This page discusses policies applied to Veriton production systems:
Veriton routinely applies the latest patchsets to its mail servers and tests that they do not act as open relays. Where possible Veriton tries not to publish raw email addresses on the internet.
We run a leading anti-virus software suite across our production servers and PCs. This regularly checks for virus definition updates and distibutes them through the network.
Firewalls and Intrusion Detection
Veriton runs multiple, highly regarded, firewall systems to protect our networks. We use a VPN or encrypted services (e.g. SFTP) for external access.
Sender Policy Framework (SPF)
SPF is a new protocol which allows mail servers to verify that the email they receive actually originates from the person claiming to send it. Whilst it doesn't prevent spam as such, it at least ensures that you know who has sent the email and allows you to report it. For example, right now there is probably spam somewhere in the world that purports to be from you!
See the SPF website at http://spf.pobox.com and the rate of SPF adoption at http://spftools.infinitepenguins.net/register.php. Note: Microsoft has recently proposed a scheme called Caller ID which will be backwardly compatible with SPF.
Veriton has published SPF records and will start bouncing email from non-SPF domains once its adoption has reached critical mass. We encourage your organisation to support SPF - speak to your systems administrator or ISP about it.