavisd-new to see the actual client instead of just smtp inet n smtpd -o receive_override_options=no_address_mappings -o smtpd_authorized_xforward_hosts= /8 -o smtpd_authorized_xclient_hosts= /8 -o smtpd_proxy_filter=[ ]:10025
21 Reinjection Accept the mail back into Postfix after amavisd-new is done with it: Caution Disable filter on reentry! localhost:10026 inet n smtpd -o smtpd_proxy_filter= -o content_filter= -o receive_override_options=no_unknown_recipient_checks -o smtpd_authorized_xforward_hosts= /8 -o smtpd_authorized_xclient_hosts= /8 -o mynetworks= /8 -o smtpd_recipient_restrictions=permit_mynetworks,reject -o syslog_name=reinjection
22 content_filter Accept mail from the internet, pass it on to the filter on [ ]:10025 Caution Enable XFORWARD this allows amavisd-new to see the actual client instead of just smtp inet n smtpd -o receive_override_options=no_address_mappings -o smtpd_authorized_xforward_hosts= /8 -o smtpd_authorized_xclient_hosts= /8 -o content_filter=smtp:[ ]:10025
23 Where is the difference? Caution with smtpd_proxy_filter the mail is processed as it arrives ( just in time -scanning) with content_filter the mail is queued first and scanned later Clients may not be patient enough to wait until your system is willing to accept and process mail.
24 The nature of content control
25 Risks Content contains malware Content may decompress without bounds (compression bombs) Content cannot be scanned (encrypted) Content cannot be categorized
26 Requirements Unpack into sandbox Apply limits to size(s) Apply warnings to messages
27 A brief history Shell script that pipes mail to a scanner (1997) First Perl program (2000) Perl daemon (2001) Modular Design (2002) Perl daemon, pre-fork, NET::Server ( ) by Marc Martinec Add internal Anti Spam methods (2006) Add p0f, pen-pals (2007) Add DKIM (2008)
28 Internal Process Chain is processed in several stages
29 Decomposing Save resources! Decompose once, analyze multiple times Configuration settings $MAXLEVELS $MAXFILES $MIN_EXPANSION_QUOTA $MAX_EXPANSION_QUOTA
30 Adding Information p0f results DKIM signature verification results XFORWARD data
31 Content Inspection SpamAssassin is the default Anti-Spam tool Adding dspam is optional ClamAV is the default Anti-Virus tool Internal Methods Inspect MIME types Check if suffix is black-/whitelisted
32 Content Classification CLEAN SPAMMY SPAM VIRUS BANNED BADH OVERSIZED MTA
33 Actions Store (bad) message in quarantine Archive any message that flows through the system Reinject message into SMTP transport Notify sender/recipient about the message status D_REJECT a message D_DISCARD a message D_BOUNCE a message D_PASS a message
34 DKIM Signing... a domain-level authentication framework for using public-key cryptography and key server technology to permit a signing domain to assert responsibility for a message, thus protecting message signer identity and the integrity of the messages... Generate private key and public certificate Provide a per-domain/per-user list of DKIM signature options Add DKIM signatures to outgoing messages
35 Typical Mailserver Everything takes place on one machine.
36 Typical Mailgateway The gateway examines content. Follow-Up systems only do SMTP session control.
37 A dedicated Scanhost Gateways do SMTP session control. Content control is done by a dedicated Content Inspection server.
38 Logging syslog or native loglevel from silent to go buy new harddisks
39 Virus Scanners primary scanners are/should be daemons secondary scanners are scripts They are called only if primary scanners are not available Both groups allow to define a chain of defining ClamAV access parameters [ ClamAV-clamd, \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"], qr/\bok$/, qr/\bfound$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ]
40 Spam Scanners amavisd-new uses Mail::SpamAssassin as default spam scanner dspam can be used as an alternative amavisd-new only configures/controls a few SpamAssassin parameters Additional SpamAssassin configuration makes SA more efficient Caution amavisd-new does not use spamc or spamd!
41 Quarantine Quarantine destinations are send message to a mailbox store message in a file store message in a SQL server
42 Notification sender and recipients can be notified about a messages status notifications can be enabled on a global, a per-domain or on a per-user basis transport method can be set separately from the regular $forward_method powerful macros and templates customize notification messages
43 Quarantine Management amavisd-release releases messages from quarantine Messages can be sent as attachments amavisd-release is not enabled by default Enabling amavisd-release in amavisd.conf $interface_policy{ SOCK } = AM.PDP ; $policy_bank{ AM.PDP } = {protocol=> AM.PDP }; $unix_socketname= /var/amavis/amavisd.sock ;
44 Quarantine Notification
45 Releasing a message from Quarantine p@mail:~$ sudo amavisd-release virus-monrpcyyy3wo [sudo] password for p: Ok: queued as A974B820007
46 Viewing a released message
47 Log analysis and statistics Know your enemy! mailgraph overall picture at a glance amavisd-nanny gives you info about what the processes are doing amavisd-agent gives SNMP-style statistics amavisd-logwatch catch trends, document daily work manual inspection inspect manually
48 amavisd-nanny
49 mailgraph
50 mailgraph II
51 amavisd-agent
52 amavisd-logwatch
53 Individualization I Problem amavisd-new carries lots of legacy code! amavisd-new started as a single user script multi user environment requires individual settings newer groups of parameters wrap around older groups like layers of onion skin Map Types Single setting Lists Regular Expression
54 Individualization II Layers of onion skin # Check for = ( \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re ); # Check for = ( \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re );
