cancel
Showing results for 
Search instead for 
Did you mean: 

Third party spam management system

lingbob
Grafter
Posts: 734
Registered: 05-04-2007

Third party spam management system


Would somebody please be so kind as to post further details in here regarding the project mentioned below:
Quote
Planned Spam Protection Maintenance - Wednesday 22nd August 6:00am-7:00am
Email
Posted on: Monday 20 August 2007, 12:05
Maintenance Window:-
Wednesday 22nd August 6:00am-7:00am.
Service Affected:-
Email.
Duration of expected customer impact:-
Approximately 5 minutes.
Detailed description of work to be performed:-
We are putting a third party spam management system in-line on the mail platform to asses the functionality and scalability of the system. No change to spam management should be seen by customers at this point. This work was first attempted last month however the system had to be removed due to complications that were encountered. Further details regarding this project have been posted to the Usergroup discussion forums:-
http://usergroup.plus.net/forum/index.php/topic,5002.0.html
Expected customer impact:-
There may be a short outage affecting our primary mail delivery servers. No email will be lost as a result of this work as messages will be handled by our secondary servers.
Other Notes:-
None.
Kind Regards,
Bob Pullen
Customer Support

TIA and regards .....
10 REPLIES
Mand
Grafter
Posts: 5,560
Thanks: 1
Registered: 05-04-2007

Re: Third party spam management system

Hi there,
The 3rd party mentioned is Critical Path, and you can find more info on the PUG forums here.
lingbob
Grafter
Posts: 734
Registered: 05-04-2007

Re: Third party spam management system

Quote from: Mand
Hi there,
The 3rd party mentioned is Critical Path,

Thanks for that information.
Quote
and you can find more info on the PUG forums here.

That link's the same as the one posted in the Service Announcement but it doesn't take me to the information, that's why I asked if somebody could post it in here.
Regards .....
astarsolutions
Grafter
Posts: 393
Registered: 26-07-2007

Re: Third party spam management system

Quote
but it doesn't take me to the information

What does it take you to?
lingbob
Grafter
Posts: 734
Registered: 05-04-2007

Re: Third party spam management system

The PUG login/registration page.
Regards .....
Mand
Grafter
Posts: 5,560
Thanks: 1
Registered: 05-04-2007

Re: Third party spam management system

You'll need to register for the PUG site to see all the info in detail.
I'll copy the original post over here if necessary tomorrow morning, however the thread has been ongoing since July so if you want all the info you will need to register. I hate copy and paste at the best of times! Cheesy
lingbob
Grafter
Posts: 734
Registered: 05-04-2007

Re: Third party spam management system

Just the tasty bits will do thank you very much  Grin
Regards .....
Community Gaffer
Community Gaffer
Posts: 13,294
Thanks: 1,070
Fixes: 86
Registered: 04-04-2007

Re: Third party spam management system

Here's a copy of the post from the PUG forum...
Quote
Afternoon all,
As hinted at towards the end of my recent Community Site Post on mail/spam deliverables, we will soon be looking at trialling a third party spam appliance in front of the customer facing mail servers.
This will be based on a solution provided by Critical Path which we have been using for some time on our internal 'Gatekeeper' email platform.
Josh has been beavering away at this over the last few days and we hope to go out with the customer facing annoucements shortly.
Anyway I thought I'd make this post for a couple of reasons. Firstly to give you guys an idea as to what the trial entails, and secondly to ask for candidates who would be willing to do us a favour and act as guinea pigs if and when required.
So to get the technical stuff out of the way...
The solution is based on Critical Path's 'Memova Anti-Abuse Appliance' (MAA). This is a plug-and-play solution specifically designed for service providers that sits at the network gateway and stops spam, viruses, and malicious attacks such as denial-of-service and phishing. It allows service providers to check the validity of e-mail sender addresses using SPF and slows the processing of messages from potential spam sources, which helps prevent spammers from quickly delivering high volumes of spam. In addition, enhanced administrative controls let service providers easily customize anti-spam and anti-virus services at the domain, class-of-service, and subscriber levels.
We've had one of these boxes in front of our internal 'Gatekeeper' email platform for a while now and the results have been relatively positive. What we've been doing for the last few months is marking messages the MAA considers to be spam with the tagline [Suspected Spam]:

 

For those that don't know, our mail platform is spread across two sites. We currently have 11 primary mailservers at one site and 8 secondary servers at the other (we due to put another 3 in soon). All the servers sit behind load balancing kit that's installed at each site.
The plan is to install an MAA at each site behind the load balancer but in front of the mail platform. This is neccessary for resiliency purposes more than anything else as the initial plan is to limit the additional filtering to the primary mail servers only.
We received an additional MAA last week and Josh has been busy installing this on the platform. Once in place we will remove the box being used for internal email and put that on the customer platform too. We can then copy the config across and start monitoring the platform.
*Very* top level overview as follows:

  • Receive 2nd MAA
  • Configure IP mapping and network routing for MAA 2
  • Copy config from MAA 1
  • Update license keys
  • Configure SMTP routing
  • Write script for domain updates/subscriber config changes
  • Add rbls
  • Set up SNMP monitoring
  • Move MAA 1 off the Internal network and install
  • Configure routing as above and copy config from MAA 2
  • Test on a subset of domains
  • Comms
  • Switch mx.core to point to critical path boxes
  • Comms
  • Switch on additional functionality
  • Evaluate success of trial

It's important to note that when mx.core is switched to point at the critical path boxes, they will be configured in 'silent' mode. This means that they will not be doing any active filtering. The only thing noticeable to customers will be an additional header in the email as follows:
X-MAA: Suspected Spam

When we do switch to using filtering we're going to keep the [Suspected Spam] marking convention unless anybody has any major objections.
I did intend on posting this last week so we've actually done most of the work apart from to switch mx.core to point at Critical Path.
Anyway, onto the second point...
Who fancies being a guinea pig?
What we'll do is put your domains into the system ready for when we switch mx.core to the MAA's. When this happens anyone on the test bed will see the [Suspected Spam] tags.  Other customers will just see the added header. There's likely to be more varied tests moving forwards but that will be it for the time being.
This is a trial so there has to be a caveat that we can't be held responsible for anything untoward that happens.
Applications on a PM to my inbox please (unless you don't mind posting your domains here). This can be hosted domains or virtual domains (.plus.com etc.) When sending me a message please include your real name, account username, and the domain you would like moving to the test bed.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

lingbob
Grafter
Posts: 734
Registered: 05-04-2007

Re: Third party spam management system

Most interesting and thanks very much for posting it.
Regards .....
mapletree
Grafter
Posts: 644
Registered: 28-07-2007

Re: Third party spam management system

Just a thought - is the marker "[Suspected Spam]" a bit long so as to render the rest of the subject invisible in some email clients?
Community Gaffer
Community Gaffer
Posts: 13,294
Thanks: 1,070
Fixes: 86
Registered: 04-04-2007

Re: Third party spam management system

Quite possibly but I think it suffices for the purpose of the trial (I didn't have many problems using Thunderbird when we trialled it on our internal platform).
I asked around and the tag itself isn't adjustable by default. We'd have to get Critical Path to alter their code. Considering the fact that this will need to be done when (if?) we roll the platform live anyway, then it's probably best to wait until then.
It's only the trialists that would see the [Suspected Spam] tags.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