What to migrate to.

Discussion:

What to migrate to.

Lance Haig

2013-11-04 16:37:44 UTC

Hi All,

I have been an avid mailscanner user for many years now and I have
recently been running a MS server with Baruwa front-end.
Recently no matter what I do I seem to be letting SPAM and Virus mail
through, and loads of russian spam.

So I think it is time to rebuild my server as it has been running for
more than 2 years and I do like to rebuild the OS from time to time.

So my question is:

What is a good combination of MS / Front End/ addition scripts and rules
that will make a good MS solution for my small installation.

I only use this for personal mail domains so don't have budget for a
paid solution.

I host my current server on a kvm host on my main server.

I would really appreciate some guidance

Thanks

Lance
--
Lance Haig

Cape Town

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Jerry Benton

2013-11-04 17:42:09 UTC

Permalink

The three primary ones are:

- Baruwa
- Mailborder
- Mailwatch

I am the creator for Mailborder, so my opinion is of course biased towards
my own product.

Baruwa is the most mature in a production environment. I do know that if
you use Debian or a variant such as Ubuntu, it it relatively easy to
install. As far as I know, all of the source is open. There are both free
and commercial versions. I'd suggest looking into it more for comparisons.
However, I am sure you are aware of its features since you have been using
it for a while.

Mailborder has been used privately for about 8 years and available to the
public for about a year. The latest version (v4) is a total redesign of v3
based on customer feedback. While also easy to install and setup, you need
to have a good understanding of MailScanner and MTAs to configure the
advanced layering of policies. There is both a free and paid version. Paid
versions allow for more domains, clustering, etc. Most of the source is
open, but part of it is closed and encoded. (PHP files for the web
interface, etc.) If you speak a language that there is currently not a GUI
translation for, you can get free unlimited licenses by maintaining the
translation for that language. (Easy after the first translation.)

Mailwatch is the oldest of the three. However, as far as I know, it is not
as actively developed as Mailborder and Baruwa. Support is also limited as
Mailborder and Baruwa have websites with free and paid support options
where Mailwatch does not. (As far as I know of anyway.)

You can test all of them for free. I would suggest doing that and then
deciding for yourself. While all of them are similar in several areas, each
of them have various features not available in the other.

Jerry Benton
www.mailborder.com

Post by Lance Haig
Hi All,
I have been an avid mailscanner user for many years now and I have
recently been running a MS server with Baruwa front-end.
Recently no matter what I do I seem to be letting SPAM and Virus mail
through, and loads of russian spam.
So I think it is time to rebuild my server as it has been running for
more than 2 years and I do like to rebuild the OS from time to time.
What is a good combination of MS / Front End/ addition scripts and rules
that will make a good MS solution for my small installation.
I only use this for personal mail domains so don't have budget for a
paid solution.
I host my current server on a kvm host on my main server.
I would really appreciate some guidance
Thanks
Lance
--
Lance Haig
Cape Town
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!

--
--
Jerry Benton
Mailborder Systems
www.mailborder.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20131104/b7165f57/attachment.html

Lance Haig

2013-11-06 11:19:13 UTC

Permalink

Hi Jerry,

I have not tried MailBorder yet and perhaps I need to give that version
a go.