55 Maps amavisd-new has a map for nearly @virus_name_to_spam_score_maps...
56 Maps Uses for maps domains create a list of domains amavisd is responsible for exclusion exclude someone from a check exception deliver mail even if it is banned
57 Maps: Domains Postfix and amavisd-new share = ( \@local_domains_acl, read_hash( /etc/postfix/virtual_mailbox_domains );
58 Maps: Exclusion Exclude a user from spam = ( ["user\@example.com"] );
59 Maps: Domains Allow a user to receive banned = ( ["user\@example.com"], );
60 LDAP I Benefits Enterprise ready Single configuration backend Simplify user administration Fast read access
61 LDAP II Enabling and configuring LDAP lookups in amavisd-new # Enable LDAP $enable_ldap = 1; # LDAP access $default_ldap = { hostname => localhost, port => 389, version => 3, timeout => 120, tls => 0, base => ou=people,dc=example,dc=com, scope => sub, query_filter => (&(objectclass=amavisaccount)(mail=%m)), bind_dn => cn=amavis,ou=services,dc=example,dc=com, bind_password => secret, };
62 amavisd-new LDAP Schema I
63 amavisd-new LDAP Schema II LDAP User Object using amavisaccount dn: objectclass: organizationalperson objectclass: person objectclass: top objectclass: PostfixBookMailAccount objectclass: extensibleobject objectclass: amavisaccount amavisbannedadmin: amavislocal: TRUE cn: Patrick Koetter givenname: Koetter mail: mailalias: mailalias: mailenabled: TRUE mailgidnumber: 2000 mailhomedirectory: /srv/mail/example.com/patrick mailquota: mailstoragedirectory: maildir:/srv/mail/example.com/patrick/maildir mailuidnumber: 2000 sn: Patrick uniqueidentifier: userpassword:: ye6xu9th==
64 Why use Policy Banks? Run one instance of amavisd-new Offer different behaviours (policies) Use port and/or client IP to identify policy bank
65 How Policy Banks work
66 An Example Policy Bank I A policy bank ALT $policy_bank{ ALT } = { log_level => 3, syslog_ident => alt-amavis, syslog_facility => LOCAL3, inet_acl => [qw( )], final_spam_destiny => D_PASS, final_bad_header_destiny => D_PASS, forward_method => smtp:*:*, notify_method => smtp:[ ]:10025, virus_admin_maps => "abuse\@alt\.example\.com", spam_lovers_maps => [qw( abuse@example.com )] ],... };
67 An Example Policy Bank II Assign policy to port $interface_policy{ } = ALT ;
68 Beyond the standard stuff
69 Keeping SpamAssassin up to date Spammers use SpamAssassin to optimize their spam Patterns start to get old the day you download them Use sa-update to update your SpamAssassin rules sa-update creates a new directory SpamAssassin first loads the packaged rules and then the updated ones
70 Extending SpamAssassins rules The standard ruleset has a narrow score corridor Rules Emporium adds more weight to scores Rules Emporium adds spezialized rules Use sa-update to install and update these rules
71 Extending ClamAV patterns ClamAV is just a content inspection engine Additional rule patterns add additional functionality Use for Phishing and Scam Signatures...
72 Pen-Pals Question Is it spam if you start talking about sex and your friend replies? amavisd-new can track who started a discussion apply lower scores to replies in a discussion that had been started by you
73 p0f - passive operating system fingerprinting p0f is a passive OS fingerprinting tool identifies the OS (type, version, patch level, etc.) on machines that connect to your box (SYN mode)
74 A p0f fingerprint in a message
75 p0f-analyzer.pl amavisd-new queries p0f via the p0f-analyzer.pl script passes the OS information as a header field to SpamAssassin SpamAssassin rules apply scores depending on the OS detected Invocation of p0f # Query p0f-analyzer.pl $os_fingerprint_method = p0f:*:2345 ;
76 Some statistics collected from Marc s logs in February 2006: p0f OS guess ham : spam Windows-XP 0.7 % : 99.3 % Windows % : 94.2 % UNKNOWN 16.5 % : 83.5 % Linux 58.8 % : 41.2 % Unix 80.3 % : 19.7 % (Unix+Linux 66.5 % : 33.5 %) ham mail with score below 3 spam score above 6
77 Scores in SA s local.cf describe L_P0F_EXISTS A header field X-Amavis-OS-Fingerprint does exist header L_P0F_EXISTS exists:x-amavis-os-fingerprint describe L_P0F_WXP Remote system is truly a Windows XP, not Windows 2000 header L_P0F_WXP X-Amavis-OS-Fingerprint =~ /\AWindows XP(?![^(]*\b2000 SP)/m score L_P0F_WXP 2.3 describe L_P0F_W Remote system is some Windows variant, except Win. XP header L_P0F_W X-Amavis-OS-Fingerprint =~ /\AWindows(?! XP)/m score L_P0F_W 1.3 describe L_P0F_UNKN P0f was unable to determine remote OS type header L_P0F_UNKN X-Amavis-OS-Fingerprint =~ /\AUNKNOWN/m score L_P0F_UNKN 0.8 describe L_P0F_Unix Remote system is running Unix, not Linux header L_P0F_Unix X-Amavis-OS-Fingerprint =~ /\A((Free Open Net)BSD Solaris \ HP-UX Tru64 AIX)/m score L_P0F_Unix -1.0 describe L_P0F_Unix Remote system is running Linux header L_P0F_Linux X-Amavis-OS-Fingerprint =~ /\ALinux/m score L_P0F_Linux -0.1
78 DKIM - Domainkeys Identified Mail Goal Sign messages using a digital identity Establish a good sender reputation Use sender reputation to tell good from neutral or bad messages DKIM is a standard (RFC 4871). It describes a framework to cryptographically sign messages cryptographically verify messages
