[BlueOnyx:12414] Re: Mail filtering alternative to Postini

Chuck Tetlow chuck at tetlow.net
Tue Mar 5 14:19:28 -05 2013 

David,

One of my companies went through a similar process some years back.  Originally, they'd purchased the Nuonce SPAM filtering package for all their BlueQuartz servers.  While we loved the MailWatch interface, and the SPAM Filtering did the job - it brought the BlueQuartz servers to their knees.  At one point - we had a dozen BlueQuartz servers to handle all their customer domains and their e-mail.

We wanted to off-load that SPAM filtering to a centralized server and get the load off our hosting servers.  We looked at a couple of options, tried, and settled on Roaring Penguin's CanIt Domain Pro, put out by a company in Canada.  It gave us the ability to add domains as needed, and is about 99.99% efficient in blocking the crap. 

Funny - the most effective feature is the first thing done.  It lets a sending server read out the whole e-mail, logs it, then send back a "I'm busy, try again in two minutes" message.  SPAMMERS and their scripts can't handle it - and you never hear from them again, blocking about 99% of it right away.  But once the same originator tries a second time - they're logged as a valid MTA and allowed to at least get their e-mail into the server.  After that - it uses the usual RBLs, SPAM Assassin scoring, and their own SPAM database to do a pretty good job of filtering the rest.

We recently started seeing some slowdowns because of the load (as in 10minute delays in delivering a e-mail).  So we added a second server in a "cluster" configuration as a "processor".  They both use the same Postgress database on the original server, and its eliminated the slowdowns.

The best part - like similar systems, messages are scored for "known SPAM" and "known good".  But the ones in between, it holds on the server for "human review".  But instead of having to set up every customer in every one of our almost 200 domains with a account on the server to check their "held for human review" messages - the server eliminates that need for accounts.  When someone tries to log into the CanIt server (with their e-mail address and e-mail password), CanIt does a POP or IMAP connection to their end server with that user's name & password.  If it can get into the end server, CanIt knows that is the real user and lets them in to manage their "held for human review" messages.

This has even given us the ability to set up multiple "Realms" - where we can drop some domains into a separate "management realm" and let someone else manage just those domains.  So we've picked up a couple companies that are reselling our "SPAM filtering service" to their local customers.  After setting up the realm, we don't do a thing.  The other company sets up their customer domains, manages them, collects for that service, and pays us for using our filtering servers.  Nice!

When we first started with CanIt, it was a package load on top of a RedHat installation (kinda like the original BlueQuartz).  Now, while they still offer that - they have a "appliance" load using Debian that loads up a whole server with one easy installation CD (like the newer BlueOnyx).  Enhancements and updates come out regularly, and is a single command at the CLI to upgrade.

Even with the customers who demand hosted Exchange - we just point the MX record to our CanIt server, and it forwards valid mail to the Exchange box.  At the end server - we just set IPTables rules that the server only accepts TCP port 25 connection from the CanIt server, and nomore script-kiddie crap.

Roaring Penguin has excellent service.  If a problem comes up - we can get them on the phone if needed.  Or better - send a e-mail which their standby tech will answer, typically within a hour or two.

I can't recommend them enough.  Its made our life so simple, and it filters out tons of crap. 

Chuck

---------- Original Message -----------
From: "David Thacker" <David at ThackerNet.com> 
To: <Blueonyx at mail.blueonyx.it> 
Sent: Tue, 5 Mar 2013 11:24:03 -0700 
Subject: [BlueOnyx:12402]  Mail filtering alternative to Postini

> Greetings all, 
> 
> I've been offering Postini mail filtering service to many of my domain 
> hosting customers for several years now. As you might know, Google bought 
> Postini a few years back, and this year they are shutting down the Postini 
> service and migrating customers to Google Apps. 
> 
> My Postini service was obtained through a reseller, not through direct 
> contracts with Postini, as this was the best option for the number of 
> hosted accounts I have. This reseller is now offering to migrate their 
> customers (including myself) to McAfee email security services, similar to 
> what Postini was providing. 
> 
> I am taking this transition as an opportunity to consider other email 
> filtering options. I do like the "mail filtering as a service" model 
> compared to running my own mail filtering appliance, and am not really 
> interested in adding spam & AV filtering duties to my BX server. I'd 
> rather offload that task. 
> 
> Do any of you have any suggestions of mail filtering services to look at, 
> or other alternatives I might not have considered? Have any of you gone 
> through the same transition away from Postini, and if so, how has the 
> replacement service been in comparison? 
> 
> Thanks in advance, 
> 
> David Thacker 
> Thacker Network Technologies Inc. 
> 
> _______________________________________________ 
> Blueonyx mailing list 
> Blueonyx at mail.blueonyx.it 
> http://mail.blueonyx.it/mailman/listinfo/blueonyx 
------- End of Original Message -------
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20130305/d3626972/attachment.html>

More information about the Blueonyx mailing list