Presentation is loading. Please wait.

Presentation is loading. Please wait.

September 16, 2009 SpamAssassin Way more than the Mac OS X Server GUI shows Presented by: Kevin A. McGrail Project Management Committee Member of the Apache.

Published byDoris Goodman Modified over 9 years ago

Similar presentations

Presentation on theme: "September 16, 2009 SpamAssassin Way more than the Mac OS X Server GUI shows Presented by: Kevin A. McGrail Project Management Committee Member of the Apache."— Presentation transcript:

1 September 16, 2009 SpamAssassin Way more than the Mac OS X Server GUI shows Presented by: Kevin A. McGrail Project Management Committee Member of the Apache Software Foundation SpamAssassin Project & President, PCCC

2 September 16, 2009 What is Spam? Spam is NOT about content, its about CONSENT. –Consent: to give assent or approval : agree Merriam-Webster Dictionary What is SPAM vs. spam?

3 Disagreements on Spam Hormel – SPAM Brand and the Internet CAN-SPAM! URIBLSucks September 16, 2009

4 What is Ham? In the anti-Spam community, Spam and Ham are opposites. –Spam = Junk E-mails –Ham = Good E-mails.

5 September 16, 2009 What is an FP? False-Positives (FPs) –E-mails incorrectly tagged as Junk False-Negatives (FNs) –E-mails incorrectly NOT tagged as Junk

6 September 16, 2009 Blacklist / Whitelist Blacklist = Bad Items Whitelist = Good Items Greylist = Undecided Items

7 September 16, 2009 What is SpamAssassin? SpamAssassin is a mail filter & API used to identify junk e-mail. SpamAssassin powers the Junk Mail Filtering tool in OS X. SpamAssassin is also the basis of several other commercial products.

8 September 16, 2009 SpamAssassin: Future-proof? SpamAssassin is a well-refined scoring framework Uses Rules-Based Heuristics Engine: Each Rule is given a Score –Lower, or Negative overall score = Ham –Higher overall score & equal to/above a threshold = Spam Utilizes a Genetic Algorithm on Ham & Spam collections to generate the weight for each rule Upcoming 3.3.0 release separates Rules from Framework

9 September 16, 2009 Enabling the Junk Mail Filter

10 GUI Tweaks for the Junk Mail Filter September 16, 2009

11 SpamAssassin with Snow Leopard Snow Leopard (10.6.1) uses SA version 3.2.1 3.2.1 was released June 11 th, 2007! 3.2.5 was released June 12 th, 2008! 3.3.0 is beyond 2 nd alpha with optimization for the score weighting in progress for imminent full release. September 16, 2009

12 Improve Your Mail Setup Improving your overall mail setup will assist other mail servers to identify legitimate senders: –rPTRs –Smart Host? MSA/MUA/MTA –SPF –Reduction of DSNs

13 Behind the OS X Server GUI Terminal Vi – the greatest editor ever invented. –Learn It, Love It, Buy the Coffee Cup. Xcode September 16, 2009

14 Tweaking your Installation Network Tests –Blacklists (BRBL, PSBL, SURBL, URIBL, ZEN) –Checksum Filters (DCC, Pyzor, Razor/Cloudmark) –Use a Caching Nameserver! Extra Rule Sets –KAM.cf

15 September 16, 2009 More Tweaking Consider your threshold for tagging Bayesian Classifier SpamTrainer.pre and.cf files

16 Future Tweaks? Domain Keys Identified Mail (DKIM) Author Domain Signing Practices (ADSP) sa-update September 16, 2009

17 More Spam Reduction Techniques? Using Blacklists to Outright Blocking E-mail –RBL100 - 0.0.0.0 to 255.255.255.255 Greylisting

18 Common Problems Don’t whitelist your own domain! FPs with Mailing Lists / Newsletters / Digests September 16, 2009

19 Why is an E-Mail Tagged / Not Tagged as Spam? Review the Headers –Content vs. Pathway Analysis Checking Blacklists September 16, 2009

20 Who is Sending the Spam? Who is sending the Spam? How did they get my e-mail address? Why do they send it? Creative Spam (to a Spam Junkie)

21 September 16, 2009 Making your Own Heuristic Rules 1 st Resource for Writing Rules (+ RegExes) Running “Lint” SpamAssassin Rules Emporium (SARE) Running tests manually Restart Mail Service to Implement Changes

22 September 16, 2009 Excuses, Excuses! Best Spam RBL Delisting Request –"Please delist us. We promote cosmic peace as in the poem below. This world badly needs it. Why do some hate peace and have us blacklisted?” Best Unsubscribe Tag –If you do not have Internet access, please send an e-mail to delete@.com

