<< Back to article Print this page Loading page, please wait...

Need open source e-mail security? Get it ASSP!

Best place to stop spam is still at the mail server

Rodney Gedda (Techworld Australia)
30 April, 2009 11:09

What is the best way to prevent spam and viruses from entering your inbox? According to its makers, the open source Anti-Spam SMTP Proxy (ASSP) server project takes the honours because of its design and feature set, and best of all it is free and cross-platform.

Version 1.5.1.1 of ASSP was released this month and aims to be an all-round e-mail security suite that does everything from greylisting to Bayesian filtering.

ASSP is developed in Perl and does not require a database or any significant modifications to an existing mail server setup.

It sits as a “proxy” in front of the mail server and screens messages as they arrive.

While not as well known as the open source SpamAssassin project, ASSP claims “when it comes to killing spam nothing is as deadly as an ASSP”.

The project's founder John Hanna believes the best place to stop spam is still at the organisation's mail server.

“Most spam has an invalid bounce address, so notifying non-delivery simply bounces to Postmaster, creating even more wasted bandwidth,” according to Hanna. “The SMTP server is the only place where spam can be stopped before entering your system.”

However, Hanna believes because mail transport systems are “slow to adopt new technology”, and spammers are “quick and flexible”, most SMTP servers are ill-equipped to stop spam.

“One spam-stopping solution could work with all existing SMTP servers if it was implemented on a second level - a transparent SMTP filtering proxy,” Hanna says. “This was my goal for this project.”

“Anti-spam tools must be adaptive to new spam and customized for each site's mail patterns. This free, easy-to-use tool works with any mail transport [system] and achieves these goals requiring no operator intervention after the initial setup phase.”

The project has 10 contributors, but has garnered an avid following with between 2500 and 3500 downloads of the package per month.

Among its large feature set is Web-based administration, cross-platform (Windows, Linux, Mac OS X), mail server independent, automatic whitelisting, automatic maintenance of spam and non-spam databases, virus scanning with ClamAV, and SSL/TLS support for non-SSL aware MTAs.

Version 1.5.1.1 adds improved HELO handling, improved community GreyIP List support, better performance and memory usage, and support for additional virus scanners.