We have a Solaris Sparc machine configured with sendmail. Currently a lot of spam is coming to our server. Can you please suggest me how to control spam.
-- Manjunath

There are several ways to do it, but I'd suggest starting with a spam-control solution on a separate server. This takes the processing load off of your mail server in dealing with the spam and gives you a fallback option if something happens to where you can reroute email to the Solaris box.

The most popular option is to build your solution using Spamassassin. But also consider using Postfix as a replacement for sendmail. Out of the box it does quite a bit of spam control on its own by checking for valid domain existence, valid A or MX record for the sending domain, etc. You can add more spam hurdles by checking against several realtime blacklists that look for known sites that are currently sending spam and IP address ranges assigned to Internet providers. You can do this with Sendmail as well, so it's partly a matter of what you are the most comfortable with. There are several "cookbook" solutions you can find using Google that will show you how to put together a system using a variety of components.

There are "add-ons" such as Razor that supplement and enhance SpamAssassin. While Spamassassin comes with quite a number of built in, there are even more for the picking. One of the best sites for finding rule sets is www.rulesemporium.com.

However, don't just set and forget - the spammers certainly aren't doing that. This is an ongoing process that you will have to monitor, tweaking it over time as the spammers adjust their assault tactics to keep the wolves at the gate. Check this site often as the rules sets can often be updated on a daily basis based on what is being seen in the wild.

Depending on your volume of e-mail, you may find that you need to have a gigabyte or more of RAM installed in the system running Spamassassin. Periodically checking for new versions of SpamAssassin and the other modules will give you the the best chance of keeping spam out of your mail system.

You also have the option of implementing a spam control system using a commercial solution - which gets down to a cost/benefit analysis of comparing what a vendor can offer you that you don't have to spend time configuring.

Whitepapers

• Getting in Compliance With Government Data Regulations By Leveraging Online Security Technology
• How to Offer the Strongest SSL Encryption
• Maximizing Site Visitor Trust Using Extended Validation SSL
• Seven Steps to Reducing your Security Risk
• The Latest Advancements in SSL Technology
• Vulnerability Management For Dummies

View more SECURITY whitepapers

Webcasts

• Mobile Data Security
• Best Practices for Deploying WAN Optimization for Disaster Recovery
• Key Considerations for a Successful 802.11n Deployment
• Solutions to the Toughest IT Challenges in Remote Offices
• Lowering the Cost of Email Archives
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• Taking Virtualization Up a Notch
• The self-managed network

View more SECURITY special reports