[Mimedefang] MIMEDefang versus CanIt-Pro versus Barracudas?

Joseph Brennan brennan at columbia.edu
Thu Nov 29 21:37:19 EST 2007

--On Thursday, November 29, 2007 4:31 PM -0800 John Nemeth 
<jnemeth at victoria.tc.ca> wrote:

> } I'm being pushed by management to abandon our sendmail+MIMEDefang
> } system in favor of Barracuda appliances.  But because Barracudas don't
> } intercept during the SMTP dialog (which is the only safe place to
> } reject in terms of not generating backscatter), going with Barracudas
>      Yikes!  That thing should be blasted off the market.

Barracuda is the worst.  I have actually made a Mimedefang rule to
reject backscatter from Barracuda!  In fairness I would like to say
that I heard Barracuda are contacting their users to get them to stop
the backscatter, but it's bad that the option is even there.

The fundamental decision is whether to notify the sender or the
recipient when mail looks like spam.  The only important cases are
the false positives.  If you accept during smtp, then you expect the
recipients to go look at some kind of spam folder and discover that
a legit message has landed there.  Meanwhile the sender thinks the
message has been delivered.  My thoughts on this are that the
recipients will soon tire of looking through all the garbage sent
their way, and that false positives will "disappear".  That is, the
sender will not see any bounce, and the recipient will not see the
message.  That's bad.

So far I still favor rejecting during smtp, letting the senders know
that mail was not delivered.  The main problem is that for so many
automated mailings nobody looks at rejections.  This obviously
violates email standards and practices, but it keeps happening.

CanIt, in order to apply rules per recipient, tends to fall into the
recipient-burden side.  Like Mimedefang it can be customized not to
do this, but much of what you'd be buying is the per-recipient
quarantine code.  Most days I think this is not the right way to go.
Even so CanIt gets you some greylist and Bayes stuff that looks like
it would be useful.  Check the pricing compared to Barracuda!

Another factor that influences me greatly is that with Mimedefang I
can respond to anything our Security follks want us to stop.  It's
just perl.  We can open headers, body, you name it, and look for
any pattern in a message.  I would hate to lose that ability.

Joseph Brennan
Lead Email Systems Engineer
Columbia University Information Technology

More information about the MIMEDefang mailing list