ISSeG logo

 Training and Dissemination web site

 FP6 logo

Integrated Site Security for Grids

 A project co-funded by EU FP6 programme
Home page

Top Recommendations
Top Threats
Security Checklists
Risk assessment

my Role
my Site
my Community
All Recommendations
All Threats
Training
Downloads

Security terms


Contact
ISS & ISSeG

Recommendation

Enhance spam filter tools and mailing security

ID: R54
What:

Nowadays electronic mail systems contain more components than the mail server itself. Necessary additional components, to protect a site from dangerous mail content or spam mails, are a content filtering tool (anti spam agent) and an anti-virus filter.
Why: Electronic mailing systems are often misused to spread viruses or spam, including links to dangerous websites. Defences in the three components of the mail system must be detected and the systems have to keep up with evolving trends.
How : Update your existing solution or implement a new one
There are many freeware and commercial solutions existing on the market. Depending on your current mail server set up you should draw up specifications which have to be met by the spam filter software.

Hints:
  • Effective spam filtering reduces security risks and lost time for users.
  • Latest versions of spam filtering software provide improved functionality and upgrading is recommended.
  • Participating in beta tests can influence product functionality.
  • Beneath central administration the possibility for individual configuration by the users itself should be considered.
  • The anti-spam solution should not evaluate the rules given by an administrator in a sequential order because that complicates the integration of prioritization policies.
  • A centralised system for system logging is recommended.
  • Manageable waiting queues should be available.

    Links:
  • http://en.wikipedia.org/wiki/Spamfilter
  • http://spamassassin.apache.org/index.html
  • http://www.spamfighter.com/Product_Info.asp
  • http://www.mozilla.org/mailnews/spam.html

    • Relevant recommendations

    R42, R50, R55, R56

    Relevant threats:

    T10, T13, T16, T19, T21, T25, T27, T30, T40
    Relevant ISS audit questions:

    Q10, Q55, Q58, Q66, Q67, Q68, Q69, Q100, Q103, Q104, Q105, Q106, Q107

    Keywords User, Antivirus, Desktop, Vulnerability, Worm, Virus, Spam, Developer, Administrator, Intrusion, Detection, Policy, Internet, Service
    Recommendation Category:
    Technical - Administrative - X  Education - X
    Copyright (c) Members of the
    ISSeG Collaboration
    2008    		 Top of page Home page Information Society and media logo

    This is version 5.2 of the website - view release notes
     -view visitor statistics