AntiSpam Guide
Stop Spam in Your Company with a Spam Firewall
from: Debbie Jacobsen
A spam firewall is a hardware device that sits between your internet firewall and LAN. It is called a "firewall" because it provides data filtering of email packets, and blocks the packets that meet the criteria of "spam". Spam firewalls can also provide anti-virus protection, anti-spyware, anti-spoofing and anti-phishing services, depending on the model you choose. A spam firewall is not designed to protect your network against intruders such as hackers - you will need a regular internet firewall for that.
Spam firewalls use a variety of methods for determining what is considered spam and filtering it out. Normally a form of blacklisting is used, which automatically filters out email from known spammy addresses. A whitelist may also be used, which allows the administrator to identify addresses or domains that should never be blocked. Keyword scanning may also be used, allowing the administrator or individual user to block emails containing certain keywords or keyword combinations. A form of message authenticity checking is also normally used to identify valid "from" addresses, check details of the entire SMTP process, or validate legitimate IP addresses.
Many spam firewall appliances also use bayesian algorithm filtering, which help the firewall block more spam over time as it "learns" what is considered spam based on message history, user input and other analysis. Incoming message flow filters also look at the number of incoming messages and where they are from, allowing them to quickly spot and stop a sudden barrage of spam emails that have been mass-distributed from the same source. Spam firewalls are very "smart" and good at eliminating the majority of spam email that comes into a network. They are not 100% effective, but many come close.
Spam firewall appliances range in price from around $2000 up to $20,000 or more, depending on the number of users it needs to protect and features. Many spam firewalls have optional features like antivirus or anti spyware. Spam firewalls need to be kept up to date with the latest data on known spam sites, new algorithms, updated filters, etc... This is normally handled by the firewall manufacturer as an auto-update feature.
As with most network appliances, an annual maintenance plan is usually purchased for the purpose of keeping the firewall up to date and performing it's best.
Spam firewall appliances use many sophisticated techniques to identify and block spam, generally with very good success. Because spammers are constantly change their techniques in order to get their junk mail past the latest and greatest spam filtering technologies, spam firewalls must continually monitor patterns and make filtering corrections.
Spam firewall manufacturers are also constantly make corrective configuration changes to keep up with the battle against spammers. For this reason, even the best spam firewall is going to filter out "good" mail from time to time. This is called a "false positive", and administrators (and users) must always be on the lookout for this. Most spam firewalls have sensitivity thresholds that can be adjusted by an administrator to help overcome false positives.
A spam firewall appliance is not your typical "set it and forget it" firewall, but the advantage of having such an appliance on your network far outweighs the need for some administrative work.
About the author:
Debbie is an information technology professional and author of Antivirus, Firewall and Spyware Resources - an informative website about computer security.
For more information, see her page on Spam Firewalls.
For permanent link to this article click here.
Related story:
How Hackers Take Control of your Computer
from: Richard RogersYour PC has many "ports" which are vulnerable to attack from a hacker. These ports are used to communicate internally with your monitor or printer or externally to the internet. For example, Port 25 is used for receiving incoming email and Port 80 is used to connect to the internet.
In addition you have a unique IP number which is assigned to your computer by your Internet Service Provide which is required for you to use the internet. This is how you send and receive information. It also serves as your computer's "address". The IP number looks like this - 106.185.21.243.
If you have a broadband or DSL connection your IP address rarely changes which make your computer more vulnerable. If you connect to the internet via dial up then you ...
To read the rest of this story click here.
Fairly Secure Anti Spam News
Fairly Secure Anti Spam Wiki - Fairly-Secure Anti-Spam
Group maintained documentation for running a fairly secure anti-spam solution on OpenBSD. ... Fairly-Secure Anti-SPAM Gateway Using OpenBSD, Postfix, ...
Read more...Fairly-Secure Anti-SPAM Gateway Using OpenBSD, Postfix, Amavisd-new ...
SpamAssassin is the main anti-spam component which works by comparing messages ... In the end, you'll have an anti-spam solution that requires no effort by ...
Read more...Fairly Secure Anti Spam Wiki - Fairly-Secure Anti-Spam - SWiK
Fairly-Secure Anti-SPAM Gateway Using OpenBSD, Postfix, Greylisting, Amavisd-new, SpamAssassin, Razor and DCC ... Fairly Secure Anti Spam Wiki - Fairly-Secure ...
Read more...Robert's Junkicide (Anti-SPAM) Procmail Script
... outlined in Scott Vintinner's Fairly-Secure Anti-SPAM Gateway, except at the ... The SPAM Bouncer and spamassassin both create markers which indicate that a ...
Read more...Spam Blocker - SpamStopsHere Anti Spam Solution
secure:channel blog. IT and security blog. Written by experts. Current. Insightful ... Your conversion services are reliable, professional, and fairly priced. ...
Read more...