Anti-Spam

Spam is a curse that just keeps getting worse. Figures from independent studies suggest over 80% of global email traffic is spam [Cisco]. You might not be able to hunt down the spammers and mete out well deserved punishment but you can take steps to reduce the amount of time wasted manually checking and discarding this electronic junk mail.

Email

You know what it is, you know what it does, you get so many spam emails you regularly trash real messages by accident and you're probably paranoid about getting viruses (it's not paranoia, they really are out to get you).

What you can do about it is to make sure that your organisation uses a combination of client and server based protection, such as:

  • Server based anti-spam Running on your email gateway, antispam software examines the content of an email message against a ruleset and if it looks sufficiently spammy, the message is either labelled or rejected immediately.
  • Server based anti-virus Also running on you email gateway, antivirus software examines email attachments for known viruses and rejects infected messages.
  • Client junk mail filters Usually a function of your email client, junk mail filters will automatically file as 'junk' or delete messages that look like spam. Client junk mail filters operate in the same basic way as server based filters but are generally less configurable.
  • Client virus scanners Software running on the client computer that scans email messages and other files for viruses and prevents them from being executed.

If I have virus scanning on my server why do I need it on my clients as well?

Because email is not the only infection vector available to viruses. Any program that can be executed on the computer may contain a virus. These programs might come from CDs, diskettes, USB drives or other network devices.

Having client based virus checking will prevent other infected programs from damaging or propagating to other users.

So if I have to have virus checking on the clients why do I have it on the server as well?

Partly through paranoia – a multi-layered defensive strategy improves your chances of detecting new viruses, and partly as a way to ensure that at least on level of scanning is done on all emails.

Email scanning is important for both incoming and outgoing emails. Because client virus scanners can sometimes be disabled without the user's knowledge (many viruses attempt to do this), you may inadvertently generate infected emails. Having a server-based virus scanner provides a guaranteed level of scanning for all messages and protects your own infrastructure as well your clients.

Mail Gateway

A mail gateway provides a single point of control for all email entering or leaving a corporate network.

A mail gateway is not a substitute for a firewall, nor should it support live data. In a small to medium sized installation, the mail gateway may also support other services such as a proxy server or web server.

Are you part of the problem?

Misconfigured mail servers ('open relay' servers) can be used by spammers to send emails. Not only does this contribute to the problem of spam, it may also get your server black-listed which can prevent any emails you send from being accepted.

Having an open relay server will also generate substantial additional internet traffic, for which you may have to pay, and which will interfere with your legitimate internet use.

Search Tags

vba  analysis  implementation  wireless  browser  testing  audit  office  psychology  open source  programming  process  moodle  security  email  website  joomla  documentation  owncloud  software

Features Articles

A Taxonomy of Loss

The widespread commercial use of the internet has led to an increasing focus on systems security. Media driven hype and a lack of independent information can make the true level of threat to an organization difficult to determine. Adopting a structured approach to the analysis of computer system security risks and allows an organization to more effectively balance their operational requirements against the potential for loss, whether that loss involves physical equipment, information or reputation.

This article discusses the components of a computer system, the types of attack to which they are exposed, some typical defence mechanisms and some weaknesses in the standard defences. The information and concepts shown can form a starting point for the development of suitable security and operational strategies to assist organizations to obtain the maximum value from their investments in computer systems.

Beyond the Blackboard

Considerations when designing or specifying an on‑line learning environment.

For many organisations, the provision of training to staff and customer represents a significant cost. As the processing power and network bandwidth available to desktop PCs increases, the performance and features of on‑line learning systems have improved to the point where the delivery of training via a computer has become a viable option.

While on‑line learning is not an appropriate solution for all training needs, it does provide an effective training delivery mechanism in the right circumstances.

This article discusses some of the issues involved in creating an on‑line learning environment, viewed from the perspective of the different interest groups involved. The information and concepts shown here are not definitive; you should carefully consider your own specific requirements before implementing any computer system.

Online surveys

How do you know what your customers want? Perhaps you should ask them.

Surveying your internal or external customers gives you hard information on which to base decisions about product development, marketing campaigns, resourcing or any other area where you organisation or department interacts with another group (which means in nearly everything you do).

Documentation

It might be the last thing you want to read, but not having a well documented IT infrastructure (servers and networks) can lead to surprising events like critical systems running on unsupported servers.

Documentation must not only be accurate at the time it was created it should also meet these additional criteria:

  • Available The people who need the information must be able to get at it.
  • Editable Any documentation in the IT industry is quickly out of date, so it is essential that information is able to be correctly updated as soon as a change is required. Ideally the client or end-user should be able to do this, rather than waiting on the 'approved editor'.
  • Current 'Out of date' is just a nice way of saying 'wrong'. The date on which the underlying information was updated should be shown on any reports either printed or viewed online.

Network Security

External Network Scanning

One of the core mechanisms for protecting networks is to install a firewall to mediate traffic between systems on the internal network, publicly accessible systems is a DMZ (from the military term demilitarised zone) and the internet.

Open Source

You shouldn't be using open source software because it's cheaper (although it is), you should be using it because of its features and flexibility and the fact that it doesn't lock you in to restrictive license agreements.

Latest blog posts

"I have not failed. I've just found 10,000 ways that won't work."
Thomas Edison

IP:18.217.8.82

FacebookTwitterLinkedinRSS Feed

Hosted at Panthur web hosting.

© Dropbear Consulting Pty Limited
Privacy policy