Companies and ISPs that want to stop spam before it hits a users mailbox may be interested in VA Linux Systems Japans SMTPGuard, an open-source, anti-spam program for mail servers.
While SMTPGuard is part of “VA FMS,” VA Linuxs open-source messaging solution, it will also work with other SMTP (Simple Mail Transfer Protocol) servers.
Unlike other open-source MTA (mail transfer agent) spam protection programs like the Apache Foundations popular SpamAssassin, SMTPGuard uses a fairly simple methodology to detect spam.
SMTPGuard collects data only from SMTP sessions rather than examining the text of a message. Thus, it looks at IP (Internet Protocol) addresses, MAIL FROMs, RCPT TOs and their historic frequency. These factors are then given weight points based on user-designated set of rules.
This refined data is then compared with rules set up by the mail administrator. When the point totals are high enough for a given SMTP address, the MTA is instructed to take the appropriate action.
These can include denying mail transfers, delaying answering sessions, sending warning e-mails to the administrators and so on.
With SMTPGuard, even if SMTP servers are drowned in a flood of spam, the administrator can control the incoming stream by changing the rule set to limit the acceptance of mails sent by specific IP addresses or senders.
With this, the mail will continue to flow even if multiple IP sites serviced by the MTA have been infected by a spam-generating botnet.
Its simpler than it sounds. Essentially, all SMTPGuard does is look for unexpected spikes in mail traffic. Whenever a site or person on a site suddenly starts sending an unusually large number of messages, the program takes notice of this.
SMTPGuard might first inform the MTA manager and site administrator that the site might be harboring a robot spam generator. It would then escalate up to and including simply refusing to relay any more messages from that person or site.
Essentially, SMTPGuard acts as a traffic monitoring and throttling program designed expressively for detecting and preventing spam SMTP traffic from eating up a business or ISPs Internet bandwidth.
SMTPGuard is now available on the FlexGuard Project page at SourceForge.net.
VA Linux has already committed the SMTPGuard package to Debian GNU/Linux. This means that Debianized SMTPGuard package will be available from the official Debian archive within weeks.