Thanks for replying

Regards

Lance

Post by Jerry Benton
- Baruwa
- Mailborder
- Mailwatch
I am the creator for Mailborder, so my opinion is of course biased
towards my own product.
Baruwa is the most mature in a production environment. I do know that
if you use Debian or a variant such as Ubuntu, it it relatively easy
to install. As far as I know, all of the source is open. There are
both free and commercial versions. I'd suggest looking into it more
for comparisons. However, I am sure you are aware of its features
since you have been using it for a while.
Mailborder has been used privately for about 8 years and available to
the public for about a year. The latest version (v4) is a total
redesign of v3 based on customer feedback. While also easy to install
and setup, you need to have a good understanding of MailScanner and
MTAs to configure the advanced layering of policies. There is both a
free and paid version. Paid versions allow for more domains,
clustering, etc. Most of the source is open, but part of it is closed
and encoded. (PHP files for the web interface, etc.) If you speak a
language that there is currently not a GUI translation for, you can
get free unlimited licenses by maintaining the translation for that
language. (Easy after the first translation.)
Mailwatch is the oldest of the three. However, as far as I know, it is
not as actively developed as Mailborder and Baruwa. Support is also
limited as Mailborder and Baruwa have websites with free and paid
support options where Mailwatch does not. (As far as I know of anyway.)
You can test all of them for free. I would suggest doing that and then
deciding for yourself. While all of them are similar in several areas,
each of them have various features not available in the other.
Jerry Benton
www.mailborder.com <http://www.mailborder.com>
On Mon, Nov 4, 2013 at 5:37 PM, Lance Haig <lhaig at haigmail.com
Hi All,
I have been an avid mailscanner user for many years now and I have
recently been running a MS server with Baruwa front-end.
Recently no matter what I do I seem to be letting SPAM and Virus mail
through, and loads of russian spam.
So I think it is time to rebuild my server as it has been running for
more than 2 years and I do like to rebuild the OS from time to time.
What is a good combination of MS / Front End/ addition scripts and rules
that will make a good MS solution for my small installation.
I only use this for personal mail domains so don't have budget for a
paid solution.
I host my current server on a kvm host on my main server.
I would really appreciate some guidance
Thanks
Lance
--
Lance Haig
Cape Town
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
<mailto:mailscanner at lists.mailscanner.info>
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!
--
--
Jerry Benton
Mailborder Systems
www.mailborder.com <http://www.mailborder.com>
--
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
believed to be clean.

--
Lance Haig

0799078000
Cape Town

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20131106/784d8222/attachment.html

Tracy Greggs

2013-11-04 19:58:10 UTC

Permalink

I have been using the same setup on Centos 6.x, MS with Baruwa for quite
some time, with SA, Razor, Pyzor and DCC. Additionally I use the
xtables-addons for iptables to do geoip blocking of Russia, China and some
others. Its free and works well and only really needs an geoip update once
a month as that is about as often as Maxmind updates their data, and easy
enough to crontab a job to do that for you. Not only does the geoip
blocking get rid of the spam, it also stops the unauthorized access attempts
to your other services such as POP3 etc. Fail2ban is something you might
also want to look at if you have a lot of hacking attempts at your POP3,
SSH, FTP or whatever.

I also wonder if you are using any RBL at the MTA level or only scoring them
with SA?

Best wishes,
Tracy Greggs

-----Original Message-----
From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Lance Haig
Sent: Monday, November 04, 2013 10:38 AM
To: MailScanner discussion
Subject: What to migrate to.

Hi All,

I have been an avid mailscanner user for many years now and I have recently
been running a MS server with Baruwa front-end.
Recently no matter what I do I seem to be letting SPAM and Virus mail
through, and loads of russian spam.

So I think it is time to rebuild my server as it has been running for more
than 2 years and I do like to rebuild the OS from time to time.

So my question is:

What is a good combination of MS / Front End/ addition scripts and rules
that will make a good MS solution for my small installation.

I only use this for personal mail domains so don't have budget for a paid
solution.

I host my current server on a kvm host on my main server.

I would really appreciate some guidance

Thanks

Lance

--
Lance Haig

Cape Town

--
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.

--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website!

--
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Robert Lopez

2013-11-05 23:07:20 UTC

Permalink

Lance,

If you have been running Baruwa and you still are getting more SPAM it
seems that either more is being emailed to you and it is successful at
bypassing well known filter methods or perhaps the Baruwa set of tools is
of such complexity that you are overlooking how it is actually working.

I am seeing a lot more phishing and "voice mail" spam carrying active code
lately. I have had times where some tools have failed in their accessing
external web site components which did not manifest is clear ways. It
simply was not obvious from maillogs what was happening. A corrupted data
base drove me crazy for weeks.

