Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Spam Filtering Appliances

From: Gary Bristol <gbristol () OU EDU>
Date: Thu, 28 Jul 2005 11:52:17 -0500
Someone mentioned that they hadn't seen any mention of Symantec's
Brightmail product. We actually use that on our Unix Mail servers for
Spam identification.

In several of the Spam Filter appliances though it is mentioned that
they don't just rely on one technique to reduce SPAM, they use several.

Included in this is references to RBL's, Whitelists, Greylists, reverse
DNS lookups and Sender Reputation Databases.

We recently evaluated an IronPort Appliance and it also incorporated a
Sender's Reputation Database, in addition to Reverse DNS and RBL. The
lower the rating, the more restrictions that are placed on the
connections from that sender. This would include, limits on the number
of Addresses per message, the number of messages sent per connection,
the number of simultaneous connections and the number of connections
allowed in an hour.

This greatly reduced the number of messages processed.

For the Test we placed this appliance in front of our alternate mail
server and it cut the number of messages processed in a day from over
200K to just 4 - 6K.
The percentage of good messages from the total went from 4.5% to 96.8%.

I think with any of these appliances you will see similar results, the
real trick is getting the University community to accept the fact that
we can with a high confidence identify the messages that are Spam. This
would lead to a policy that would allow us to Block and not just Tag
it.

I've listed a small sampling of the Anti-Spam Appliances I found with a
Google search, I've also tried to determine from the website what
technology or software they were using to do SPAM detection.

Appliance or Company    Spam Filtering SW used

Barracuda               SpamAssassin
http://www.barracudanetworks.com/ns/?L=en

Mirapoint
http://www.mirapoint.com/

MailFoundry             Custom
http://solinus.com/mailfoundry/

trimMail
http://www.trimmail.com/

PowerElf2
http://www.greencomputer.com/products/powerelf2/features/antispam.shtml

ProofPoint
http://www.proofpoint.com/

BlueCat
http://www.bluecatnetworks.com/

Symantec                Brightmail
http://www.costcentral.com/proddetail/Symantec_Mail_Security_8260_Appliance/10333719/F17514/

SpamGate                SpamAssassin
http://www.spamgate.us/

IronPort                BrightMail
http://www.ironport.com/products/ironport_c-series.html

IronMail                Custom
http://www.ciphertrust.com/
Previous By Date Next
Previous By Thread Next

Current thread: