yaspi (Yosi's Anti-Spam POP3 fIlter bot) is a POP3 mail-scanner specifically made to combat mail bombings caused by viruses (i.e. Swen). It connects to the POP3 server, inspects the messages, and deletes the infected ones without ever downloading them. Its most interesting feature is that it can automatically send abuse reports to the ISPs from which the infected mails originated.
The Toby intrusion detection system is a fairly complete reimplementation of tripwire-1.3 (ASR) into Perl. It mainains a database of file properties to detect alterations to those properties. It supports MD5 and SHA-1 checksums of the file contents. It features a configuration file which is actually a Perl script, with the attendant power, flexibility, and difficulty.
Utmpd is a small and flexible daemon that aims to simplify user access control. It scans the utmp file, looking for logged users, and then kills anyone matching a deny rule. Denial can be based on the time of login, the hostname or IP address from which the login request comes, or the idle time of the user.
Sendmail-TLS is a wrapper for Sendmail which allows for clients to make a secure (SSL) connection to their mailserver as described in RFC 2487. The connection is internally forwarded to sendmail and does not require sendmail to be running on port 25. Clients which support this currently are Netscape Messenger, Microsoft Outlook, and Microsoft Outlook Express.
The dkLab Apache is a patched Apache distribution for those who plan to use the Apache Web server to serve multiple separate sites working under different, fully separated, and independent Unix users. It does not require you to install any OS kernel modules or disable setuid, and works correctly and intelligently with KeepAlive turned on and MaxRequestsPerChild greater than 1.