2008 Focus for MPP
Coming off of our best year ever, we have high hopes and strong plans for MPP in 2008. 2007 saw the achievement of key milestones for MPP. We had our biggest influx ever of new, major customers ever and we added key partners throughout the world. Our product development moved ahead on track - we saw the first fruits of an extensive development effort to unify our GUI interfaces, we launched a vastly improved email archival product and we delivered many behind the scenes improvements to our core code to make MPP more scalable, reliable and functional.
MPP does many things in many markets but our strengths and areas of focus are clearer than they ever have been.
- MPP is the premier product for service providers to provide value-driven email filtering and archival services. MPP provides the benefits of commercially supported software and leverages the best security components from both open source and commercial sources
- MPP provides a streamlined, web based email archival and compliance solution that is scalable and open.
- MPP is a software appliance that provides industry leading spam and virus protection for SMTP gateways and Unix based email servers. MPP is the boutique brand that outperforms even the largest competitors. No other product focuses on the SMTP relay like MPP.
In 2008 our primary goals are to develop new global and domestic channel partners, strengthen our archival and compliance offerings and enhance the scalability and functionality of our email filtering solution.
While other years have seen rapid releases of features in MPP core, we have slowed our feature development and focused core development on deep structural improvements to reach our goal of carrier class performance and reliability.
Beyond the core we are focusing on improving usability, installation, administration and internationalization for all of our GUI’s. MPP is an international product with international customers and it is a mandate in 2008 that all products can easily operate with international character sets and can be quickly translated. To this end all of our GUI tools will add functionality towards achieving this goal.
We think, in fact, we know, that 2008 will be an exciting year for MPP and we wish you all the same.
Technorati Tags: antispam, email service provider, email security, mpp
iPhone vs. Blackberry Review
This is my experience trying to switch from a Blackberry to an iPhone. These types of blog posts get more traffic than my boring email security posts, so if you found this via some search engine please take a look at messagepartners.com to learn about our email security and archival solutions.
I have been a blackberry addict for about 3 years but I have become frustrated with certain problems with the service. For one, Blackberry can’t read HTML emails and it seems that more and more business critical emails are in html format. They show up as a jumbled mess on the bb screen. I was using full keyboard bb’s for years and switched to a pearl for the small size and integrated camera. However, the keyboard starting giving me fits and my emails were writhe with spelling errors. It got to the point where I just stopped replying to complicated emails because they were filled with embarrassing errors. Furthermore, I use qmail as my email server along with cyrus IMAP and there is no good sync method that I found. I ended up forwarding email to the bb but this is sub-optimal and can lead to loops if a huge email fills the bb mailbox as a mail/rejection loop can begin. Other than these things, the utility of the BB was great, though I became hugely addicted to checking email. It became an obsession and a real drag on the concentration span.
So last week a business partner offered me a free iPhone and I jumped at the chance to try it out. After about 10 days I can say that while it has GREAT hype and looks super cool, however, it does not fit my needs and I am switching back to my BB. I will leave the iPhone around my apartment for web browsing via wifi and a small ipod, but it fell short for my business needs. Here’s why:
1) No cut and paste. Mandatory for my line of work and BB has it down real well.
2) Security is a problem with SMS’s as they automatically pop up on your screen. Beware if you let someone use your phone because they can see your text messages easily without any user actions. This can be quite embarrassing. There is a way to stop that behavior by locking the phone, but then every access of the phone requires 4 commands, which gets annoying.
3) The ipod/phone integration is the coolest thing, but getting to the iPod controls to stop or start music or skip songs manually is cumbersome. It takes at least 3 or 4 key strokes from most places since there is not start/stop button.
4) On the plus side the iPhone is much better at reading html emails and you can reply to messages in-line. BB’s force you to top-post, or put your replies at the top of messages. It is hard to reply to long messages on the bb because of this.
5) The iPhone is totally locked and the bb feels more open. My friends unlocked their iphones and it seems a lot cooler in that mode, but I opted to keep it locked. The only entry point is from iTunes and that can be very weird since you can’t drag and drop songs or photos onto the iPhone
6) Wifi is great for browsing, but the browser has no java or flash, hence, many sites don’t display or even worse, safari will just quit and puke on a page it can’t read.
