Slashdot Mirror

This is a real time graphs of attacks and mails to our Barracuda Gateway to give you an idea:

** You can see countries from where attacks are coming and a little snapshot of mail volume **.

http://prntscr.com/cmc1wx

When the mail does hit our MTA, running sendmail; we run it through SA -- which also updates itself automatically (via cron) **sa-update **.

Some imporant notes:

1) You DO need clamav or else spam will the last of your worries....(Also note that clamav is a memory beast). You can also use Symatec but I have completely moved from them to ESET (Desktop) and ClamAV + Barracuda for rest.

2) RBLS: we use these:

FEATURE(dnsbl,`blackholes.mail-abuse.org', ` Mail from $&{client_addr} rejected; see http://mail-abuse.org/cgi-bin/... {client_addr}')dnl FEATURE(dnsbl,`dialups.mail-abuse.org', ` Mail from dial-up rejected; see http://mail-abuse.org/dul/endu... FEATURE(dnsbl,`zen.spamhaus.org', ` Mail from zen rejected; see https://www.spamhaus.org/zen/'...

3) Also note, that we dont listen on IPv6 even though we serve content on http. The reason (as being discussed in postfix-users (a mailing list for one the more popular mail servers) is exactly this problem. The increase of IoT devices and proliferation of IPv6 makes is next to impossible to now scan from IPv6 hosts. So as such, we dont. Although Google, Microsoft internall uses IPv6 to route emails.

4) I do not work for Barracuda.

5) Dyn's transactional email delivery option is really good. And so is Office 365 relay via their MTA (which also adds dkim signatures) and mostly would mean your mail would be delivered.

Please leave a message here if you want me to look at it.

Our paper from November 2011, "Social is bad for search, and search is bad for social", covered this last year.

Barracuda Networks doesn't even seem to have published a paper. (The article linked in the Slashdot article is a scraper site for press releases.) The Barracuda press release points to an "infographic" and a blog posting which, as their only outside source, links to a black hat site.

Barracuda doesn't seem to have discovered the extent of the social spamming ecosystem. We identified at least 6 levels:

• Advertising agencies.
• SEO firms. ("Google Places Guaranteed")
• Fake review, "like", "+1", and "retweet" generators. ("Buy Facebook Fans with us today and watch your popularity boom.")
• Fake account generators, both automated and outsourced to low-wage countries. ("Bulk Accounts is the largest mass account generator out there. ...Gmail, Myspace, Youtube, Facebook, Twitter, Hotmail and much more...")
• Fake IP address proxies and fake phone numbers ("Premium Private Proxies", "Top Quality CL Phone Numbers used to create Craigslist PVAs")
• Botnet operators providing proxies on compromised machines. Now we're down at the organized crime level.

This structure insulates the legitimate businesses who use ad agencies from the criminal activity at the bottom. Except for the botnet operators, everybody in that ecosystem has some kind of web presence, although towards the bottom, they usually have only Skype and Gmail accounts as contacts. I'm not going to link to them here, but our paper gives actual names.

Barracuda sells that, packaged as a separate appliance (among lots of other folks...)

You're absolutely correct in your thinking, but that's what keeps people like us employed. If society were concerned with their personal information, half the security companies in the world wouldn't exist. Take a look at the internet spam reports: http://www.barracudanetworks.com/ns/?L=en If people didn't OPEN that stuff, spammers/phishers wouldn't propagate it. People are ignorant, therefore I am employed.

Disclamer: I work for Barracuda.

What you're looking for is the "Barracuda IM Firewall", conversations are encrypted inbetween clients and the server, conversations can be logged, you can block external services, and it scales. We use it internally(~500 people).


PS: It's based on XMPP and you can use any jabber client with it, including pidgin or trillian.

http://www.barracudanetworks.com/ns/products/balancer_overview.php

Barracuda, anyone?

Uses XMPP under the covers, is reasonably robust, secure, and logs everything (for both "what'd he say again?" purposes and corporate accounting purposes). Integrated virus scanning, etc, etc, and comes with Windows, Mac and Linux clients (or use your own XMPP if you want). Best of both the OSS and proprietary worlds.

http://www.barracudanetworks.com/ns/products/im_overview.php

They do publish source. On that page, I found a link to the complete source of their Linux distribution.

