Educause Security Discussion mailing list archives
Re: Spam Filtering Appliances
From: Gary Bristol <gbristol () OU EDU>
Date: Thu, 28 Jul 2005 11:52:17 -0500
Someone mentioned that they hadn't seen any mention of Symantec's Brightmail product. We actually use that on our Unix Mail servers for Spam identification. In several of the Spam Filter appliances though it is mentioned that they don't just rely on one technique to reduce SPAM, they use several. Included in this is references to RBL's, Whitelists, Greylists, reverse DNS lookups and Sender Reputation Databases. We recently evaluated an IronPort Appliance and it also incorporated a Sender's Reputation Database, in addition to Reverse DNS and RBL. The lower the rating, the more restrictions that are placed on the connections from that sender. This would include, limits on the number of Addresses per message, the number of messages sent per connection, the number of simultaneous connections and the number of connections allowed in an hour. This greatly reduced the number of messages processed. For the Test we placed this appliance in front of our alternate mail server and it cut the number of messages processed in a day from over 200K to just 4 - 6K. The percentage of good messages from the total went from 4.5% to 96.8%. I think with any of these appliances you will see similar results, the real trick is getting the University community to accept the fact that we can with a high confidence identify the messages that are Spam. This would lead to a policy that would allow us to Block and not just Tag it. I've listed a small sampling of the Anti-Spam Appliances I found with a Google search, I've also tried to determine from the website what technology or software they were using to do SPAM detection. Appliance or Company Spam Filtering SW used Barracuda SpamAssassin http://www.barracudanetworks.com/ns/?L=en Mirapoint http://www.mirapoint.com/ MailFoundry Custom http://solinus.com/mailfoundry/ trimMail http://www.trimmail.com/ PowerElf2 http://www.greencomputer.com/products/powerelf2/features/antispam.shtml ProofPoint http://www.proofpoint.com/ BlueCat http://www.bluecatnetworks.com/ Symantec Brightmail http://www.costcentral.com/proddetail/Symantec_Mail_Security_8260_Appliance/10333719/F17514/ SpamGate SpamAssassin http://www.spamgate.us/ IronPort BrightMail http://www.ironport.com/products/ironport_c-series.html IronMail Custom http://www.ciphertrust.com/
Current thread:
- Re: Spam Filtering Appliances Gary Bristol (Jul 28)