Open source e-mail filter? - SCO

This is a discussion on Open source e-mail filter? - SCO ; Anyone have recommendations for an open source e-mail filter platform? I have a client with a new requirement that all outgoing e-mail be filtered to block e-mail with SSN and any e-mail to web based e-mail hosts: E.g.. XXX@gmail XXX@hotmail, ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: Open source e-mail filter?

  1. Open source e-mail filter?

    Anyone have recommendations for an open source e-mail filter
    platform?

    I have a client with a new requirement that all outgoing
    e-mail be filtered to block e-mail with SSN and any e-mail
    to web based e-mail hosts: E.g.. XXX@gmail XXX@hotmail, etc.
    As well as examining outgoing e-mail for PGP (really lack
    of PGP) encrypted attachments to specified e-mail domains:
    XXXX@companyA.com XXX@CompanyB.com, etc.

    This all may be a problem as the client's e-mail is provided
    by remote service provider and all users at the client's
    location pop e-mail off the remote host and send e-mail
    via SMTP through the e-mail provider's system.

    Private web based e-mail accounts are blocked by using a
    Cymphonix NC75 that prevents users from accessing web based
    e-mail accounts via http port 80.

    However, nothing is presently used to prevent an insider
    from sending sensitive information to their own or
    any other person's hot mail or g-mail account.

    TIA.
    --

    Steve Fabac
    S.M. Fabac & Associates
    816/765-1670

  2. Re: Open source e-mail filter?

    On Jul 30, 8:59 pm, "Steve M. Fabac, Jr." wrote:
    > Anyone have recommendations for an open source e-mail filter
    > platform?
    >
    > I have a client with a new requirement that all outgoing
    > e-mail be filtered to block e-mail with SSN and any e-mail
    > to web based e-mail hosts: E.g.. XXX@gmail XXX@hotmail, etc.
    > As well as examining outgoing e-mail for PGP (really lack
    > of PGP) encrypted attachments to specified e-mail domains:
    > X...@companyA.com X...@CompanyB.com, etc.
    >
    > This all may be a problem as the client's e-mail is provided
    > by remote service provider and all users at the client's
    > location pop e-mail off the remote host and send e-mail
    > via SMTP through the e-mail provider's system.
    >
    > Private web based e-mail accounts are blocked by using a
    > Cymphonix NC75 that prevents users from accessing web based
    > e-mail accounts via http port 80.
    >
    > However, nothing is presently used to prevent an insider
    > from sending sensitive information to their own or
    > any other person's hot mail or g-mail account.
    >
    > TIA.
    > --
    >
    > Steve Fabac
    > S.M. Fabac & Associates
    > 816/765-1670


    If you host your own smtp server you can use this http://www.mailscanner.info
    integrates with spamassassin, rbl, virus scanners etc... BSD/Linux

    You could use this http://www.contentkeeper.com to block any site by
    category or file type downloads (Linux).


  3. Re: Open source e-mail filter?

    Brent Bolin wrote:
    > On Jul 30, 8:59 pm, "Steve M. Fabac, Jr." wrote:
    >> Anyone have recommendations for an open source e-mail filter
    >> platform?
    >>
    >> I have a client with a new requirement that all outgoing
    >> e-mail be filtered to block e-mail with SSN and any e-mail
    >> to web based e-mail hosts: E.g.. XXX@gmail XXX@hotmail, etc.
    >> As well as examining outgoing e-mail for PGP (really lack
    >> of PGP) encrypted attachments to specified e-mail domains:
    >> X...@companyA.com X...@CompanyB.com, etc.
    >>
    >> This all may be a problem as the client's e-mail is provided
    >> by remote service provider and all users at the client's
    >> location pop e-mail off the remote host and send e-mail
    >> via SMTP through the e-mail provider's system.
    >>
    >> Private web based e-mail accounts are blocked by using a
    >> Cymphonix NC75 that prevents users from accessing web based
    >> e-mail accounts via http port 80.
    >>
    >> However, nothing is presently used to prevent an insider
    >> from sending sensitive information to their own or
    >> any other person's hot mail or g-mail account.
    >>
    >> TIA.
    >> --
    >>
    >> Steve Fabac
    >> S.M. Fabac & Associates
    >> 816/765-1670

    >
    > If you host your own smtp server you can use this http://www.mailscanner.info
    > integrates with spamassassin, rbl, virus scanners etc... BSD/Linux


    Looks interesting but this is only inbound spam filtering. Still need something
    for outbound e-mail policy control.

    >
    > You could use this http://www.contentkeeper.com to block any site by
    > category or file type downloads (Linux).


