---

Keywords: IT security, anti-spam, mail server administration, system administration Title: Slamming Spam: A Guide For System Administrators Authors: Robert Haskins and Dale Nielsen Publisher: Addison Wesley ISBN: 0131467166 Media: Book Level: For mail server administrators Verdict: Useful for its practical focus

Buy US Buy UK

Slamming Spam is a book devoted to the sharp-end of anti-spam activity. Written primarily for system administrators, it's focused on offering practical guidance and implementation support for a wide range of anti-spam technologies. Aside from a foray into some of the technicalities of Bayesian filtering, there's not much in the way of theory or policy as the authors focus instead on the hands-on side of things.

A range of platforms, applications and techniques are explored. The platforms include Unix, Linux and Windows, rather than focusing exclusively on a single operating system platform. In terms of mail servers there's good coverage of Microsoft Exchange, Lotus Notes/Domino, Sendmail and ProcMail. There is also a look at anti-spam measures at the client end of things, with coverage of Outlook, Outlook Express, Mozilla Messenger amongst others.

It's generally accepted that there's no silver bullet, and that no single technique or application works in all cases. This book explores a range of techniques, including SpamAssassin, whitelists/blacklists, SpamKiller, SMTP authentication, sender verification, Bayesian filtering etc. It's a good range of server-based techniques and applications which is rounded off with a look at POPFile and client-side techniques.

One down side to a book of this nature of course is that the software moves on faster than a book can. So, while it's great to have detailed instructions, these are likely to change as software develops. Of course what the book does is provide the rationale for doing what it does, and this doesn't change even if the software changes along the way.

The chapter introducing Bayesian methods doesn't really add much value to the book. While it's good to have some understanding of how Bayesian inference works, there's not enough detail here to help somebody do an implementation, nor are there pointers to independent code libraries that can be used. Some discussion on implementation issues would have been interesting as there are some real computational costs associated with Bayesian networks.

While the practical focus is a bonus, there were also times when some broader material might have helped. For example, some additional coverage of mail header spoofing would have been useful. What is the best way of responding if your domain is being inserted into mail headers so that you look like the source of spam? How can you track through headers to work out the real origins of spam? A specific chapter on this question would have been a useful addition, and perhaps it's something the authors might consider in a future edition.

The writing is also a little on the dry side but then this is not the sort of book you'd read for entertainment, (unless of course you're a mail server admin who loves to read about mail server configuration …). For the mail server admin looking to beef up an anti-spam arsenal then this is a nice book to have around.