Jerry Benton wrote the three primary ones are:

- Baruwa
- Mailborder
- Mailwatch

I have tested all three. The Mailwatch seems to have more development
lately but the time of little activity puts it behind in my opinion. I
found Baruwa had so much going on it was difficult to comprehend which
features were causing problems I encountered. Mailborder is to me a
reasonable tool. I have not tested the newest releases and I do plan to.
There were a few short comings I believe Jerry may have now addressed and I
do want to see them.

--
Robert Lopez
Unix Systems Administrator
Central New Mexico Community College (CNM)
525 Buena Vista SE
Albuquerque, New Mexico 87106
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20131105/999120b5/attachment.html

Lance Haig

2013-11-06 11:24:24 UTC

Permalink

Hi Robert,

Thanks for responding.

I also get "voicemail" spam quite a bit it seems the spammers are
getting better and better at making our spamassasin setups less effective.

Thanks for the advice I will definitely look at them when I rebuild my
servers.

Regards

Lance

Post by Robert Lopez
Lance,
If you have been running Baruwa and you still are getting more SPAM it
seems that either more is being emailed to you and it is successful at
bypassing well known filter methods or perhaps the Baruwa set of tools
is of such complexity that you are overlooking how it is actually working.
I am seeing a lot more phishing and "voice mail" spam carrying active
code lately. I have had times where some tools have failed in their
accessing external web site components which did not manifest is clear
ways. It simply was not obvious from maillogs what was happening. A
corrupted data base drove me crazy for weeks.
- Baruwa
- Mailborder
- Mailwatch
I have tested all three. The Mailwatch seems to have more development
lately but the time of little activity puts it behind in my opinion.
I found Baruwa had so much going on it was difficult to comprehend
which features were causing problems I encountered. Mailborder is to
me a reasonable tool. I have not tested the newest releases and I do
plan to. There were a few short comings I believe Jerry may have now
addressed and I do want to see them.
--
Robert Lopez
Unix Systems Administrator
Central New Mexico Community College (CNM)
525 Buena Vista SE
Albuquerque, New Mexico 87106
--
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
believed to be clean.

--
Lance Haig

0799078000
Cape Town

Lance Haig

2013-11-06 11:21:33 UTC

Permalink

Hi Tracy,

I will need to perhaps get a fresh install going and then look to add
the extras you have.

I last time I ran the DCC pyzor Razor additions was when I ran MailWatch.

Thanks for responding

Regards

Lance

Post by Tracy Greggs
I have been using the same setup on Centos 6.x, MS with Baruwa for quite
some time, with SA, Razor, Pyzor and DCC. Additionally I use the
xtables-addons for iptables to do geoip blocking of Russia, China and some
others. Its free and works well and only really needs an geoip update once
a month as that is about as often as Maxmind updates their data, and easy
enough to crontab a job to do that for you. Not only does the geoip
blocking get rid of the spam, it also stops the unauthorized access attempts
to your other services such as POP3 etc. Fail2ban is something you might
also want to look at if you have a lot of hacking attempts at your POP3,
SSH, FTP or whatever.
I also wonder if you are using any RBL at the MTA level or only scoring them
with SA?
Best wishes,
Tracy Greggs
-----Original Message-----
From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Lance Haig
Sent: Monday, November 04, 2013 10:38 AM
To: MailScanner discussion
Subject: What to migrate to.
Hi All,
I have been an avid mailscanner user for many years now and I have recently
been running a MS server with Baruwa front-end.
Recently no matter what I do I seem to be letting SPAM and Virus mail
through, and loads of russian spam.
So I think it is time to rebuild my server as it has been running for more
than 2 years and I do like to rebuild the OS from time to time.
What is a good combination of MS / Front End/ addition scripts and rules
that will make a good MS solution for my small installation.
I only use this for personal mail domains so don't have budget for a paid
solution.
I host my current server on a kvm host on my main server.
I would really appreciate some guidance
Thanks
Lance
--
Lance Haig
Cape Town
--
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!
--
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.

--
Lance Haig

0799078000
Cape Town

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.