Hello again,
Amongst the answers to my previous post ("has a large company implemented SA") there
was a very good idea on success stories with SA... It is true that most of the people
on the net who would say they were happy with SA and that it worked well for them are
using it for their private use, or run a server which does mailboxes storage as well
(POP3/IMAP I would imagine). However I couldn't find any description of a successful
implementation with a similar setup than ours -- I would guess at least a few other
companies must follow the same model.
Our infrastructure would look like:
Internet-->[SA]-->[Mailsweeper]-->[SMTP/Lotus Notes gateway]-->Lotus Notes Mail reader
on Client PC
Each bracketed text is a separate server, so SA would be a dedicated relay, with no
local mailboxes, just a passthrough.
The goal for us is to tag emails (X-Spam-Flag) in a first step and let the Notes
client put tagged msgs into a separate folder (only saves time, bandwidth and storage
are still used).
In a second step we would like to quarantine all detected spam at the SA server level
(thus saving also bandwidth and storage).
I received many replies to my previous post from people who work in companies having
implemented SA, but none of them do the blocking at the gateway level, they give the
choice to the users. With our infrastructure, we cannot do that, as the SA server will
not know anything about the mailboxes, it would just be a relay, no local
/var/spool/mail directory, no local /home/xxx directory for the users !
I think most companies are afraid of implementing opensource software as a component
for an important service such as email. I think that generally even though people know
email has not been designed to be a 100% reliable protocol they still make business
with it.
First of all, please let me highlight that the following thoughts are not my personal
views but difficult barriers to face when you try to get opensource into a large
manufacturing company (not an ISP, not a software company) like ours.
The major fears are:
- opensource software is often made by hobbyists and these people do not have the
structure to provide software support/bugfixes, or quick response to a big problem
incurring financial losses (no emails go through for example!)
- are upgrades straightfoward and not causing problems to the existing running system,
are they well tested.
- what if the SA project is abandoned, what if the source is bought by a commercial
vendor, in other words, what if SA as it exists today disappears ? With opensource you
cannot have a contractual engagement to provide support or updates, nor can you really
know the roadmap for a product and what is planned for future development
Blocking spam-tagged emails at the gateway level as we intend to do requires a good
trust in the chosen spam filter product !! And here is my point, this trust comes when
you can point at other and say: they use it, they are happy with it, and all problems
they encountered, they could fix them with the help of xxxx and if they get any more
problems they can rely on xxxx to fix them quickly.
I am desperate to get SA implemented (I just love it!!) but we wouldn't like to
reinvent the wheel if someone else did a similar implementation
I appreciate this is a very long email (apologies), if this post has got nothing to do
with this mailing list, I am more than happy to carry the discussion off it with
anyone who feels they are in the same position as me, as my company.
Best Regards,
Stephane
-------------------------------------------------------
This SF.NET email is sponsored by: A Thawte Code Signing Certificate
is essential in establishing user confidence by providing assurance of
authenticity and code integrity. Download our Free Code Signing guide:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0028en
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
