180 likes | 303 Views
MailScanner. Making the Internet a safer place Julian Field. Why You Need It. Spam now accounts for up to 40% of your incoming mail traffic About 1 in 250 messages contains a virus
E N D
MailScanner Making the Interneta safer place Julian Field
Why You Need It • Spam now accounts for up to 40% of your incoming mail traffic • About 1 in 250 messages contains a virus • So a site processing 50,000 messages per day wastes time and resources on 20,000 spams and risks a virus outbreak 200 times every day
What MailScanner Will Do For You • It is an e-mail security system deployed on your e-mail gateways and servers • It will capture every known virus passing through your e-mail servers • It will identify and handle well over 95% of all the spam • It is very fast, robust and secure • Many other features!
You Could Go Commercial • If you have the money to pay people like MessageLabs, Trend or Brightmail, then you are probably aren’t here! • As an example, 3 years ago Trend quoted us about £50,000 per year to virus check mail coming into our University
Reputation • Protects over 500 million messages per day at about 20,000 sites on 6 continents • Used by US Navy Central War Command, US Army and government departments • Used by NASA, European Commission, WIPO, UCLA, Harvard, MIT, Siemens, HP, BAe, UK Research Councils, etc ad nauseam • Too many UK sites to mention!
MailScanner is Free • You may need to buy some hardware to operate it. Many sites can just run it on existing hardware. • 1 PC can fully process up to 1.5 million messages per day. • You will probably want an anti-virus engine…
Anti-Virus Engines • 14 are supported, including all the major market leaders • ClamAV is free but not recommended for sole use • F-Prot is $300 per server regardless of number of users • Sophos is very good and has excellent CHEST discounts
What MailScanner Does • Scans all e-mail passing through it for viruses using any combination of the supported anti-virus engines • Scans for spam using a wide variety of techniques including DNS blacklists, over 800 heuristic rules and a Bayesian probability system
What MailScanner Does • Allows/denies attachments based on filename, providing implementation of any email security policy. Easily used to block attachments which are common ways of disguising viruses, e.g. ReadMe.doc.exe • Scans for common signs of attack such as <IFrame> and <Object Codebase=…> HTML tags
Virus Handling • Attachments containing viruses or other security problems are removed • All safe content is delivered untouched • Recipients get a warning explaining what happened and who they should contact for help
Spam Handling • Subject line is tagged so users can filter easily • Message may be tagged, delivered, deleted, archived, bounced and/or stripped to plain text • Stripping to plain text is extremely effective against the rising tide of pornographic spam
Highly Configurable • Virtually all configuration parameters can be set using fixed values, “rulesets” or “Custom Functions” • Rulesets allow different values for any users or domains you specify • Custom Functions allow implementation of any other configuration model you choose, including external databases of user options
Very Easy To Install • Current record is 11 minutes for a complete system installation including all Perl modules and a virus scanner • Installation script automates most of the process for you • All configuration options are set to sensible defaults • No sendmail.cf changes at all
Recent Additions • Support for SpamAssassin 2.52 • Support for Sophos SAVI library • Support for signing PGP/GPG-signed mail • Support for Exim split spools • Easy upgrading of MailScanner.conf file • Improved HTML stripping to plain text • Per-domain spam whitelists & blacklists
Further Information • www.mailscanner.info • Contact me at jkf@ecs.soton.ac.uk • Now over to you…