    Already have a Cymphonix NC75 (now DC10) that does the same thing but no
    e-mail filtering. http://www.cymphonix.com

    >
    >



    --
    Steve Fabac
    S.M. Fabac & Associates
    816/765-1670

  4. Re: Open source e-mail filter?

    On Aug 2, 8:34 am, "Steve M. Fabac, Jr." wrote:
    > Brent Bolin wrote:
    > > On Jul 30, 8:59 pm, "Steve M. Fabac, Jr." wrote:
    > >> Anyone have recommendations for an open source e-mail filter
    > >> platform?

    >
    > >> I have a client with a new requirement that all outgoing
    > >> e-mail be filtered to block e-mail with SSN and any e-mail
    > >> to web based e-mail hosts: E.g.. XXX@gmail XXX@hotmail, etc.
    > >> As well as examining outgoing e-mail for PGP (really lack
    > >> of PGP) encrypted attachments to specified e-mail domains:
    > >> X...@companyA.com X...@CompanyB.com, etc.

    >
    > >> This all may be a problem as the client's e-mail is provided
    > >> by remote service provider and all users at the client's
    > >> location pop e-mail off the remote host and send e-mail
    > >> via SMTP through the e-mail provider's system.

    >
    > >> Private web based e-mail accounts are blocked by using a
    > >> Cymphonix NC75 that prevents users from accessing web based
    > >> e-mail accounts via http port 80.

    >
    > >> However, nothing is presently used to prevent an insider
    > >> from sending sensitive information to their own or
    > >> any other person's hot mail or g-mail account.

    >
    > >> TIA.
    > >> --

    >
    > >> Steve Fabac
    > >> S.M. Fabac & Associates
    > >> 816/765-1670

    >
    > > If you host your own smtp server you can use thishttp://www.mailscanner.info
    > > integrates with spamassassin, rbl, virus scanners etc... BSD/Linux

    >
    > Looks interesting but this is only inbound spam filtering. Still need something
    > for outbound e-mail policy control.
    >
    >
    >
    > > You could use thishttp://www.contentkeeper.comto block any site by
    > > category or file type downloads (Linux).

    >
    > Already have a Cymphonix NC75 (now DC10) that does the same thing but no
    > e-mail filtering.http://www.cymphonix.com
    >
    >
    >
    > --
    > Steve Fabac
    > S.M. Fabac & Associates
    > 816/765-1670


    If I understand the post, your client has tasked you to come up with
    some way to intervene in the communications between their office and
    this external ISP. I suppose it's theoretically possible, but really
    it boils down to negotiating with the ISP to enforce the client's
    preferred e-mail policies.

    As a practical matter it seems like your client is going about this
    the wrong way. Suppose you could intercept and scan all outbound e-
    mail. What would you scan for? The sequence 999-99-9999 might be an
    SSN, but maybe not. And a malevolent player can easily defeat the
    whole process by, say, removing the hyphens or sending a text message
    or image through their phone or printing a list of SSNs on a paper,
    carrying it out, and then scanning in the list.

    It seems like your client would be better off redoubling its efforts
    on securing the data at the source. Make sure that there are solid
    access and audit controls so they can determine who viewed sensitive
    information. Follow up on unusual accesses. To ensure compliance on
    e-mail policies, do random checks. Combine this with blocking access
    to well-known public email like hostmail & gmail, although know that
    determined users will figure out ways around this.

    Good luck!

    --RLR



  5. Re: Open source e-mail filter?

    On Aug 2, 10:34 am, "Steve M. Fabac, Jr." wrote:
    > Brent Bolin wrote:
    > > On Jul 30, 8:59 pm, "Steve M. Fabac, Jr." wrote:
    > >> Anyone have recommendations for an open source e-mail filter
    > >> platform?

    >
    > >> I have a client with a new requirement that all outgoing
    > >> e-mail be filtered to block e-mail with SSN and any e-mail
    > >> to web based e-mail hosts: E.g.. XXX@gmail XXX@hotmail, etc.
    > >> As well as examining outgoing e-mail for PGP (really lack
    > >> of PGP) encrypted attachments to specified e-mail domains:
    > >> X...@companyA.com X...@CompanyB.com, etc.

    >
    > >> This all may be a problem as the client's e-mail is provided
    > >> by remote service provider and all users at the client's
    > >> location pop e-mail off the remote host and send e-mail
    > >> via SMTP through the e-mail provider's system.

    >
    > >> Private web based e-mail accounts are blocked by using a
    > >> Cymphonix NC75 that prevents users from accessing web based
    > >> e-mail accounts via http port 80.

    >
    > >> However, nothing is presently used to prevent an insider
    > >> from sending sensitive information to their own or
    > >> any other person's hot mail or g-mail account.

