Sendmail searches for antispam testers

Posted on by admini

The company released a module for its Sendmail e-mail server software that attempts to verify the source of messages to help Internet users block mail from unwanted senders. The technique is part of a developing Internet standard known as Sender ID.

“What authenticating does is allow you to rely on who sent the message,” said David Anderson, CEO of Sendmail, a maker of e-mail software. “We believe people will stop filtering out bad messages based on bad content and instead allow good messages with good senders.”

The majority of e-mail carried across the Internet uses the open-source Sendmail program, which runs on the Linux and Unix operating systems.

The new module for the program allows e-mail administrators to modify their systems and add the authentication technology.

Sender ID is a hybrid specification created from the Caller ID for E-mail system proposed by Microsoft and another antispam technology known as Sender Policy Framework that was developed by Meng Wong, the founder of e-mail service Pobox.com. The specification has not been finalized by the Internet Engineering Task Force, the technical group that sets Net standards.

“We want to get this thing accepted, because it has the best functionality and shortest deployment time of any of the choices right now,” Anderson said.

Sendmail is distributing a test version of the software to get enough companies onboard and gauge a computer’s ability to authenticate e-mail messages in real time. Adding the authentication to an e-mail server slowed processing down by 8 percent for outbound traffic and 15 percent for inbound traffic, according to the Sendmail’s testing site.

“The current focus is to try these authentication systems with real mail on real systems to determine if the approaches proposed are robust enough to survive in the current infrastructure,” the company stated in a white paper on the topic.

The new modules can be downloaded from the Sendmail testing site.

http://news.com.com/Sendmail+searches+for+antispam+testers/2100-1032_3-5330638.html?part=rss&tag=5330638&subj=news.1032.5

Read more

Security vendor directory to aid responsible disclosure

Posted on by admini

“The function of the [directory] is merely a foundation for how OSVDB intends to revolutionize the way vulnerabilities are disclosed to the vendor,” Brandon Shilling, a member of the OSVDB development team, said in a statement.

“[It’s] the first phase for additional upcoming services including assisting researchers with ethically disclosing vulnerabilities, helping to verify vulnerabilities and the OSVDB vulnerability portal.

http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1003346,00.html

Read more

Spam tide drowns email

Posted on by admini

Spam has accounted for 38 percent of the 31 billion emails sent each day in North America in 2004, up from 24 percent in 2002, the market researcher said.

Improved content filtering and anti-spam tools will help fight the problem, as will the growing use of alternative communications means, such as video conferencing and instant messaging software.

The ever-increasing intrusion by spam is forcing users and IT staff to spend extra time and energy to identify and delete such spurious email, which can be entry points for viruses, worms and offensive content.

Email is still the most preferred form of communication — business or otherwise — over the Internet.

According to IDC, the volume of email sent annually worldwide exceeded one exabyte, or one billion gigabytes, for the first time last year. IDC researcher Mark Levitt said the biggest challenge is to use the lessons learned so far and the investments made to help screen all inbound and outbound emails without compromising worker efficiency, corporate governance and regulatory compliance requirements.

http://news.zdnet.co.uk/communications/networks/0,39020345,39165256,00.htm

Read more

Wi-Fi Wall Jacks To Enable Wireless Grid

Posted on by admini

The technology will lower Wi-Fi installation costs and let businesses more easily deploy a high-capacity wireless network.
“What Aruba does is allow you to put in an access point in a matter of moments,” says CraigThat will let businesses install more wireless access points, creating a “wireless grid” that will result in a network with a greater data-carrying capacity than a conventional wireless network, says Merwyn Andrade, Aruba’s chief technology officer.

Ortronics initially plans to offer two types of Wi-Jacks.
One is a device that plugs into the network port (powered by the network) and the other is a jack with the WiFi built-in
[Auditors review your physical review processes and procedures for sites].

http://informationweek.com/story/showArticle.jhtml?articleID=45400023

Read more

BMC update aims to nip downtime in the bud

Posted on by admini

“What BMC is proposing is a better way to manage applications, by creating models of how the application depends on the infrastructure,” said Jean-Pierre Garbani, an analyst at Forrester Research. “With a model, IT people can see that one component is not behaving normally…It’s a way to speed up and make problem management more intelligent,” Garbani said.

On Tuesday, the software maker plans to introduce an update to its Control-M program for organizing computing jobs. The revamp, Batch Impact Manager, helps businesses head off glitches and prioritize problem reports, BMC said.

Application failures are very costly to corporations, as they can prevent employees from doing their jobs or take revenue-generating applications, such as e-commerce Web sites, offline.

Business service management products help operators spot more quickly the source of problems that affect application performance, such as problems with servers, networking hardware and other underlying components.

The addition next week of the Batch Impact Manager to the Control-M software will enable system operators to get a consolidated view of scheduled batches of jobs, BMC said. If there is a failure in one of them, the software can send an alert and highlight possible problems with other applications. For example, the failure of a mainframe job to update customer transactions scheduled for the middle of the night could prevent a financial trading application from being available the following morning.

http://zdnet.com.com/2100-1104_2-5342278.html

Read more

Wi-Fi group backs brawnier security standard

Posted on by admini

The Wi-Fi Alliance says WPA2 is a big improvement on earlier wireless security standards, such as Wired Equivalent Privacy (WEP), which hackers have found easy to circumvent. Because WPA2 is compatible with WPA, companies that have already implemented WPA can upgrade to the new standard in stages.

“WPA2 is ideally suited for enterprises in both the public and private sectors,” said Frank Hanzlik, Wi-Fi Alliance managing director. “Products that are certified for WPA2 give IT managers the assurance that the technology meets interoperability standards and in turn helps them manage support and deployment costs.”

Components of WPA2 are included in the 802.11i standard, which was developed by the Institute for Electrical and Electronics Engineers (IEEE) and received final approval earlier this summer.

Security, or the lack of it, is thought to have inhibited the implementation of wireless networks by businesses.

Analysts predict that 802.11i could be what is needed to boost the enterprise Wi-Fi market.

As is often the case with new standards, some vendors were keen to steal a march on their rivals. Wireless equipment using prestandard versions of 802.11i has been available for most of this year, but buyers had no guarantee of interoperability.

A Wi-Fi Alliance spokesman said on Wednesday that WPA2 would be “the core from which other security measures emanate” in the future.

Companies obtaining WPA2 certification from the Wi-Fi Alliance on Sept. 1 include Atheros Communications, Broadcom, Cisco Systems, Intel and Realtek.

http://zdnet.com.com/2100-1105_2-5342824.html?part=rss&tag=feed&subj=zdnet

Read more