Free filtering software for linux

Ignorance is a content filtering plugin for Gaim. If you love Gaim for chat, but find yourself missing the filtering features of clients like zinc, then Ignorance is for you!

Constrictor is a Python module for parsing, filtering, and delivering mail as a Mail Delivery Agent (like Procmail). Constrictor provides the functionality to easily write a MDA in Python rather than reading some configuration file of its own syntax.
This has the advantages that configurations are readable and self-explanatory (at least, to anyone who knows Python) and that users have the full flexibility of the Python language at their disposal. Constrictor has the ability to deliver to maildir and Unix mbox format mailboxes, as well as bounce, forward, or reject messages.
Constrictor is currently beta software, at best. Im always very leery of software that messes with my mail, since one runs the risk of not only losing messages but, potentially, bouncing mail to great embarassment and chagrin. That said, I am currently using Constrictor on my own mailbox full-time, but, as always, your mileage may vary.
Installation
Constrictor is a single Python module that should be placed either in the directory you intend to invoke your MDA from, or in your Python library directory. The only non-standard module it relies on is the spamd module from the SpamAssassin distribution (available at http://spamassassin.apache.org/full/2.6x/dist/contrib/spamd.py), and only then if you intend to use the "spamassassin()" function to filter your mail (the module is loaded only when that function is called). Constrictor should work on all versions of Python greater than 2.3; it has been tested primarily on 2.3.4, 2.3.5, 2.4.1.
The spamassassin() function connects to a (optionally specified) spamd server (it defaults to localhost). If you do not have a spamd server, you cannot use this function.
For Postfix and Sendmail, edit your ~/.forward to include "|/path/to/filter.py". For more information on invoking this script as an MDA,see your MTAs manual or ask your administrator.
Enhancements:
- This release adds locking code to duplicate database (pickle file used to recognize duplicate messages) access.
- This release contains no known stability or delivery reliability issues, and thus is considered stable.

The fairly fast packet filter (FFPF) is an approach to network packet processing that adds many new features to existing filtering solutions like BPF.
fairly fast packet filter is designed for high speed by pushing computationally intensive tasks to the kernel or even network processors and by minimising packet copying.
By providing both access to richer programming languages and explicit extensibility, it is also considerably more flexible than existing approaches.
FFPF provides a complete solution for network monitoring that caters to all applications available today. Exploiting its extensibility, the language can even be used as a meta-filter to `script together filters from other approaches, such as BPF.
Main features:
- fast: processes significantly more packets per second than LSF (reference)
- scalable: transparently supports hardware assist, like that given by the Intel IXP2x00 network processors
- backward compatible: supports all existing libpcap based applications
- extensible: separates functionality from the framework. FFPF currently ships with implementations of BPF, Aho Corasick, Boyer Moore Horspool, and many more
- modular: new functions can be written in as little as 3 lines of code
- secure: relies on Keynote for authentication and resource control
- open and standard adherent: licensed under the GNU General Public License (GPL). It implements the Monitoring API (MAPI) draft as designed by the EU-SCAMPI consortium
Enhancements:
- enabled kernelspace processing
- enabled all 5 buffer implementations (Continuous, Fixed-size slot, Variable sized slot, Double ring and Index)
- added TCP stream reassembly and early implementation of zero-copy reassembly
- added PCAP input and output support, for userspace testing and offline use
- added additional minor functions: TCP Synprotect, output to files, ...
- added support for UDEV
- extended controlplane: flowspaces can now be queried for live state
- fixed up many bugs, hacks and irregularities.

XMMS hiss filter plugin can dynamically filters background hiss.

SSpamM comes from Semis Spam Milter is a spam filter for Sendmail that utilizes spambayes, heurestic spam filtering, and virus scanning (BitDefender, not included).

smf-clamd is a Sendmail milter for the ClamAV (Clam AntiVirus).
Sendmail filter for ClamAV aims to be lightweight, reliable and simple. Sendmail filter for ClamAV is written in C.
Main features:
- It has a hosts/networks whitelist;
- It can scan messages less than a defined size only;
- It rejects infected messages at the SMTP DATA stage;
- It can add an information header with scan results to scanned messages;
- It can log all milter activities through the syslog service.
Advantages:
- Small code;
- Fast work;
- Stability (production quality);
- Few system resources are required;
- No temporary files are created.
Enhancements:
- A workaround for the Sendmail socket unsafe error on some platforms was implemented.
- Clean email messages logging was removed.
- Configuration file, default user, and working directory were changed.
- The format of log records was changed.
- Some samples of start-up scripts were added.
- The new TODO tasks were added.
- Cosmetic enhancements were made.

Ircproxy is a transparent IRC content filtering application. It may be used whenever there is a need for monitoring IRC connections.

irc-proxy may be used to deny specific connections or to examine suspicious IRC traffic.

DNS Blacklist Packet Filter project is a Linux netfilter client that decides whether to accept or drop packets based on the results of a DNS blacklist query (such as MAPS, SORBS, or SPEWS, to name a few).

One use is to filter all incoming SMTP SYN packets for spam filtering.