ECE Mail System Overview. Pablo J. Rebollo ECE Network Operations Center



Similar documents
Government of Canada Managed Security Service (GCMSS) Annex A-5: Statement of Work - Antispam

Domains Help Documentation This document was auto-created from web content and is subject to change at any time. Copyright (c) 2016 SmarterTools Inc.

Mail Services. Easy-to-manage Internet mail solutions featuring best-in-class open source technologies. Features

Objective This howto demonstrates and explains the different mechanisms for fending off unwanted spam .

services. Anders Wiehe IT department Gjøvik University College

Antispam Security Best Practices

Exim4U. Server Solution For Unix And Linux Systems

eprism Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide

Spam, Spam and More Spam. Spammers: Cost to send

Analysis of Spam Filter Methods on SMTP Servers Category: Trends in Anti-Spam Development

AntiSpam QuickStart Guide

Panda Cloud Protection

Mail Avenger. David Mazières New York University

Spam & In Computer Science

Precis Overview - The Threat

Comprehensive Filtering: Barracuda Spam Firewall Safeguards Legitimate

Anti-Spam Measures Survey Pascal Manzano ENISA

EMB. Basics. Goals of this lab: Prerequisites: LXB, NET, DNS

Securepoint Security Systems

Deployment Guides. Help Documentation

Hosted CanIt. Roaring Penguin Software Inc. 26 April 2011

CipherMail Gateway Quick Setup Guide

Collateral Damage. Consequences of Spam and Virus Filtering for the System. Peter Eisentraut 22C3. credativ GmbH.

Anti Spam Best Practices

MDaemon Vs. Microsoft Exchange Server 2013 Standard

procmail and SpamAssassin

A Modular Architecture Using Open Source Components

Anti-spam filtering techniques

If your response to any of the questions above was Yes, then SmarterMail Enterprise Edition may be right for you.

Collax Mail Server. Howto. This howto describes the setup of a Collax server as mail server.

Frequently Asked Questions for New Electric Mail Administrators 1 Domain Setup/Administration

Security. Help Documentation

XGENPLUS SECURITY FEATURES...

Tools. David Hilley. David Hilley, March 5, 2008 L A T E X - p. 1

The Leading Security Suites

Migration Manual (For Outlook 2010)

HGC SUPERHUB HOSTED EXCHANGE / 2007 SMART PANEL USER GUIDE

Mail Service Reference

EFFECTIVE SPAM FILTERING WITH MDAEMON

Ficha técnica de curso Código: IFCAD241

Migration Manual (For Outlook Express 6)

Spam blocking methods and experiences

Barracuda Spam Firewall User s Guide

Marketing 201. How a SPAM Filter Works. Craig Stouffer Pinpointe On-Demand cstouffer@pinpointe.com (408) x125

Barracuda Spam Firewall

White Paper X-Spam for Exchange Server

Professional Edition vs. Enterprise Edition

Configure a Mail Server

Help for System Administrators

Web. Anti- Spam. Disk. Mail DNS. Server. Backup

Technical Information

GRAYWALL. Introduction. Installing Graywall. Graylist Mercury/32 daemon Version 1.0.0

Fighting Spam with open source software

. Daniel Zappala. CS 460 Computer Networking Brigham Young University

MICROSOFT FULL ACCESS MAILBOX (50GB) MICROSOFT OUTLOOK CLIENT ROARING PENGUIN SPAM FILTER ROARING PENGUIN 3-YEAR ARCHIVING UNIQUE FEATURES

Gordon State College. Spam Firewall. User Guide

Filtering with Open Source Software. OLUG June 7, 2005

Mail NIKHEF

English Translation of SecurityGateway for Exchange/SMTP Servers


ESET Mail Security 4. User Guide. for Microsoft Exchange Server. Microsoft Windows 2000 / 2003 / 2008

Features by Version. MDaemon Messaging Server Feature Guide. Alt-N Technologies

Release Notes. for Kerio Connect 8.0.0

MailGuard and Microsoft Exchange 2007

The Network Box Anti-Spam Solution

Comprehensive Filtering. Whitepaper

How To Manage Your Quarantine On A Blackberry.Com

Table of Contents. Electronic mail. History of (2) History of (1) history. Basic concepts. Aka (or according to Knuth)

How To Protect Your From Spam On A Barracuda Spam And Virus Firewall

security

ETH Zürich - Mail Filtering Service

Green House Data Spam Firewall Administrator Guide

Configuring Your Gateman Server

CSE/ISE 311: Systems Administra5on Administra5on

Advanced 100 GB storage space. Unlimited monthly bandwidth. Pro 150 GB storage space. Unlimited monthly bandwidth. Horde Squirrelmail Round Cube Mail

An Overview of Spam Blocking Techniques

Mail system components. Electronic Mail MRA MUA MSA MAA. David Byers

The Network Box Anti-Spam Solution

one million mails a day: open source software to deal with it Charly Kühnast Municipal Datacenter for the Lower Rhine Area Moers, Germany

The Open Source Stack: One approach to spam filtering

How To Write An On A Linux Computer (No Mail) (No ) (For Ahem) (Or Ahem, For Ahem). (For An ) Or Ahem.Org) (Ahem) Or An

Content Scanning with Exim 4

Fighting Spam: Tools, Tips, and Techniques

The Ultimate Business & Enterprise Hosting Solutions.