A few weeks ago we were getting 100,000 - 200,000 backscatter emails a day. Some one was using our domain to send massive amounts of spam. Not from our servers of course, but it didn't matter. I think at its peak we were doing around 60 emails per second. Ended up installing a barracuda and that was barely able to handle the load. Then mysteriously after about 3 weeks, it just stopped.

Barracuda does contribute a good amount to the open source community.

Check out the page at http://www.barracudanetworks.com/ns/company/open-source.php

They have donated cash to Apache Foundation, FSF, and PopFile. They have donated hardware for development to ClamAV, ISC, lm-sensors, SURBL and others...
They operate mirrors for SaneSecurity, and SURBL free of charge.
They have donated $$ to Spamhaus.
They have donated a lot of code and sponsored several projects.
The project leader for the Psi Jabber Client project is a full time employee at Barracuda who is paid to lead the project.

How could you claim that Barracuda does not support open source?

1. Barracuda Networks spam/virus filter/firewall. http://www.barracudanetworks.com/ns/products/spam_ overview.php 2. StoreVault or NetApp filer for data backup. Put a FC or iSCSI HBA in the server, and you can also boot from a LUN on the filer that can be replicated and snapshotted too.

http://www.barracudanetworks.com/ns/products/web-f ilter-overview.php
Works quite well for me!

There are a large crowd of email maintainers who believe anonymous email is important for political reasons.

I think your right on the mark though with the pharmacy analogy. We were able to implement SMTP to ESMTP quite easily so it shows people can definitely implement changes in protocols.

I also vote with people who think black hole lists are pretty much useless these days because they swallow up so many innocent people/organizations.

It would be nice to have an open source barracuda ( http://www.barracudanetworks.com/ns/?L=en ) like box - these things really work well.

Get yourself a Barracuda. It is an appliance, is easy to configure and use, is updated regularly over the internet by the vendor, works with active directory, has plug-in for outlook users, and best of all will continue to work after you throw exchange away and get a real mail system. We buy them for our customers and have one ourselves, exchange or unix-based email.

http://www.barracudanetworks.com/

Not to evangelize too much, but but I love my barracuda box. It's conceptually a linux box with spamassasin and some bayes stuff with a web interface. But its great, no per user licensing, active directory integration etc. (The AD stuff lets it tell if an email address exists in your organization or not before forwarding the message. If not, it just hangs up on the sender.)

It isn't 100%, at least the way I have it set up because we don't want false positives ever, and my users are far too dumb to navigate the quarantine box. Anyway, overall in my experience it has been a nice box. Oh yeah, and the reseller I used set us up with a try-before-you-buy type thing, probably others will do that too.

"I want to do a bunch of things. How many ways can I do them?"

Anyway, what we're currently doing where I work is, we have a Barracuda for spam/virus filtering, and that relays mail to our Exchange server for delivery. Barracuda has some nice features, including LDAP validation of recipient email addresses, and it's been working pretty well for us so far. If you're dealing with a large volume of mail, a turnkey solution is a nice time saver.

I would use qmail, with courier and vpopmail running over top of it. For the web mail check out http://www.horde.org/. It's got some really great features.

For spam and virus check out a barracuda unit, simply amazing. http://www.barracudanetworks.com/ns/?L=en

It's unfortunate you got so many junk answers to your query (e.g. "resign", gmail, .mac, etc). I had a server running ~15,000 accounts on a Pentium 133 with IMail 7 a while back. It wasn't pretty, but mail got sent and received as it should.

Hula claims to scale pretty well, integrate with ClamAV and SpamAssassin, and have lots of other cool gimicks for calendars and such. For 1 million accounts, I'd get some sort of dedicated spam/virus filter, though.

I hate to say this, but I would seriously consider http://www.firstclass.com/casestudies/Business/ with some sort of anti-spam http://www.barracudanetworks.com/ns/?L=en infront of it.

The only serious problems I have with it:
-lack of true RIM support
-hard to find quality administrators

But it has all the functionality you could possibly need and it Just Works.

with over a million SMTP sessions a minute

So I take it that even though your Barracuda (http://www.barracudanetworks.com/) is liquid-coooled, it still glows a dull red?

