[chort@email-sec ~]$ cat Introduction

Welcome to Unconventional Warfare. My name is chort (also known as Brian Keefer, Sr. Systems Engineer for Tumbleweed Communications in off-line life), and I'll be guiding you through the vast and tangled world of e-mail security. For the impatient, I recommend you jump immediately to the THREATS section, which details each e-mail security threat and what you can do to address it. For those still reading, I suppose I owe you an explanation as to what exactly this site is.

This site was inspired by a BoF session at LISA '03. The session was heavily attended, and the discussion was so lively that I barely covered any of my prepared material. This leads me to believe that there's a lot of interest in e-mail security--as well there should be, e-mail is probably the single most mission critical app today--and that people don't know a whole lot about it.

In the last year and a half (give or take) there has been an explosion of e-mail security software and products. There are Open Source projects, many new products from established companies, and even whole new companies all claiming to address e-mail security. At this point, the problem isn't a lack of solutions, it's an overload of them. How do you know which software and solutions really work, or even what to look for?

There are a lot of pretenders out there trying to cash in on the latest buzzwords (spam, worms, phishing, etc). This site exists to guide you through evaluating and selecting a solution. I provide a list of what I believe to be the most critical threats to address, and some loose information on what technical, educational, and policy steps can be taken to control them. It's up to you to select software and policies that meet the requirements that you think are most important to your business or organization.

In otherwords, I'm trying to help IT decision-makers make intelligent decisions. As such, this site is primarily geared for IT and messaging managers at this point, but over the coming weeks I'll be adding a lot of practical HOW-TOs and FAQs to help actual messaging and security administrators harden their messaging infrastructure. In fact, some of this information already exists in certain threat solutions that I've outline.

[chort@email-sec ~]$ tail -1 newslog
Last Update: date="12/26/06" time="18:00 PST" user=chort

(this site is designed for Mozilla Firefox/Firebird & Apple Safari, and I realize it looks like complete garbage in IE, for which I make no apologies)

This site © copyright 2003,2004 Brian Keefer. Unauthorized republication is forbidden.