O'Reilly Open Source Convention - August 1-5, 2005 - Portland, Oregon
 Convention Coverage

Session

Email Security Techniques: Filtering the Future
Kees Cook, Ubuntu Software Engineer, Canonical Ltd.

Track: Security
Date: Friday, August 5th, 2005
Time: 10:45am - 11:30am
Location: E144

Theories about new email security techniques are developed fairly regularly, but the response from mainstream Mail Transfer Agent programmers to implement these techniques are not always very quick. To implement new policies, system administrators need to have a system in place that can manage arbitrary new rules and quantify the results.

This talk presents a case study on using MIMEDefang, ClamAV, SpamAssassin, and custom implementations of SAV, SPF, and SURBL checking to curb inbound viruses, spam, and phishing attacks at OSDL. Different MTAs were reviewed, and sendmail was chosen for its great extensibility through the milter API and the Perl tool MIMEDefang. Email security ideas were turned into actual working rules, and finally the logs were parsed to generate graphs detailing why and how much spam was rejected. Topics include:

- Scoring vs. bouncing: the religious debate

- Available techniques:
* Network evaluation: HELO, IP & DNS RBLs
* Sender validation: SAV, SPF, and Domainkeys
* Recipient validation: SRS
* Content scanning: Bayes, regex, SURBLs, DCC, filtering
* Virus scanning: ClamAV
* Session management: Quarantine, greylisting, tarpits

- Implementation: extending MIMEDefang

- Visualization: does any of this actually help?



Diamond Sponsors

Computer Associates International Inc., (CA)
Hewlett Packard
SpikeSource
Sun Microsystems

Platinum Sponsors

Novell, Inc.

Gold Sponsors

ActiveState
IBM
Ticketmaster

Silver Sponsors

ActiveGrid
Alfresco
Black Duck Software
CollabNet
Covalent Technologies
Google
GroundWork Open Source Solutions
Intel Corporation
Mergere, Inc.
Microsoft
Oracle
Palamida
SourceLabs
SugarCRM
Yahoo! Inc.
Zend Technologies, Inc.

Media Sponsors

boing boing
C/C++ Users Journal
DevtownStation News
Digital ID World
Enterprise Open Source Journal
Free Software Magazine
InsideMac Radio
Integration Developer News
Linux Journal
LinuxQuestions.org
Open Enterprise Trends
Queue
SDForum
Software Association of Oregon
Version Tracker
Wi-Fi Technology Forum
Women's Technology Cluster
WorldWIT

In-Kind Sponsors

Dell Inc.
Gibson
Griffin Technology
Harman Multimedia
Smugmug

Sponsors

OSCON 2005 Sponsor Opportunities — Email us at

Download the OSCON 05 Sponsor/Exhibitor Prospectus

OSCON 2005 Media Sponsor Opportunities — Call Margi Levin at 707-827-7184 or email at

Press and Media

For media-related inquiries, contact Suzanne Axtell at

Conference News

Want to receive conference news? Sign up for our email newsletter.

O'Reilly Home | Privacy Policy

© 2005, O'Reilly Media, Inc.