Google
Web BSDatwork.com
Stopping Spam And Malware With Open Source
Of all the services provided via the Internet, e-mail is the one that most of us can least afford to see disrupted. Yet, most network and system administrators have only partial knowledge of the many ways in which their mail systems can be abused, or of how to prevent such abuses. As a result, mail servers are often co-opted to deliver spam and other undesirable material. Spammers have learned how to probe servers for user account information, "harvesting" addresses not only from Web pages but from utilities which are enabled by default in many operating system configurations. (In some cases, the mail transfer agent itself can be subverted to provide useful information.) Self-propagating malware (malicious software), in the form of Trojan horses such as ILOVEYOU, can burden or even halt e-mail servers, as it did the servers of the British Parliament in the early part of the year 2000. This paper will describe some common threats against which many mail servers are defenseless by default, and explain some of the ways in which one can harden a mail server running BSD and sendmail against them. The techniques mentioned here implement most of the recommendations mentioned in RFC 2505 (a "Best Current Practice" RFC regarding spam) plus some others not contemplated by that document. While the experienced system administrator will already have implemented some of these measures, few are aware of all of them. Many of the ideas described in this paper may also be applicable to mail servers running on other operating system platforms and/or employing other mail transfer agents.
Original URL: http://www.brettglass.com/spam/paper.html
Related URL: http://www.brettglass.com/spam/index.html
Content Copyright © Original Author