;^)

It should be illegal because it doesn't just annoy consumers...It annoys corporations.

From This link:
In 2003, spam cost U.S. businesses more than $10 billion in productivity loss, according to some studies. Other research shows that U.S. enterprises spend an average of $49 per e-mail user per year to handle the extra load imposed by spam.

Though a biased source, I'm sure it has some legitimacy. And if you fuck with the U.S. economy(in a bad way), you should pay.

We run a cluster of Barracuda Networks spam firewalls. They use mainly open-source software (spam-assassin on Linux, plus lots of other stuff), are super-easy to install, and they advertise on Slashdot. What more do you want?

It's getting a bit ridiculous. Maybe it's time to re-think e-mail protocols--or implement the current ones properly: mandatory authenticated SMTP, proper registration of MTAs, etc. The problem is that it's simply too easy to bombard the current setup and the rules shouldn't be political they should be technical. The big players need to lead the way--Hotmail, GMail, .Mac, AOL, (insert other here) etc. (They're also the ones who will benefit the most!). Everyone else would follow suit. If all the rogue or spoofed MTAs out there are left in the cold and the properly registered sources of abuse are uniquely identifiable for blacklisting, SPAM as we know it will become manageable. Of course, like roaches, the bastards would find another way in, but the raging river could be cut to a trickling stream.

Until then, I think this is a great investment opportunity. [Not a plug--just making a point]

At the enterprise level we are using a Barracuda spam firewall, which since we installed it in Oct of 2004 has caught 789,000 infected emails. In addition we are running Symantec Antivirus on our domino servers. In addition we just rolled out Webroot Spysweeper Enterprise, and it all works great!

No more headaches due to virus and spyware!

... not to mention one of the best (IMO) commercial packages out there.

My office (an ISP, with about 5000 email addresses) uses a Barracuda 400.

It's a nice 1U rackmount system, dead simple to integrate into most SMTP networks (just one DNS change and you're done), works well (internally, it's basically a somewhat-tuned version of SpamAssassin), great for the end-users (integrated Web interface for adjusting settings, handling quarantined emails, etc.). And cost-effective (the 400 was under $5k from our reseller).

Ultimately, though, this is probably another instance of "they don't advertise with zdnet, so F 'em". Barracuda does occasinally advertise here, though, so if you haven't disabled ads, keep an eye out. :-)

I'll be getting my 'Cuda demo box Wednesday. The 300.

How are you protecting your outgoing SMTP traffic? Barracuda doesn't act as an SMTP AUTH Proxy. Are you leaving port 25 open and just not pointing an MX record to it, or are you using some other firewall for outboung SMTP?

Link: http://www.barracudanetworks.com/

Barracuda Networks makes a pretty good "pretty box" that satisfies the PHBs while retaining OSS goodness. And a damn sight better than the products in the review!
(I know, I had to evaluate them all recently! Grr... Told 'em OSS was the way to go...)

I think it's more some advertising news for Bill Gates than anything else. I mean, The world richest man can at least afford one of thoses babies which can handles 25 millions mail/days

I think Barracuda Networks would rather disagree with the idea that this is the "only true spam firewall in existence," considering that Barracuda's entire product line consists of spam firewalls.

Damn fine spam firewalls, too, I might add. They handle around 115 messages per second, and can run up to eight filtering steps (including Bayesian analysis, which is similarly efficient to SVM, which the one in the article uses). Plus Barracuda's can do virus scanning.

I'm not sure how this is revolutionary.

Not even close to a cpu second per message. Barracude appliances can do up to ten million messages per day filtering both spam and virus's. Their accuracy is pretty damn good too.

From the logs of our anti-spam appliance, over the last six weeks or so:

Total emails received 27900189
Blocked (Spamhaus lists) 22450665
Quarantined (probably spam) 4449044
Viruses 117518
Allowed 882962

I'd be delighted if the spam dropped off so it were only 32% of our mail. Think of all the things I could do with that extra bandwidth...

In fairness, the study says they were looking at businesses, and this is at a small ISP, mostly residential customers. But it's a good number to chew on nonetheless.

Try Barracuda Networks for some real SA power. We run a BN 300 and have reduced Spam/Virus problems to nothing. I wish I had this for the last couple years.