79 How DKIM works...
80 How to apply DKIM signatures in amavisd-new... Version You need amavisd-new 2.6 or later to implement DKIM Cryptographic keys Create a pair of cryptographic keys: # amavisd genrsa /path/to/keylocation/selector DKIM configuration example $enable_dkim_verification = 1; $enable_dkim_signing = 1; # signing domain selector private key options dkim_key ( example.org, abc, /var/db/dkim/a.key.pem );
81 How DKIM works...
82 How to verify DKIM signatures in SpamAssassin... Loading the plugin in v320.pre loadplugin Mail::SpamAssassin::Plugin::DKIM Setting DKIM rules in local.cf score DKIM_VERIFIED -1.3 score DKIM_POLICY_TESTING 0 score USER_IN_DKIM_WHITELIST -4.0 whitelist_from_dkim *@state-of-mind.de state-of-mind.de whitelist_from_dkim *@intl.paypal.com paypal.com
83 Questions? Ralf Hildebrandt Patrick Ben Koetter Slides amavisd.pdf
Spam fighting with Postfix
Spam fighting with Postfix Using technology to fight a social problem Devdas Bhagat Postfix Antispam workshop: Apricot 2004 p. 1 Introduction Postfix in the anti spam war "If you think technology can solve
More informationEnhanced Spam Defence
Enhanced Spam Defence An approach to making SMTP connect time blocking a reliable method for e-mail filtering By John Jensen, Topsec Technology Ltd. As the spam problem keeps growing and the associated
More informationPostfix. by Rod Roark http://www.sunsetsystems.com/
Postfix by Rod Roark http://www.sunsetsystems.com/ Terminology MTA MDA MUA SMTP IMAP POP3 UCE Mail Transfer Agent Receives mail from or sends mail to other computers Talks with other MTAs and certain other
More informationPostfix Configuration and Administration
c 2007 Patrick Koetter & Ralf Hildebrandt state-of-mind LISA 07 Dallas, November 2007 System architecture System metaphor SMTP UUCP QMQP sendmail Postfix SMTP LMTP local pipe virtual transport aliases
More informationone million mails a day: open source software to deal with it Charly Kühnast Municipal Datacenter for the Lower Rhine Area Moers, Germany
one million mails a day: open source software to deal with it Charly Kühnast Municipal Datacenter for the Lower Rhine Area Moers, Germany Internet many years ago... mail server mail client Seite: 2 today,
More informationFighting Spam: Tools, Tips, and Techniques
Fighting Spam: Tools, Tips, and Techniques Brian Sebby Argonne National Laboratory NetSecure 08 IIT Center for Professional Development Part I: Introduction 2 Argonne National Laboratory IT Environment
More informationWhat is a Mail Gateway?... 1 Mail Gateway Setup... 2. Peering... 3 Domain Forwarding... 4 External Address Verification... 4
Contents CHAPTER 1 IMail Secure Server as a Mail Gateway What is a Mail Gateway?... 1 Mail Gateway Setup... 2 CHAPTER 2 Possible Mail Gateway Configurations Peering... 3 Domain Forwarding... 4 External
More informationConfigure a Mail Server
SECTION 3 Configure a Mail Server In this section of the workbook, you learn how to do the following: Send Mail to root on 3-3 In this exercise, you send an email to user root using the mail command and
More informationSecurity. Help Documentation
Help Documentation This document was auto-created from web content and is subject to change at any time. Copyright (c) 2016 SmarterTools Inc. Security Antivirus Administration SmarterMail is equipped with
More informationAnalysis of Spam Filter Methods on SMTP Servers Category: Trends in Anti-Spam Development
Analysis of Spam Filter Methods on SMTP Servers Category: Trends in Anti-Spam Development Author André Tschentscher Address Fachhochschule Erfurt - University of Applied Sciences Applied Computer Science
More informationPostfix Anti-Spam Workshop
Ralf Hildebrandt c 2007 state-of-mind LISA 07 Dallas, November 2007 Methods Which methods are available? In order to prevent spam from reaching the users mailboxes there are basically four methods: syntactic
More informationImplementing MDaemon as an Email Security Gateway to Exchange Server
Implementing MDaemon as an Email Security Gateway to Exchange Server Introduction MDaemon is widely deployed as a very effective antispam/antivirus gateway to Exchange. For optimum performance, we recommend
More informationE-mail Content Scanning with Exim 4
E-mail Content Scanning with Exim 4 Tim Jackson (tim@timj.co.uk) Overview Introduction to content scanning Content scanning at the MTA issues Methods of implementing content scanning Accept-and-scan SMTP-time
More informationAntiSpam QuickStart Guide
IceWarp Server AntiSpam QuickStart Guide Version 10 Printed on 28 September, 2009 i Contents IceWarp Server AntiSpam Quick Start 3 Introduction... 3 How it works... 3 AntiSpam Templates... 4 General...