7) I could not send outbound emails on wifi in many places because cablevision, my provider, requires me to use their outbound smtp server for sending. If i wanted to send on wifi i had to change my account setup each time to use their outbound server but this is cumbersome. Even worse, if I send an email on wifi and I forgot to change my outbound settings the email was lost for a few minutes. It did not show up in my outbox for at least 2 minutes and there was no way to interrupt the sending and resend. The email seemed to be in some sort of lala land and was missing. As a result a few key emails were not sent in a timely fashion because I forgot to babysit the iPhone.
Battery sucks and sucks badly. I don’t care about the hype, it sucks. If you have blue tooth and wifi, you get 1 hour TOPS.
9) Apple bluetooth is really bad. Battery is much worse than any other I have use, it constantly fell out of my ear, it only charged in their proprietary charger and it was very expensive, about $100.
10) Iphone is really cool looking and everyone wants to play with it, but it is also my work and I wanted it somewhat private. I felt like a spoiled kid that wouldn’t let anyone play with my toy. My kids went nuts for it and that also creates privacy issues. Blackberry is boring as can be, which is fine for business stuff.
11) No MMS support. That really sucked because I kept getting mms messages with pictures that I couldn’t view. ATT replaces the pictures with links to viewmymessage.com or something, but since you can’t copy and paste their cryptic filenames and pw’s i never saw a single picture that was sent to me. Furthermore, when i was at a computer and tried the links with correct file id’s and pw’s not a SINGLE combination worked.
12) No integrated search in iphone. There are some webapps but why leave this out? It is lame.
13) No way to mass delete email. Blackberry has delete all prior email, iphone does not.
14) Email is not downloaded to iphone, only message stubs. Full email is downloaded when viewing, but that sucks because i don’t always have network coverage so I can’t always read my email. BB downloads full message text but not attachments, they are downloaded on demand.
So my vote? IPhone is great for reading the internet on the can or showing to your kids and neighbors, but I found it cumbersome, poorly designed and not suited for business use.
Technorati Tags: iphone, blackberry, iphone review
MPP for SMTP Forwarding
The other day a customer asked me how to use MPP as a mail router. In the process of researching this I was alerted to a very cool capability of MPP by our lead developer that I would like to share.
Typically we mail forwarding by creating a policy-group and setting action = forward. After MPP checks the email according to the policy configuration the email is forwarded based on the forward_address configuration (which is macro driven). An alternative apporach is to forward email using our content filtering module. Using this method email can be forwarded based in content in the header, body or attachment name. This is great for surveillance, CRM applications or any app that requires content based mail routing.
So…the new bit that I learned from our lead developer is our ability to forward email SMTP servers on different ports. So with this we can forward to other content filters or SMTP servers based on policy-match, message content, sender/receiver, IP address, spam score, etc. This makes MPP ideal as a true content-based smtp router. So for example, you can have all spam redirected to another content filter for rechecking or quarantine, or have all email from a sender/receiver pair sent to a specific email server. On the surface it may sound alot like Postfix transport maps, but it goes a lot deeper since we can make content based routing decisions. Furthermore, since MPP has an integrated pre-queue policy-server and post-queue content filter for Postfix we can make intelligent per-recipient routing decisions.
If you have any questions about this please don’t hesitate to contact me.
Technorati Tags: smtp routing, smtp, postfix, mpp, message partners
MPP for SMTP Gateways - Realization
I have come to the realization that we have done a really bad job of telling the world how great MPP is for SMTP scanning gateways. For years we have been talking about securing email servers with MPP, but with the exception of our Communigate Pro customers, the majority of our big deals are for SMTP scanning gateways. Alternately, we lose deals because our customers seem focused on MPP as an email server tool and not as a gateway product. This is purely due to obfuscated messaging, and now we intend to change this by emphasizing what makes MPP so great for SMTP scanning gateways.
Top reasons that MPP is great for SMTP gateways:
1) MPP is a software solution. hy overpay for bad hardware from email appliances when servers are so affordable now? MPP is available as a VMWare virtual appliance or you can install the components on your own.
