APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

SpamCheetah as it stands today

Girish Venkatachalam

Girish Venkatachalam is a UNIX hacker with more than a decade of networking and crypto programming experience. His hobbies include yoga,cycling, cooking and he runs his own business. Details here:

http://gayatri-hitech.com

http://spam-cheetah.com

I wrote about our product SpamCheetah around a year ago at this place and a lot of water has flowed under the bridge since then. So I thought it was meet to write about this product from a technical as well as a business angle in this article.

SpamCheetah is a greylisting spam control technique and it is more of a spam blocker rather than a spam filter since it really does not filter anything. It simply throws out any spammy mail sender from contacting us and lets only legitimate mail senders through. This it does by giving a 451 response which is a temporary error for the mail server software to retry sending.

Just greylisting alone will not do. The other technique which is really very effective is that of the tarpit. The e-mail receiving speed is reduced to just 1 character per second. This works wonders with spammers and this not only rejects spam but also hurts and annoys spammers.

Overall just by using these two algorithms spam is gotten rid of. However there are problems like initial mail delays and mail senders retrying from different IP addresses which is a problem for greylisting spam implementations. But such real life implementations are not very typical in US unless it is a big ISP.

So I had to rework the design of SpamCheetah and I started modifying its behavior to suit real life situations. My work is not complete but what I have now is fairly satisfactory. With the ability to do ClamAV virus scanning and also some form of content scanning we can really wash out all residual spam that gets through.

And by whitelisting a block of IP addresses instead of just one IP address we can also mitigate the initial mail delay problem. But fighting spam is a tough problem and every solution has got some form of compromise. So it is not practical to target a system that fights spam without any side effect.

That being the case I started working on several related topics like clustering for mail failover and synchronization between SpamCheetah instances, managing the list of whitelist IP addresses and so on. Moreover SpamCheetah now has 4 variants called Vanilla, Vanilla-Lite, Proxy and Proxy-Lite. The Vanilla edition simply forwards mail connection to the mail server. When SpamCheetah receives spam it drops it but mails are forwarded to the mail server in Vanilla variant.

In the Proxy variant the mail is SMTP proxied from SpamCheetah which makes it possible for SpamCheetah to sit in a different network across the world from the location of the mail server. Moreover Proxy mode allows for other activities like header insertion, virus scanning and content filtering.

The difference from the -Lite and normal versions is that the -Lite editions do not have CARP failover and clustering for more than one SpamCheetah node. The clustering solution in SpamCheetah occurs at the IP level and it works transparently and the configuration and setup is incredibly smooth and easy.

With all these offerings, now there is a fork as well. Apart from greylisting now there is a possibility of content scanning and virus filtering as well. But this is possible only in an SMTP proxy configuration. This will not be possible when the mails are forwarded at the IP level to the mail server.

So technically a lot of changes are happening and most of the important changes have already happened.

However from a business angle SpamCheetah needs a lot more exposure and real life experience before it gets accepted and popular. One of the main problems I have been facing is not that of technology at all. It is the complexities of the business world.

For instance, people have a problem trusting new brands. New things that do things in a different way. And I never had a US presence. But now things are changing. I am going to promote this technology in multiple ways and lack of promotional activities used to hurt me in a big way. All that is going to change.

After all business is a lot about marketing and advertising as it is about technology. And being a techie without resources this has always been a problem. However stories of persistence and eventual success and hope are what keeps me going.

With the kind of development experience and incremental improvements that has happened in the recent several months I am sure this technology has a bright future.



Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> SpamCheetah as it stands today




Increase ad revenue 50-250% with Ezoic


More Articles by © Girish Venkatachalam



Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us





We are questioning more than the philosophy behind our dependence upon limited and limiting systems. We question the power structures that have grown up around such systems (Frank Herbert).

If you don't know anything about computers, just remember that they are machines that do exactly what you tell them but often surprise you in the result. (Richard Dawkins)










This post tagged: