An Overview of Open Source Security - Email security tools
(Page 4 of 5 )
As one of the primary and least controllable sources of incoming data to a network, email security is a whole category of its own. It is also an area which has seen the development of some of the most powerful and widely used open source security software. The two most significant email-related security threats are spam and viruses.
SpamAssassin
SpamAssassin is one of the relatively few open source security utilities to have achieved wide enterprise-level take-up. A sophisticated spam filter built around content-matching rules, it has strong support in technical circles where it is widely regarded as among the most powerful anti-spam solutions. In addition to content matching, SpamAssassin can also attempt to identify spam using DNS information, URL blacklists, checksum-based and statistical filtering, and Sender Policy Framework (SPF). It is generally configured to scan all mail in a queue, processing it in a pipe from a mail filtering application such as procmail; it can also be set up to be called directly fro a mail user agent instead.
ClamAV is powerful anti-virus software designed specifically to integrate with a mail exchange server to provide server-based email virus scanning. This approach has a number of advantages for the system administrator over more conventional email-oriented virus protection.
First, the admin can ensure the virus definition files are kept up to date. End-users are likely to be less efficient about this. Second, these updates need only be applied in a single place – on the mail server – rather than needing to be replicated across the entire network. The third big advantage is that the sysadmin can be certain all mail is in fact being scanned. This may not always be the case if left up to end users, who could for instance disable standalone email virus scanning software. On the downside, server-side email scanning is more demanding on system resources; a high volume mail server might slow down noticeably if forced to virus scan the entire queue, and this is something the administrator has to weigh in deciding whether to incorporate ClamAV into a setup.
ClamAV’s close relative ClamWin is an open source anti-virus scanner for Microsoft Windows built on the ClamAV engine.