More informationEiteasy s Enterprise Email Filter
Eiteasy s Enterprise Email Filter Eiteasy s Enterprise Email Filter acts as a shield for companies, small and large, who are being inundated with Spam, viruses and other malevolent outside threats. Spammer
More informationMath SMTP Server Configuration
Math SMTP Server Configuration Šarūnas Burdulis Version 1, August 3, 2005 Contents 1 Requirements for SMTP Service at Math 1 2 Exim 4 1 3 Spam Filtering 2 4 Virus Detection 3 5 Authentication and TLS 4
More informationSonicWALL Email Security Quick Start Guide. Version 4.6
SonicWALL Email Security Quick Start Guide Version 4.6 Quick Start Guide - Introduction This document guides you through the most basic steps to set up and administer SonicWALL Email Security. For more
More informationMail Avenger. David Mazières New York University
Mail Avenger David Mazières New York University Early design goals for email Work over weakly connected networks - E.g., early Internet, UUCP, etc. - Move mail closer to recipient whenever you can... -
More informationeprism Email Security Appliance 6.0 Release Notes What's New in 6.0
eprism Email Security Appliance 6.0 Release Notes St. Bernard is pleased to announce the release of version 6.0 of the eprism Email Security Appliance. This release adds several new features while considerably
More informationPostfixAdmin 3.0. Mailserver administration made easy. Christian Boltz
PostfixAdmin 3.0 Mailserver administration made easy Christian Boltz cboltz@opensuse.org listen What is PostfixAdmin? Web interface to manage your mailserver: domains mailboxes aliases (forwarding) alias
More informationCipherMail Gateway Quick Setup Guide
CIPHERMAIL EMAIL ENCRYPTION CipherMail Gateway Quick Setup Guide October 10, 2015, Rev: 9537 Copyright 2015, ciphermail.com. CONTENTS CONTENTS Contents 1 Introduction 4 2 Typical setups 4 2.1 Direct delivery............................
More informationTechnical Note. FORTIMAIL Configuration For Enterprise Deployment. Rev 2.1
Technical Note FORTIMAIL Configuration For Enterprise Deployment Rev 2.1 April 7, 2009 Table of Contents 1 Introduction... 3 1.1 Objective... 3 1.2 Network deployment... 3 1.3 Convention... 3 2 System
More informationCopyright 2011 Sophos Ltd. Copyright strictly reserved. These materials are not to be reproduced, either in whole or in part, without permissions.
PureMessage for Microsoft Exchange protects Microsoft Exchange servers and Windows gateways against email borne threats such as from spam, phishing, viruses, spyware. In addition, it controls information
More informationPostfix: Status Quo current development an overview
Postfix: Status Quo current development an overview LinuxForum 2006 Copenhagen, 04. March 2006 About T-System Business Services I just work there, I don t sell stuff I reckon we do sailing stuff strategic
More informationExim4U. Email Server Solution For Unix And Linux Systems
Email Server Solution For Unix And Linux Systems General Overview, Feature Comparison and Screen Shots Exim4U Email Server Solution For Unix And Linux Systems Version 2.x.x October 12, 2012 Copyright 2009
More informationDevdas Bhagat devdas.b@gmail.com. Spam Control
Spam Control Definitions Spam is Unsolicited Bulk Email SPAM is canned pig meat. The spam cartel Who are the major players? People sending spam Major companies who send spam ISPs with an eye to make a
More informationThe basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.
Elements of Email Email Components There are a number of software components used to produce, send and transfer email. These components can be broken down as clients or servers, although some components
More informationSESA Securing Email with Cisco Email Security Appliance Parts 1 and 2
Course Overview Securing Email with Cisco Email Security Appliance (SESA) combines Parts 1 and 2 (SESA1, SESA2) into a single three day course. Students learn to use Cisco Email Security Appliances (ESA's)
More informationUsing WinGate 6 Email. Concepts, Features, and Configurations.
