Slashdot Mirror

← Back to Stories (view on slashdot.org)

Revolutionary Spam Firewall Developed

Posted by CmdrTaco on from the well-that-said-so-anyway dept.

psy writes "physorg has a story on a new spam firewall developed at The University of Queensland. The new technology is the only true spam firewall in existence, according to co-developer Matthew Sullivan. "Existing anti-spam software filters out spam whereas ours puts up a firewall, stopping all email traffic and only allowing real mail through," said Mr Sullivan. "In addition, our technology is accurate and fast. We recently completed a successful trial of a key layer of the spam firewall and it processed the emails at 90 messages per second, misclassifying only one out of 25,000 emails." "It turned out that the software was even better than us, picking up spam we'd incorrectly classified as legitimate emails."

3 of 507 comments (clear)

  1. Not the first; not revolutionary by Anonymous Coward · · Score: 5, Informative

    I think Barracuda Networks would rather disagree with the idea that this is the "only true spam firewall in existence," considering that Barracuda's entire product line consists of spam firewalls.

    Damn fine spam firewalls, too, I might add. They handle around 115 messages per second, and can run up to eight filtering steps (including Bayesian analysis, which is similarly efficient to SVM, which the one in the article uses). Plus Barracuda's can do virus scanning.

    I'm not sure how this is revolutionary.

    1. Re:Not the first; not revolutionary by Greyfox · · Score: 5, Informative
      I believe the distinction is when the filtering takes place. If you wait for the spam to be placed on your hard drive and filter it out when you start your mail client, then it's filtering. If you reject the spam before the remote MTA drops the connection, then it's a firewall.

      I'm using Postfix at home and it's got some nifty features to allow you to do this sort of thing. You can write a simple SMTP server that listens on some port of 127.0.0.1 and configure postfix to send the mail though that. Your server scans the E-Mail and sends a reject or accept message back to postfix, which sends it on to the remote MTA. Your SMTP server then feeds the mail into another postfix server which listens on an odd port of 127.0.0.1 and doesn't have the restrictions that your publically accessable postix server does. There are packages available for all sorts of scanning based on this ability. Since you reject the message at MTA time, you don't have to bother with sending a bounce message, either.

      --

      I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

  2. Re:Spelling by random_culchie · · Score: 5, Informative

    Yes and aparently there are 600,426,974,379,824,381,951 different ways to spell viagra!

    Will your algorithm do it with polynomial complexity ;)