Article jul2006.tar

syslog

Last month, I asked readers to let me know how they're dealing with spam. My questions were prompted by a lack of articles submitted for the June spam issue. From the responses that I received, the consensus seems to be that third-party tools handle the problem well enough that sys admins don't have to worry too much about it. However, there are issues still to be dealt with. Jim Edwards put it like this:

    1. The problem has mostly been solved.

    2. The problem is here to stay...

By way of explanation, he says:

    1. The problem has mostly been solved. There are some simple solutions that work very well. We use Brightmail because we get a lot of email from the public, and Brightmail has a very low false-positive rate. 60% of our incoming email is spam, and about 2% of it gets through... The reason no one wrote about it is that there really isn't much else to say that hasn't already been said.

    2. Spam is like traffic, taxes, and death. It is a simple fact of life on the Internet. If you have email, you're gonna have spam; just like if you have a car, you're gonna deal with traffic. If I already have a 98% effective solution in place, is it really worth my time and effort to try to weed out the other 2%? Take into that the fact that the second I come up with a solution, the spammers are going to come up with a way to beat it.

I also asked readers to tell me what article topics they'd like to see in the future and received a wish for these spam articles: "How to write SpamAssassin Rules", "A Comparison of Anti-Spam Services", "A Survey of Anti-Spam Applications", and "How Bayesian Filtering Works".

G.K. Meier responded with suggestions in other areas:

  • How to configure best-of-breed open source software as application layer firewall proxies.
  • How to build reflexive open source firewalls to dynamically reconfigure rules and real-time alerting, and integration with IDS systems.
  • Hardening examples of (Unix-like) Web and file servers deployed in DMZs.
  • How to build read-only, flash-based file system images to reduce maintenance, and control sensitive information for use as a hard drive replacement for use with Citrix, SSL VPNs, MS Terminal Services, and VoIP.
  • Methods to allow Unix-like systems to authenticate against Active Directory, using software such as LDAP-UX, OpenLDAP Bridges, and Radius.

I thank all of you who wrote to me and who kindly allowed me to share your responses. If you have other suggestions for articles that you'd like to see in Sys Admin or if you'd care to submit an article on your own pet topic, please email me at: aankerholz@cmp.com or send a proposal directly to Rikki at: rendsley@cmp.com.

Sincerely yours,

Amber Ankerholz
Editor in Chief