WinGate Feature Guide Using WinGate 6 Email Concepts, Features, and Configurations. Neil Gooden Qbik New Zealand Limited Rev 1.0 December 2004 2 Introduction...3 Basic Email Concepts... 3 Differences in
More informationClearswift Information Governance
Clearswift Information Governance Implementing the CLEARSWIFT SECURE Encryption Portal on the CLEARSWIFT SECURE Email Gateway Version 1.10 02/09/13 Contents 1 Introduction... 3 2 How it Works... 4 3 Configuration
More informationGFI Product Manual. Administration and Configuration Manual
GFI Product Manual Administration and Configuration Manual http://www.gfi.com info@gfi.com The information and content in this document is provided for informational purposes only and is provided "as is"
More informationFortiMail Email Filtering. Course 221 (for FortiMail v5.0) Course Overview
FortiMail Email Filtering Course 221 (for FortiMail v5.0) Course Overview FortiMail Email Filtering is a 2-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed
More informationFortiMail Email Filtering Course 221-v2.2 Course Overview
FortiMail Email Filtering Course 221-v2.2 Course Overview FortiMail Email Filtering is a 2-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed to design, configure,
More informationVisendo Email Suite a reliable solution for SMBs
Visendo Email Suite a reliable solution for SMBs Visendo offers a range of Email solutions to assist companies in meeting complex e-mail requirements Visendo Security for Email Servers Multi-engine spam
More informationObjective This howto demonstrates and explains the different mechanisms for fending off unwanted spam e-mail.
Collax Spam Filter Howto This howto describes the configuration of the spam filter on a Collax server. Requirements Collax Business Server Collax Groupware Suite Collax Security Gateway Collax Platform
More informationFortiMail Email Filtering Course 221-v2.0. Course Overview. Course Objectives
FortiMail Email Filtering Course 221-v2.0 Course Overview FortiMail Email Filtering is a 2-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed to configure,
More informationTechnical Note. ISP Protection against BlackListing. FORTIMAIL Deployment for Outbound Spam Filtering. Rev 2.2
Technical Note ISP Protection against BlackListing FORTIMAIL Deployment for Outbound Spam Filtering Rev 2.2 April 14, 2009 Table of Contents 1 Objective IP address protection... 3 1.1 Context... 3 1.2
More informationESET Mail Security 4. User Guide. for Microsoft Exchange Server. Microsoft Windows 2000 / 2003 / 2008
ESET Mail Security 4 for Microsoft Exchange Server User Guide Microsoft Windows 2000 / 2003 / 2008 Content 1. Introduction...4 1.1 System requirements... 4 1.2 Methods Used... 4 1.2.1 Mailbox scanning
More informationEMB. E-Mail Basics. Goals of this lab: Prerequisites: LXB, NET, DNS
EMB E-Mail Basics Goals of this lab: Learn how e-mail works under the hood Learn about spam filtering and virus scanning Gain experience setting up a full-fledged e-mail service Prerequisites: LXB, NET,
More informationEnglish Translation of SecurityGateway for Exchange/SMTP Servers
Testing: Alt N Technologies SecurityGateway by Sandra Lucifora Administrators spend a considerable amount of their time on the job on eliminating unwanted messages. Viruses, Phishing, and Spoofing pose
More informationEmail Filtering with Open Source Software. OLUG June 7, 2005
Email Filtering with Open Source Software OLUG June 7, 2005 Presenter Bio Undergraduate Education Nebraska Wesleyan University B.A. Business Administration Minor Computer Science Professional Experience
More informationETH Zürich - Mail Filtering Service
Eidgenössische Technische Hochschule Zürich Swiss Federal Institute of Technology Zurich Informatikdienste / IT-Services ETH Zürich - Mail Filtering Service (TERENA 2009) 09 Dec 2009 - D. McLaughlin (davidmcl@ethz.ch)
More informationGuardian Digital Secure Mail Suite Quick Start Guide
Guardian Digital Secure Mail Suite Quick Start Guide Copyright c 2004 Guardian Digital, Inc. Contents 1 Introduction 1 2 Contacting Guardian Digital 2 3 Purpose of This Document 3 3.1 Terminology...............................