Architecture of a scalable mail system. Joel Jaeggli for PACNOG2 June 2006

HOSTED EXCHANGE ADVANCED SECURITY. Hosted Exchange Advanced Security Feb 2013

Avira Managed Security (AMES) User Guide

GFI Product Manual. Administration and Configuration Manual

Technical Note. FORTIMAIL Configuration For Enterprise Deployment. Rev 2.1

Version 3.x. Barracuda Spam & Virus Firewall User s Guide. Barracuda Networks Inc S. Winchester Blvd Campbell, CA

Postfix. by Rod Roark

Anchor s Marketing Glossary and Common Terms

Mail Service Reference

Introduction. Friday, June 21, 2002

Effective Open-Source Spam Filtering

Malicious Code and Spam in Wired and Wireless Environments: Problems and Solutions

1 Accessing accounts on the Axxess Mail Server

SPAM FILTER Service Data Sheet

MailEnable Scalability White Paper Version 1.2

About this documentation

Transcription:

ECE Mail System Overview Pablo J. Rebollo ECE Network Operations Center

Agenda Overview of ECE mail system How mail system works SPAM!!! ECE mail system statistics and examples Problems References

Mail system Previous server Sun UltraEnterprise 450 4 X UltraSparc 300 MHz 2 Gigabytes of RAM 10 x 9 Gigabytes hard drives (SCSI) Solaris Postfix (SMTP) Inboxes in MBOX format UW IMAP, and QPopper (POP3) Text file for user information (/etc/passwd)

Mail System Current server Dell PowerEdge 1750 2 X Intel Xeon 3.2 GHz with HT 4 gigabytes of RAM 2 X 36 GB (SCSI), RAID 1 for OS 14 x 73 GB (SCSI), RAID 5 for users, web pages, etc Linux Postfix (SMTP, SMTPS, SASL, TLS) Cyrus (IMAP, POP3, TLS, maildir inboxes) LDAP for user information

Mail System (cont.) Current system Over 1,400 inboxes Over 40,000 messages received per week Over 10,000 messages received are SPAM Over 10,000 messages sent per week Additional services Mail gateway (Spamassassin, ClamAV) Greylisting (OpenBSD spamd)

Mail System (cont.)

How mail system works User sends an email with a client The client sends the email to the designated SMTP server. The SMTP server look for the MX record for the recipient domain. The SMTP server sends the email to the MX. The recipient domain mail server receives the message and store it into the user INBOX. Finally, the user reads the new message with an email client using IMAP or POP3.

How mail system works (cont.) dns.prt.net mail.prt.net 2 dns pablo@mydomain.com 1 smtp 3 smtp 4 IMAP/POP ` PRT Client user@prt.net Internet 1) Client sends the messages to mail.prt.net (SMTP) 2) mail.prt.net query the MX record for mydomain.com (DNS) 3) mail.prt.net send the message to mydomain.com (SMTP) 4) Recipient reads the message (IMAP/POP) mydomain Client pablo@mydomain.com `

SPAM!!! The biggest problem is SPAM. Users don t want to receive SPAM. SPAM consumes bandwidth and other resources. To reduce the amount of spam, several techniques has been implemented. Mailgateway (Spamassassin, ClamAV, FuzzyOcr) OpenBSD spamd for greylisting and tarpitting.

Techniques to deal with SPAM Spamassassin OSS used to identify SPAM by assigning scores based on several tests. If the score exceeds a threshold, then the message is tagged as SPAM (***SPAM***). The software accepts custom made tests. ClamAV OSS used to identify viruses. The system downloads new definitions every hour. Messages with viruses aren t delivered to users. FuzzyOCR OSS who perform OCR (optical character recognition) to images contained in mail messages. This technique can hit system CPU.

Techniques to deal with SPAM Greylisting In name, as well as operation, greylisting is related to whitelisting and blacklisting. What happen is that each time a given mailbox receives an email from an unknown contact (ip), that mail is rejected with a "try again later"-message.this, in the short run, means that all mail gets delayed at least until the sender tries again - but this is where spam loses out! Most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later. (from: greylisting.org) SPF (Sender Policy Framework) The idea is to advertise the authorized mail server for a specific domain. This is achieved by publishing a TXT record for a domain. Postfix SASL This option force users to be authenticated first when sending email to external accounts (relaying) when they aren t connected to ECE facilities.

Stats & Examples Mailgateway Statistics

Stats & Examples (cont.) Spamd Statistics

Stats & Examples (cont.) DNS Query

Stats & Examples (cont.) Spamassassing report Content analysis details: (14.5 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.1 EXTRA_MPART_TYPE Header has extraneous Content-type:...type= entry 2.0 DATE_IN_FUTURE_03_06 Date: is 3 to 6 hours after Received: date 0.5 HTML_40_50 BODY: Message is 40% to 50% HTML 0.0 HTML_MESSAGE BODY: HTML included in message 4.3 BAYES_99 BODY: Bayesian spam probability is 99 to 100% 3.8 LONGWORDS Long string of long words 3.0 DC_PNG_UNO_LARGO Message contains a single large inline gif -0.1 AWL AWL: From: address is in the auto white-list

Problems The most common problem is with false positives. To deal with this kind of problem is important to have users feedback. Another problem can be delivery delays due to greylisting process. This could be solved by having a static whitelist.

References Postfix http://www.postfix.org/ Cyrus http://cyrusimap.web.cmu.edu/ Spamassassin http://spamassassin.apache.org/ ClamAV http://www.clamav.net/ FuzzyOCR http://wiki.apache.org/spamassassin/fuzzyocrplugin Greylisting http://www.greylisting.org/ OpenBSD spamd http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8 SPF http://www.openspf.org/ OpenBSD spamd - greylisting and beyond http://www.ualberta.ca/~beck/nycbug06/spamd/index.html

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information