Linuxdoc Linux Questions
Click here to ask our community of linux experts!
Custom Search

10. Fighting against Viruses and SPAM

This chapter is optional and describes HOWTO fight against Viruses and SPAM.

10.1. Brief introdcution to viruses

I think I do not need to explain how dangerous Viruses are. Unfortunately in the most recent attacks from SCO.A (aka MyDoom) also more or less experienced users get tricked by viruses. Most of todays viruses and worms comes via the internet, most of them via E-Mail. Needless to say, that viruses should be catched by the SMTP system if possible.

Caution Not a substitute

A mailsystem that filters viruses is NEVER a substitute for a local installed anti-virus software. E-Mails are only one way how viruses can penetrate computers.

10.2. Brief introduction to SPAM

The other harmless but unwanted and disturbing E-Mails are SPAM e-mails. SPAM is originally a disgusting canned meat. It is a synonym for UCE (Unsolicited Commercial Email) and UBE (Unsolicited Bulk Email).

Studies claim, that up to 60 percent of the worldwide e-mail traffic is SPAM. Before I installed the anti-SPAM filters on my SMTP servers, I received about 150 SPAMS's a day. One reason is this document. In ancient time, I noticed my real e-mail address unprotected. E-mail harvesters are scanning websites allover the world for addresses, and try to deliver its commercial, often illegal offers.

10.3. Strategy against viruses

The strategy against viruses is pretty forward: Filtering viruses delivered via e-mail and having a localally installed anti-virus software.

Almost all vendors of anti-virus software have a up-to-date version for Linux and Unix Systems, because most SMTP servers are running on Unix. In this document I'll explain HOWTO implement clamav, a very active open source anti virus project.

10.4. Strategy against SPAM

Fighting against SPAM is much more difficult than viruses. Why? It is because every virus has a unique signature. SPAM can contain arbitrary content. Some of the SPAM is in english, other is korean, other is in "you-name-it-language".

The best method how to prevent SPAM is to handle your e-mail address as your best treasured secret. NEVER put your address in a web-form or put it on your website. I know, that is against the idea of the internet. Information must be free. You can keep publishing your e-mail address if you implement the configuration further below.

In the beginning of SPAM, filtering for keywords like »viagra« was enough. Todays SPAM techniques are much more sophisticated. It is a war between users and spammers. The solution against sophisticated SPAM is even more sophisticated anti-spam software.Todays anti-spam software checks e-mail for more than just keywords. They are checking for specific mail-header data etc. Also a technique called bayesian filters which can learn from particular input, distributed checksum networks etc.