2) MPP works with open source AND commercial component technologies. MPP does a whole lot on it’s own, but it can also add open source and commercial virus and spam scanners into the mix. If you are on a tight budget or you love constant tinkering you can use SpamAssassin, but if you need a lot of throughput and accuracy we have great alternatives. Changing engines is generally just a checkbox and all other settings remain unchanged. This is a huge time save.
3) MPP offers the highest level of spam filtering accuracy you will find. It will far surpass stock SpamAssassin.
4) MPP has integrated SMTP and Content based defenses. MPP can do many pre-queue tests and also scan the content of messages if need be. If you are using Amavisd with Postfix you probably have a policy daemon and content filters that are completely independent. MPP has the only integrated policy server and content filter that I know of.
5) All configurations can be defined on a per-domain basis with our policy-engine. Every option in MPP can be defined in a policy-group and applied to a domain, group of email addresses or IP’s. You can add MPP policy group name to your subscriber directory and we can query via LDAP.
6) MPP has a great interface, qReview, for end-users to review email archives and spam quarantines and make basic settings. QReview is multi-domain so you can have different authentication information for each domain. QReview also has multiple levels of administrators so you can define domain level or peer administrators.
7) MPP has a combination of compliance features not found in ANY open source SMTP gateway such as archive and retrieval, content filtering, surveillance, If you think you are satisfying compliance requirements with bcc: think again. If you can’t quickly search and retrieve your email archives you haven’t satisfied any compliance standard that I know of.
MPP is especially great for replacing AmavisD when you have reached the limits of AmavisD in terms of performance or spam filtering accuracy of if you need end-user spam quarantine management.
9) MPP does tons of stuff that has nothing to do with virus or spam filtering and it’s all built in. What kind of stuff? Attachment stripping, adding disclaimers, header filtering, attachment filtering, access-controls (limit who speaks to who) and tons of other email utility features.
10) MPP has security intelligence built in to automatically block dictionary attacks, find outbound spammers and automatically block abusive senders or receivers. These tools alone can stop hundreds of thousands of messages a day on a busy proxy with very minimal resources.
11) MPP allows you to build custom spam scoring algorithms to build scores based on an amalgamation of individual tests. This allows you to do things like RBL’s without making reject decisions
12) MPP works with an MTA and works best with Postfix, though Sendmail, Qmail and Exim are fine alternatives.
Technorati Tags: email security, smtp gateway, postfix, rbl, mpp
MP3 Spam Outbreak
MPP’s partner Commtouch has announced that there is a new rash of mp3 based antispam.
The messages are MP3 files that pump stocks and began: 21:24 GMT October 17th. The outbreak accounts for around 7-10% of all spam, globally, over the past 18 hours. The messages are much larger than “traditional” spam, about 85 KB on average, but have reached up to 147KB.
For the most part, the subjects are empty, containing just “Fwd:” or “Re:”, or the name of the file attachment.
File names are in several categories:
• Emotional ties, for example: dadsong.mp3, oursong.mp3, weddingsong.mp3
• Well-known artists and songs, for example: santana.mp3, sayyousayme.mp3, smashingpumpkins.mp3, bbrown.mp3, bspears.mp3, gloriaestefan.mp3, beatles.mp3
• Other “sounds” that people might want to listen to, for example: answeringmachine.mp3, coolringtone.mp3, listentothis.mp3
The sound quality of the recordings is very poor: 16 kbps bitrate and 11 KHz sample rate with an average length of 30 seconds. They are also highly randomized in order to avoid email filters.
Technorati Tags: antispam, commtouch, mpp, email security, mp3 spam
zen.spamhaus.org and Policy Block Lists
Lately we have seen an increase in ‘legitimate’ email being blocked by the extremely popular blacklist published by Spamhaus, zen.spamhaus.org. It is not that they are adding legitimate hosts to the block list, rather they have made a policy change in this list by adding the Policy Block List or PBL to the zen list. The policy block list will block IP addresses that should not be sending email based on published policies of email providers. For example, if you use Cox Cable in the US you are supposed to use their outgoing SMTP server. If for some reason you send email from your own SMTP server on their network then you will flagged by the PBL. One of our employees works in Eastern Europe and has an outgoing SMTP server on his cable modem connection and this is now flagged on the PBL. I am not saying that this is a bad thing, but it brings to light a few key points.