More informationTHE DEFINITIVE GUIDE TO SETTING UP A LINUX RELAY SERVER FOR MICROSOFT EXCHANGE SERVER
THE DEFINITIVE GUIDE TO SETTING UP A LINUX RELAY SERVER FOR MICROSOFT EXCHANGE SERVER 2000/2003 With Mandriva 2007.1 Spring, Postfix, Spamassassin, Clamav... Index INTRODUCTION...2 What you will need:...2
More informationEmail Migration Project Plan for Cisco Cloud Email Security
Sales Tool Email Migration Project Plan for Cisco Cloud Email Security 2014 Cisco and/or its affiliates. All rights reserv ed. This document is Cisco Conf idential. For Channel Partner use only. Not f
More informationSimplicity Value Documentation 3.5/5 5/5 4.5/5 Functionality Performance Overall 4/5 4.5/5 86%
Alt-N SecurityGateway for Email Servers - Universal Email Security Gateway Manufacturer: Alt-N Technologies Model: Standard Origin: Texas, USA Website: www.altn.com Price: 204 for up to 25 users Simplicity
More informationPANDA CLOUD EMAIL PROTECTION 3.3.0 / Administrator s Manual / 1
PANDA CLOUD EMAIL PROTECTION 3.3.0 / Administrator s Manual / 1 Contents 1 INTRODUCTION TO PANDA CLOUD EMAIL PROTECTION... 5 1.1 WHAT IS PANDA CLOUD EMAIL PROTECTION?... 5 1.2 FUNCTIONALITIES... 5 2 PANDA
More informationMDaemon Vs. Microsoft Exchange Server 2013 Standard
Comparison Guide Vs. The following chart is a side-by-side feature comparison of and. Flex Licensing Maximum Accounts Unlimited Unlimited SMTP, POP3, DomainPOP, and MultiPOP POP3 & SMTP Only SSL / TLS
More informationBARRACUDA. N e t w o r k s SPAM FIREWALL 600
BARRACUDA N e t w o r k s SPAM FIREWALL 600 Contents: I. What is Barracuda?...1 II. III. IV. How does Barracuda Work?...1 Quarantine Summary Notification...2 Quarantine Inbox...4 V. Sort the Quarantine
More informationIceWarp Unified Communications. AntiVirus Reference. Version 10.4
IceWarp Unified Communications AntiVirus Reference Version 10.4 Printed on 13 January, 2012 Contents AntiVirus 1 Anti-Virus... 2 Latest Avast! Engine... 2 Kaspersky Anti-Virus Support... 2 Support for
More informationA D M I N I S T R A T O R V 1. 0
A D M I N I S T R A T O R F A Q V 1. 0 2011 Fastnet SA, St-Sulpice, Switzerland. All rights reserved. Reproduction in whole or in part in any form of this manual without written permission of Fastnet SA
More informationCOMBATING SPAM. Best Practices OVERVIEW. White Paper. March 2007
COMBATING SPAM Best Practices March 2007 OVERVIEW Spam, Spam, More Spam and Now Spyware, Fraud and Forgery Spam used to be just annoying, but today its impact on an organization can be costly in many different
More informationTREND MICRO. InterScan VirusWall 6. SMTP Configuration Guide. Integrated virus and spam protection for your Internet gateway.
TM TREND MICRO TM TM InterScan VirusWall 6 Integrated virus and spam protection for your Internet gateway for Linux TM SMTP Configuration Guide Trend Micro Incorporated reserves the right to make changes
More informationPOP3 Connector for Exchange - Configuration
Eclarsys PopGrabber POP3 Connector for Exchange - Configuration PopGrabber is an excellent replacement for the POP3 connector included in Windows SBS 2000 and 2003. It also works, of course, with Exchange
More informationAvira AntiVir MailGate 3.2 Release Notes
Release Notes 1. Features 1.1 Assigning recipient addresses to groups either by using Active Directory or a plain text file 1.1.1 Using a Active Directory server MailGate communicates with Active Directory
More informationGFI Product Comparison. GFI MailEssentials vs Barracuda Spam Firewall
GFI Product Comparison GFI MailEssentials vs Barracuda Spam Firewall GFI MailEssentials Barracuda Spam Firewall Integrates closely with Microsoft Exchange Server 2003/2007/2010 Integrates closely with
More informationBarracuda Spam Firewall User s Guide
Barracuda Spam Firewall User s Guide 1 Copyright Copyright 2004, Barracuda Networks www.barracudanetworks.com All rights reserved. Use of this product and this manual is subject to license. Information
More informationSpamPanel Reseller Level Manual 1 Last update: September 26, 2014 SpamPanel
SpamPanel Reseller Level Manual 1 Last update: September 26, 2014 SpamPanel Table of Contents Domains... 1 Add Domain... 2 MX verification Tool... 4 Overview... 5 Incoming... 6 Incoming Bandwidth Overview...
More informationComprehensive Email Filtering. Whitepaper
Comprehensive Email Filtering Whitepaper Email has undoubtedly become a valued communications tool among organizations worldwide. With frequent virus attacks and the alarming influx of spam, email loses
More informationBarracuda Spam Firewall Administrator s Guide
Barracuda Spam Firewall Administrator s Guide 1 Copyright Copyright 2005, Barracuda Networks www.barracudanetworks.com v3.2.22 All rights reserved. Use of this product and this manual is subject to license.
