[Mimedefang] MIMEDefang versus CanIt-Pro versus Barracudas?
WBrown at e1b.org
WBrown at e1b.org
Fri Nov 30 09:19:37 EST 2007
James Ralston <qralston+ml.mimedefang at andrew.cmu.edu> wrote on 11/29/2007
06:32:13 PM:
> Is anyone currently using CanIt-Pro or CanIt-Domain-Pro? Do those
> products offer the same flexibility as MIMEDefang in terms of being
> able to hook into sendmail via milter? How well do the per-recipient
> Bayesian filters, whitelists, et. al. work?
I'm a very content CanIt Pro user. CanIt takes MIMEDefang, adds
streaming, a web interface for all management features. On the Baracudas,
can you log in to the appliance and actually see the mail logs? Even on
the CanIt appliance, you get the root password. Other appliances we have
used in our organization did not proved access to the system logs, so
troubleshooting problems is a nightmare, involving vendor tech support.
One of the other features that may help sell CanIt to management is that
you have support available from Roaring Penguin. The crew there is very
responsive, even to queries posted to the CanIt mailing list. One
objection I keep hearing about open source programs is "what if we need
support." When they are talking about M$ Office, I ask if they have ever
called M$ for Office support... So far the unanimous response has been
"No, but...." But I digress.
Baracuda must be behind the times on Bayes research if they insist that
every user have their own Bayes Data. Roaring Penguin has implemented
their Roaring Penguin Training Network. While it is true that different
environments (medical, legal, education, etc) have their specialized
terms, they form a small minority of the words used in email and lave
little impact on analysis. the RPTN lets CanIt users upload the manually
voted data from their filters to RP, which agregates it and then makes it
available for download. I think it has made a huge difference in the
accuracy of our filters.
> I'm being pushed by management to abandon our sendmail+MIMEDefang
> system in favor of Barracuda appliances. But because Barracudas don't
> intercept during the SMTP dialog (which is the only safe place to
> reject in terms of not generating backscatter), going with Barracudas
> would mean that no sender would ever receive a DSN from us for any
> reason, because we'd have to configure all downstream mail servers to
> silently discard messages that couldn't be delivered (rather than risk
> generating backscatter).
If I remember correctly most other filters, including Baracuda, hold the
message on their appliance. The user has to log in to the system and
check their own accoount to see what has been held for them to see if
there were any false positives. I like using the anology of the black
waste tank on my RV. It's full of sh*t, and I'd hate to have to dig
through it if something valuable accidentaly fell into it. Wanna place
bets on how many users would review their holding queue on Baracuda? What
is the impact of themm missing mail that was tagged as a FP? If there is
a cost (lost sale, etc) to that impact, stress that.
By default, I read somewhere, Baracuda does generate backscatter. It can
be turned off, bout out of the box, it's evil.
> I'm loathe to completely break such a fundamental aspect of mail
> delivery, so I'm wondering if CanIt-Pro would give us some of the
> "bullet points" of Barracudas but still retain the deep milter
> integration goodness...
Hope my ramblings help, if you need any more info feel free to contact me
off list.
More information about the MIMEDefang
mailing list