Educause Security Discussion mailing list archives
Re: SPAM/spyware appliances or services
From: "Borne, Chris" <cborne () REGIS EDU>
Date: Tue, 19 Apr 2005 13:44:18 -0600
We use Tipping Point for IDP. It works pretty well for us. For SPAM I use Can-IT Pro from Roaring Penguin. It's a software solution, and sits on 3-4 servers, 2 for gateways, one web interface, and one for the database. The only one I needed to be new and beefy was the DB server. We recycled 4-year-old Proliant 1U servers, so no cost there. The software was very reasonable. The solution is very easy to customize if you have PHP programming experience, now proprietary OS, it runs on your favorite Linux or UNIX variant. We used IronMail in the past. Our users hated it. I got frequent calls from users surprised we even had an anti-SPAM solution in place. It wasn't very customizable for individuals, no whitelist or blacklist for individuals, so I wasn't able to block near the amount of SPAM that I could in a more corporate environment. Our faculty expects the ability to choose whether they get all their mail, or limit it on their own. One person's SPAM is another's research here. Also, personal use of our email is generally accepted, so sales-related SPAM using dictionaries was limited. Can-IT allows them to use a web interface to block domains, and to set scores based on a series of rules, all of which can be customized by the user. We actually simplified this, and have 4 choices for the levels of probable SPAM a user is customizable. About 20 people have such bad problems with inbound SPAM that we taught them to control their own streams. There was nothing like this with IronMail. Anti-virus definitions were released late (4-12 hours after the AV vendor put them on their website, often after a peak in the attack has hit). While I've seen and heard of people being happy with IronMail, and don't argue it's power to block SPAM on a global level, you must have complete control of the email to use it, and be able to decide what is SPAM and what is not. This didn't fly in the Liberal Arts environment here at a Regis, where Academic Freedom is highly revered. This may have changed, we dumped it spring of 2004. I was able to purchase the Can-IT product for the same amount I would have paid for 2 years of CipherTrust support. Nice on the budget. I'd be glad to discuss offlist with anyone. If anyone is using IronMail, I have 2 IronMail boxes I can sell for a song (.mp3 will do). They are collecting dust in the corner, I've been trying to get info on whether CipherTrust would be willing to support them If I sold or donated them to another CipherTrust customer (we have a sister school who uses and likes IronMail). 6 months and 4 calls/emails to 4 different people later, and no reply. But if you want a 210 & a 110 for hot spare parts, LMK. Chris Borne Regis University ITS cborne () regis edu -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Gary Dobbins Sent: Tuesday, April 19, 2005 7:15 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] SPAM/spyware appliances or services Am curious to know who's using an appliance or an external service (as distinct from software running on the MTA) to aggressively filter spam for their campus. Additionally, do any of you employ products which filter spam from email traffic as well as filter spyware from HTTP; who's using what? -- ------------------------------------------------------------ Gary Dobbins, CISSP -- Director, Information Security University of Notre Dame, Office of Information Technologies ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Re: SPAM/spyware appliances or services, (continued)
- Re: SPAM/spyware appliances or services Gary Flynn (Apr 19)
- Re: SPAM/spyware appliances or services Lucas, Bryan (Apr 19)
- Re: SPAM/spyware appliances or services Patrick Saeva (Apr 19)
- Re: SPAM/spyware appliances or services Ron Parker (Apr 19)
- Re: SPAM/spyware appliances or services CAROLE CARMODY (Apr 19)
- Re: SPAM/spyware appliances or services Michelle Mueller (Apr 19)
- Re: SPAM/spyware appliances or services Fretz, Kerry (Apr 19)
- Re: SPAM/spyware appliances or services Davis, Thomas R. (Apr 19)
- Re: SPAM/spyware appliances or services Flagg, Martin D. (Apr 19)
- Re: SPAM/spyware appliances or services Huba Leidenfrost (Apr 19)
- Re: SPAM/spyware appliances or services Borne, Chris (Apr 19)
- Re: SPAM/spyware appliances or services Martin, Steve (Apr 19)
- Re: SPAM/spyware appliances or services Patrick Saeva (Apr 20)
- Re: SPAM/spyware appliances or services F. L. Ferreri (Apr 20)
- Re: SPAM/spyware appliances or services Valdis Kletnieks (Apr 22)