More informationFortiMail Email Filtering. Course 221 - for FortiMail v4.0. Course Overview
FortiMail Email Filtering Course 221 - for FortiMail v4.0 Course Overview FortiMail Email Filtering is a 3-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed
More informationSPAMfighter SMTP Anti Spam Server
SPAMfighter SMTP Anti Spam Server Users Manual Copyright SPAMfighter ApS 2005 Revised 4/27/2006 1 Table of Contents 2 Terminology...3 3 Technology...4 3.1 Tunneling and Interception...4 3.2 Content Classification...5
More informationService Launch Guide (US Customer) SEG Filtering
Secure Network Gateway / Secure E-Mail Gateway (SEG) Service Service Launch Guide Service Launch Guide (US Customer) SEG Filtering Overview The following information will guide you through the steps required
More informationFicha técnica de curso Código: IFCAD241
Curso de: Linux E-mail. Set up, maintain, and secure a small office e- mail server Objetivos: Aprender a instalar, mantener y securizar un correo en un sistema linux. Destinado a: Todo administrador de
More informationHow To Configure Forefront Threat Management Gateway (Forefront) For An Email Server
Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de Configuring and using the E-Mail protection feature in Microsoft Forefront Threat Management
More informationFighting Spam with open source software
Fighting Spam with open source software Charly Kühnast Municipal Datacenter for the Lower Rhine Area Internet Infrastructure charly.kuehnast@krzn.de Introduction: KRZN and spam filtering ~ 11.000 users
More informationA Modular Email Architecture Using Open Source Components
A Modular Email Architecture Using Open Source Components Presented to MVMRUG April 22, 2005 Scott Courtney Sine Nomine Associates Functional Goals SMTP inbound and outbound mail POP3 and IMAP4 mailbox
More informationQuick Start Policy Patrol Mail Security 10
Quick Start Policy Patrol Mail Security 10 This guide will help you start using Policy Patrol Mail Security as quickly as possible. For more detailed instructions, consult the Policy Patrol manual. Step
More informationKASPERSKY LAB. Kaspersky Anti-Virus 5.5 for Linux and FreeBSD Mail Servers ADMINISTRATOR S GUIDE
KASPERSKY LAB Kaspersky Anti-Virus 5.5 for Linux and FreeBSD Mail Servers ADMINISTRATOR S GUIDE KASPERSKY ANTI-VIRUS 5.5 FOR LINUX AND FREEBSD MAIL SERVERS Administrator's guide Kaspersky Lab, Ltd. http://www.kaspersky.com
More informationescan SBS 2008 Installation Guide
escan SBS 2008 Installation Guide Following things are required before starting the installation 1. On SBS 2008 server make sure you deinstall One Care before proceeding with installation of escan. 2.
More informationThe Open Source Stack: One approach to spam filtering
The Open Source Stack: One approach to spam filtering Chris St. Pierre Unix Systems Administrator Nebraska Wesleyan University Breaks Administrivia Administrivia Can turn your cell phone off. Terminology
More informationTRUEMAIL - SPAM FILTERING GATEWAY CASE STUDY
TRUEMAIL - SPAM FILTERING GATEWAY CASE STUDY Business Needs The client was looking for an advanced antispam/anti-virus email system to cater to the hiend emails traffic of the business sector. The system
More informationOpenSMTPD: we deliver
OpenSMTPD: we deliver Giovanni Bechis LinuxCon Europe 2015 About Me sys admin and developer @SNB OpenBSD developer Open Source developer in several other projects OpenSMTPD story
More informationMail Services. Easy-to-manage Internet mail solutions featuring best-in-class open source technologies. Features
Mail Services Easy-to-manage Internet mail solutions featuring best-in-class open source technologies. Features Enterprise-class mail server High-performance Postfix SMTP services Scalable Cyrus IMAP and
More informationHow To Protect Your Email From Spam On A Barracuda Spam And Virus Firewall
Comprehensive Email Filtering: Barracuda Spam & Virus Firewall Safeguards Legitimate Email Email has undoubtedly become a valued communications tool among organizations worldwide. With frequent virus attacks
More informationEmail Security 7.4 Administrator s Guide
Email Security 7.4 Administrator s Guide 1 Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION indicates potential
More informationWebsense Email Security Transition Guide
Websense Email Security Transition Guide Websense Email Security Gateway v7.6 2011, Websense Inc. All rights reserved. 10240 Sorrento Valley Rd., San Diego, CA 92121, USA R140611760 Published August 2011
More informationPanda Cloud Email Protection
Panda Cloud Email Protection 1. Introduction a) What is spam? Spam is the term used to describe unsolicited messages or messages sent from unknown senders. They are usually sent in large (even massive)
More informationSMTP Servers. Determine if an email message should be sent to another machine and automatically send it to that machine using SMTP.