    >
    > >> TIA.
    > >> --

    >
    > >> Steve Fabac
    > >> S.M. Fabac & Associates
    > >> 816/765-1670

    >
    > > If you host your own smtp server you can use thishttp://www.mailscanner.info
    > > integrates with spamassassin, rbl, virus scanners etc... BSD/Linux

    >
    > Looks interesting but this is only inbound spam filtering. Still need something
    > for outbound e-mail policy control.
    >
    >
    >
    > > You could use thishttp://www.contentkeeper.comto block any site by
    > > category or file type downloads (Linux).

    >
    > Already have a Cymphonix NC75 (now DC10) that does the same thing but no
    > e-mail filtering.http://www.cymphonix.com
    >
    >
    >
    > --
    > Steve Fabac
    > S.M. Fabac & Associates
    > 816/765-1670


    Nope. Doesn't care what direction it's coming from (in or out).


  6. Re: Open source e-mail filter?

    Brent Bolin wrote:
    > On Aug 2, 10:34 am, "Steve M. Fabac, Jr." wrote:
    >> Brent Bolin wrote:
    >>> On Jul 30, 8:59 pm, "Steve M. Fabac, Jr." wrote:
    >>>> Anyone have recommendations for an open source e-mail filter
    >>>> platform?
    >>>> I have a client with a new requirement that all outgoing
    >>>> e-mail be filtered to block e-mail with SSN and any e-mail
    >>>> to web based e-mail hosts: E.g.. XXX@gmail XXX@hotmail, etc.
    >>>> As well as examining outgoing e-mail for PGP (really lack
    >>>> of PGP) encrypted attachments to specified e-mail domains:
    >>>> X...@companyA.com X...@CompanyB.com, etc.
    >>>> This all may be a problem as the client's e-mail is provided
    >>>> by remote service provider and all users at the client's
    >>>> location pop e-mail off the remote host and send e-mail
    >>>> via SMTP through the e-mail provider's system.
    >>>> Private web based e-mail accounts are blocked by using a
    >>>> Cymphonix NC75 that prevents users from accessing web based
    >>>> e-mail accounts via http port 80.
    >>>> However, nothing is presently used to prevent an insider
    >>>> from sending sensitive information to their own or
    >>>> any other person's hot mail or g-mail account.
    >>>> TIA.
    >>>> --
    >>>> Steve Fabac
    >>>> S.M. Fabac & Associates
    >>>> 816/765-1670
    >>> If you host your own smtp server you can use thishttp://www.mailscanner.info
    >>> integrates with spamassassin, rbl, virus scanners etc... BSD/Linux

    >> Looks interesting but this is only inbound spam filtering. Still need something
    >> for outbound e-mail policy control.
    >>
    >>
    >>
    >>> You could use thishttp://www.contentkeeper.comto block any site by
    >>> category or file type downloads (Linux).

    >> Already have a Cymphonix NC75 (now DC10) that does the same thing but no
    >> e-mail filtering.http://www.cymphonix.com


    >
    > Nope. Doesn't care what direction it's coming from (in or out).


    Well then, I'll have to take another look at it. Their web site
    only talked about spam filtering in its usual setting: Keeping
    spam mail out of users mail boxes.

    I'll have to download the archive and look in to it more carefully.

    --
    Steve Fabac
    S.M. Fabac & Associates
    816/765-1670

  7. Re: Open source e-mail filter?



    On Mon, 30 Jul 2007, Steve M. Fabac, Jr. wrote:

    > Anyone have recommendations for an open source e-mail filter
    > platform?
    >
    > I have a client with a new requirement that all outgoing
    > e-mail be filtered to block e-mail with SSN and any e-mail
    > to web based e-mail hosts: E.g.. XXX@gmail XXX@hotmail, etc.
    > As well as examining outgoing e-mail for PGP (really lack
    > of PGP) encrypted attachments to specified e-mail domains:
    > XXXX@companyA.com XXX@CompanyB.com, etc.


    What will do do with encrypted zip files? How do you recognize an
    encrypted zip file?

    For blocking XXX@gmail.com, what about private domains that are
    hosted by gmail? Should they be blocked also?

    >
    > This all may be a problem as the client's e-mail is provided
    > by remote service provider and all users at the client's
    > location pop e-mail off the remote host and send e-mail
    > via SMTP through the e-mail provider's system.
    >
    > Private web based e-mail accounts are blocked by using a
    > Cymphonix NC75 that prevents users from accessing web based
    > e-mail accounts via http port 80.


    I would hope that it also blocks port 443, since gmail (at least) can be
    accessed through https: type URLs.

    >
    > However, nothing is presently used to prevent an insider
    > from sending sensitive information to their own or
    > any other person's hot mail or g-mail account.


    You can't stop a determined person. What is the real objective of the
    project? I think you need a realistic goal before you analyse solutions.

+ Reply to Thread