Recently where I work spam has become more and more of a problem. As a VAR our company provides a number of services to our clients, which includes email services. Our spam filtering service has a number of holes in it however and needed to be reworked.
A number of solutions were evaluated, MailWasher and Astaro had their shot and didn't make the cut for whatever reason.
Then the spam solution search slowed a bit, until one of our larger clients had a Barracuda put in place. After setting it up correctly and making sure *all* mail was going through the barracuda (If you have multiple mx records, don't just put the filter at the lowest and leave the mail server open ...) it performed admirably, doing an excellent job. However, I wanted to explore some of the open-source alternatives, many of which are integrated into Barracuda.
SpamAssassin was the first stop. Right away I was conflicted about working on the project at all, due to the fact that we are basically a Windows only shop, unfortunately. So it took some feeling out of the boss before I even went ahead and built the first anti-spam box on Ubuntu and got the go-ahead to plug it in.
I followed the instructions at: https://help.ubuntu.com/community/PostfixAmavisNew
It was a straight forward guide and I set it up as a VM and once I had tested it and felt confident it would filter mail correctly, I fed our mail through it and it alone. It works very well and is still in place after five days. Although, it didn't match up to the Barracuda in a few places.
The main point where it fell behind the Barracuda was in management of the device. I was hard pressed to find any usable kind of web based administration of Amavisd-new, which was a major drawback for our company. Not everybody is comfortable at the linux shell, and there was no chance of a client being able to login and whitelist/blacklist on their own, which was another drawback.
However, if your a small shop or have all the decision making power and are comfortable at the shell and have a decent understanding of how email works, it is a fairly good solution. It filters spam very well, which is the main point. It is also quite fast, especially considering that it is running as a VM.
So it looked like the Barracuda was going to win, and it still might, although the open-source solutions weren't done yet. I found another guide and a few other products, namely, MailScanner and MailWatch. MailWatch was the web front-end I needed to make it usable in our Microsoft only shop, and MailScanner has a bit more documentation and feels like a more robust product than Amavisd-new. But mostly it worked with MailWatch, and Amavisd-new doesn't.
The guide I found was at HowToForge: http://www.howtoforge.org/the-perfect-spamsnake-ubuntu-8.04
I have stopped after five pages of configuration and it is up and running. I haven' swapped it out with the Amavisd-new box yet, because I need to move it to a bit faster host for the VM, but I feel that after five pages and getting the web end of it working, it's far enough along to have my boss take a look. Then if he likes it, or I feel it then has a real shot of being used instead of Barracuda, I will finish the setup and tweak some more to get it just like we need.
Anyway, should be an interesting outcome.
I hope to eventually have a generic build of the VM which I can offer for free download.