SMTP Servers SMTP: Simple Mail Transfer Protocol (TCP Port 25) The Simple Mail Transfer Protocol (SMTP) is an Internet standard for transferring electronic mail between computers. UNIX systems implement
More informationE-MAIL AND SERVER SECURITY
E-MAIL AND SERVER SECURITY DEPLOYMENT GUIDE 1 E-MAIL AND SERVER SECURITY Deployment Guide 2 CONTENTS 1. Overview 3 2. Deployment scenarios 5 2.1 Stand-alone server 5 2.2 Deploying the product with F-Secure
More informationFortiMail Email Filtering. Course 221 (for FortiMail v4.2) Course Overview
FortiMail Email Filtering Course 221 (for FortiMail v4.2) Course Overview FortiMail Email Filtering is a 2-day instructor-led course with comprehensive hands-on labs to provide you with the skills needed
More informationSpamfilter Relay Mailserver
Spamfilter Relay Mailserver Mark McSweeney CentraLUG, February 1, 2010 Overview Scope Little bit about me Why I built the spamfilter Deployment environment Spamfilter details Tuning and maintainance Other
More informationDomainKeys Identified Mail DKIM authenticates senders, message content
DomainKeys Identified Mail DKIM authenticates senders, message content Alt-N Technologies, Ltd. 2201 East Lamar Blvd, Suite 270 Arlington, Texas 76006 Phone: (817) 525-2005 Fax: (817) 525-2019 http://www.altn.com/
More informationE-MAIL AND SERVER SECURITY
E-MAIL AND SERVER SECURITY DEPLOYMENT GUIDE 1 E-MAIL AND SERVER SECURITY Deployment Guide 2 CONTENTS 1. Overview 3 1.1 How the product works 3 1.2 Product contents 4 2. Deployment scenarios 5 2.1 Stand-alone
More informationAdvanced Settings. Help Documentation
Help Documentation This document was auto-created from web content and is subject to change at any time. Copyright (c) 2016 SmarterTools Inc. Advanced Settings Abuse Detection SmarterMail has several methods
More informationSPAM FILTER Service Data Sheet
Content 1 Spam detection problem 1.1 What is spam? 1.2 How is spam detected? 2 Infomail 3 EveryCloud Spam Filter features 3.1 Cloud architecture 3.2 Incoming email traffic protection 3.2.1 Mail traffic
More informationSpam Filtering at CERN Emmanuel Ormancey - 23 October 2002
Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002 23 October 2002 Emmanuel Ormancey 1 Topics Statistics Current Spam filtering at CERN Products overview Selected solution How it works Exchange
More informationMailwall Remote Features Tour Datasheet
Management Portal & Dashboard Mailwall Remote Features Tour Datasheet Feature Benefit Learn More Screenshot Cloud based portal Securely manage your web filtering policy wherever you are without need for
More informationQuick Start Policy Patrol Mail Security 9
Quick Start Policy Patrol Mail Security 9 This guide will help you start using Policy Patrol Mail Security as quickly as possible. For more detailed instructions, consult the Policy Patrol manual. Step
More informationFrequently Asked Questions for New Electric Mail Administrators 1 Domain Setup/Administration
Frequently Asked Questions for New Electric Mail Administrators 1 Domain Setup/Administration 1.1 How do I access the records of the domain(s) that I administer? To access the domains you administer, you
More informationEmail Security 8.0 Administrator s Guide
Email Security 8.0 Administrator s Guide 1 Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION indicates potential
More information1 Accessing E-mail accounts on the Axxess Mail Server
1 Accessing E-mail accounts on the Axxess Mail Server The Axxess Mail Server provides users with access to their e-mail folders through POP3, and IMAP protocols, or OpenWebMail browser interface. The server
More informationMANUAL. Policy Patrol Email. Disclaimers. Version 7
MANUAL Policy Patrol Email Disclaimers This manual, and the software described in this manual, are copyrighted. No part of this manual or the described software may be copied, reproduced, translated or
More informationManual POLICY PATROL EMAIL SPAM FILTER
Manual POLICY PATROL EMAIL SPAM FILTER MANUAL Policy Patrol Email Spam filter This manual, and the software described in this manual, are copyrighted. No part of this manual or the described software may
More informationUSER S MANUAL Cloud Email Firewall 4.3.2.4 1. Cloud Email & Web Security
USER S MANUAL Cloud Email Firewall 4.3.2.4 1 Contents 1. INTRODUCTION TO CLOUD EMAIL FIREWALL... 4 1.1. WHAT IS CLOUD EMAIL FIREWALL?... 4 1.1.1. What makes Cloud Email Firewall different?... 4 1.1.2.
More informationKASPERSKY LAB. Kaspersky SMTP-Gateway 5.5 for Linux/Unix ADMINISTRATOR S GUIDE
KASPERSKY LAB Kaspersky SMTP-Gateway 5.5 for Linux/Unix ADMINISTRATOR S GUIDE KASPERSKY SMTP-GATEWAY 5.5 FOR LINUX/UNIX Administrator s Guide Kaspersky Lab http://www.kaspersky.com Revision date: July
More informationE-Mail Security. on your terms SOFTSCAN
E-Mail Security on your terms SOFTSCAN With fraudulent and offensive emails delivered in vast quantities to businesses every day a foolproof email security system is essential. Setting the standards SoftScan
More informationGREEN HOUSE DATA. E-Mail Services Guide. Built right. Just for you. greenhousedata.com. Green House Data 340 Progress Circle Cheyenne, WY 82007
GREEN HOUSE DATA Built right. Just for you. E-Mail Services Guide greenhousedata.com 1 Green House Data 340 Progress Circle Cheyenne, WY 82007 Table of Contents Getting Started on Business Class Email
More informationOpenSMTPD : We deliver!
OpenSMTPD : We deliver! Éric Faurot eric@openbsd.org February 8, 2013 Abstract In this paper we present the OpenSMTPD daemon: a simple, modern and portable mail server implemented using privilege-separation
More informationConfiguration Information
Configuration Information Email Security Gateway Version 7.7 This chapter describes some basic Email Security Gateway configuration settings, some of which can be set in the first-time Configuration Wizard.
More information