23 September 16, 2009 Resources from this Speech –SpamAssassin – http://spamassassin.apache.org/ –SpamAssassin – Writing Rules - http://wiki.apache.org/spamassassin/WritingRules –Monty Python SPAM Skit – http://www.youtube.com/watch?v=cFrtpT1mKy8 –Hormel SPAM and the Internet – http://www.spam.com/about/internet.aspx –Xcode – http://developer.apple.com/technology/Xcode.html –Sender Policy Framework – http://www.openspf.org/ –The SpamHaus Project – http://www.spamhaus.org/ –URIBL – http://www.uribl.com/ –SURBL – http://www.surbl.org/ –PCCC – Peregrine Computer Consultants Corporation – http://www.pccc.com/ –KAM.cf – http://www.pccc.com/downloads/SpamAssassin/contrib/KAM.cf –SpamTrainer – http://osx.topicdesk.com/spamtrainer –Genetic Algorithm – http://en.wikipedia.org/wiki/Genetic_algorithm –Template thanks to http://www.templateswise.com/detail/link-105.html

24 E-mail and Anti-Spam Dictionary Wikipedia, Google & the Web are invaluable tools for any administrator. In the notes for this slide are more definitions and their sources which may assist you in learning more to battle Spammers. I am also happy to answer questions via e-mail at kmcgrail@apache.org. September 16, 2009

25 Thank You! Presentation (+Q&A!) will be published –MacSysadmin.se website –SpamAssassin website http://spamassassin.apache.org/presentations/ Questions & Answers September 16, 2009

Download ppt "September 16, 2009 SpamAssassin Way more than the Mac OS X Server GUI shows Presented by: Kevin A. McGrail Project Management Committee Member of the Apache."

Similar presentations

IP Warming Overview and Implementation Using Eloqua.

IP Warming Overview and Implementation Using Eloqua.
© 2012 Eloqua, Inc. Confidential 1 Deliverability and IP Warming Overview and Implementation Using Eloqua.

© 2012 Eloqua, Inc. Confidential 1 Deliverability and IP Warming Overview and Implementation Using Eloqua.
TrustPort Net Gateway Email traffic protection. WWW.TRUSTPORT.COM Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.
Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of servers Across dozens of.

Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of servers Across dozens of.
Gold Country Computer Learning Center March 2007 Spam Email Roger Thornburn.

Gold Country Computer Learning Center March 2007 Spam Roger Thornburn.
Dealing With Spam The email kind, not the Food product.

Dealing With Spam The kind, not the Food product.
Are You Spamming Your Clients? June 17, 2011. Introductions  Doug Ladendorf Manager of Marketing Databases & CRM Mayer Brown LLP  1,600 Attorneys 

Are You Spamming Your Clients? June 17, Introductions  Doug Ladendorf Manager of Marketing Databases & CRM Mayer Brown LLP  1,600 Attorneys 
Methods for Stopping Spam James Lick

Methods for Stopping Spam James Lick
© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.

© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.
----Presented by Di Xu 17.12.2010.  Introduction  Overview of Spam  Solutions to Spam  Conclusion.

----Presented by Di Xu  Introduction  Overview of Spam  Solutions to Spam  Conclusion.
1 Aug. 3 rd, 2007Conference on Email and Anti-Spam (CEAS’07) Slicing Spam with Occam’s Razor Chris Fleizach, Geoffrey M. Voelker, Stefan Savage University.

1 Aug. 3 rd, 2007Conference on and Anti-Spam (CEAS’07) Slicing Spam with Occam’s Razor Chris Fleizach, Geoffrey M. Voelker, Stefan Savage University.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
UC Irvine’s New Anti-Spam Measures Keith Chong Network & Support Programming Network & Academic Computing Services UC Irvine August 9, 2005 Keith Chong.

UC Irvine’s New Anti-Spam Measures Keith Chong Network & Support Programming Network & Academic Computing Services UC Irvine August 9, 2005 Keith Chong.
SPAM WeeSan Lee

SPAM WeeSan Lee
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 15 How Email Spam Works.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 15 How Spam Works.
August 8, 2006 for NYExUG Presented by Ben Serebin www.reefsolutions.com Welcome to the 1.5 years anniversary meeting. Tue, August 8, 2006. Every 2 nd.

August 8, 2006 for NYExUG Presented by Ben Serebin Welcome to the 1.5 years anniversary meeting. Tue, August 8, Every 2 nd.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
Fighting Spam Enterprise Spam Filtering Using Open Source Tools.

Fighting Spam Enterprise Spam Filtering Using Open Source Tools.
23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.

23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.

Similar presentations

Ads by Google