1) Be careful that you really understand the block policies of the RBL lists that you use.
2) It is not always appropriate to make reject decisions from a single block list unless you understand and agree with their policies.
3) If you don’t want the PBL included in your reject decisions and you otherwise trust the quality of spamhaus, which I have the absolute highest regard for, then use the sbl-xbl list of spamhaus as it does not include PBL.
4) If you use MPP you can enable MPP Custom Scoring to avoid making block decisions on a single RBL hit.
Technorati Tags: spamhaus, RBL, PBL, real-time black host lists, email security, mpp
MPP Adds Sphinx Support for Email Archive Searching
I am really happy to announce that we have our first cut of qReview, our application for reviewing email archives and spam quarantines, that supports Sphinx. Sphinx is an open source tool that provides fast full-text searching of MySQL databases. MPP is an application that can archive email from Postfix, Sendmail, Qmail, CGP, Exim and other email servers.
I am pretty psyched about this because it really advances our functionality in the email archival space. If you are interested to give it a try then check out the how-to guide here or drop me a line.
Happy Searching!
Technorati Tags: mpp, email archival, email security, compliance, postfix, linux, sphinx
MPP Postfix Policy Server Tips
MPP has a powerful policy server for Postfix that is unique in its integration with a post-queue content filter. The integration of pre-queue policy decisions and post-queue processing capabilities distinguish our policy server implementation. The following are a few guidelines for configuring and using our policy server.
1) Beginning in version 3.4 we added a dynamic thread allocation model to the Postfix Policy Server. It is critical to implement this threading model to respond to SMTP bursts, otherwise there may not be enough threads available to process policy queries. Here are the commands that are necessary to enable dynamic threading, they are available n the GUI or can be added manually to the common section of mppd.conf.xml. Add with lt/gt signs, which this blog software leaves out.
policy_threads_min 1
policy_threads_max 120
These commands are not currently in the GUI, but will be added soon.
2) The policy-server can be configured as a standalone element or alongside your mpp instance. You can control the location the policy server in the policy-server socket configuration section of the GUI.
3) The policy-sever works with our thresholds and auto-blacklists - you should use these features to stop repetitive spammers or email flooders.
4) We have a new action of defer for threshold violations which the policy-server supports in order to regulate the flow of inbound email for chatty remote smtp servers.
More to come, but these are some good features to check out for now.
New European FTP Servers for MPP Customers
Introducing ftp://ftp.messagepartners.de, our new European FTP mirror. Thank you to Bitbone, our German distribution partner.
Using MPP to Find Outbound Email Abusers
MPP is and excellent tool to find outbound spammers as well as abusers of your email servers. If you are an ISP you know how much of a pain in the neck it is when your servers get blacklisted by big email providers like GMAIL or AOL.
Often times you are blocked because your users are sending too much email to the services. The problem is that the email that you are sending could be legitimate or it could be spam, but since you can’t control how your customers forward email to these services putting in a spam scanner is not going to help the problem.
This is where MPP’s thresholds, rate detection and limiting technologies come in handy. With MPP you can define thresholds to watch for. Thresholds have 3 detection components; number of messages, number of spam messages and time period. For this application, the number of spam messages is not relevant since spam is not the problem this scenario - the problem is legitimate email. So you can define policies like this:
60 emails in 30 seconds with 0 spams
or
10 spams out of 10 messages in 30 seconds
Once a threshold is crossed then MPP can take multiple actions; block, warn, quarantine or defer. Defer only works with Postfix, but it works with both our policy server and content-filter so we can defer email within the Postfix queue or we can defer external hosts. If defer doesn’t solve your problems then you can also quarantine traffic, block it or simply warn an administrator.
Like all features, Thresholds can be defined on a per-domain or per-direction basis. In other words, you can restrict the checking to outbound only traffic for select domains. You can also exempt IP’s from threshold checking if need be.
Thresholds are part of the MPP Enhanced core and the new Postfix Toolbox
Technorati Tags: outbound spam, email security, spam, postfix, email rate limiting, antispam, MPP, message partners