Thursday, January 30, 2014

Another Spam Filtering Service - GFI MaxMail

In my quest for a postini spam filtering replacement I also tried GFI's MaxMail product.  Like the others, it is a cloud based solution that is slightly (pennies) less expensive than Spambrella.  You change your MX records to point to their server, which then filters the email and sends it on to your email server.

I really liked the user interface and the granularity of the spam filtering.    Everything seemed to be going well and I used the service for 2 months.  Billing was monthly vs Spambrella's yearly billing and that was kind of nice.

Every time you log in there's a graph display of the last week showing percentage of spam, percentage of virus and percentage or normal mail.   I was constantly seeing quite a lot of virus activity noted there.
When I used postini and using spmabrella there are occasional virus emails received (cleaned and reported) but this was a LOT of activity.  That seemed strange to me.  Their console had the ability to detail these messages but the messages themselves were discarded.  But my experience was that it their system would never show me any details at all even though properly configured to do so.  (They tell me that this has since been corrected).

Then I had a customer email me a visual studio project - and it never arrived.    So I had them email it to my gmail account - and I received it fine.  So I asked GFI about it.  They said it must have contained a virus - could I email it to them?  So I did and they never received it.  I finally had to setup my own smtp server and a packet sniffer so I could prove that the email was making it to their servers and report the Email id that they assign so that they could trace it through their system.

A lot of time went by and they said that I needed to FTP the email to their site because it was coming up as a virus attachment.

So I did that - and they said I was correct there is no virus in the email.  However, sending it through their system always flags it as a virus.  So weeks went by as they had their development staff working on this.

Why was this one email so important?    Well because I had OTHER people telling me that email to me wasn't being answered.  Email I never received.  I was beginning to suspect that all the virus activity reported wasn't REALLY virus activity after all but rather email I wasn't receiving that was erroneously marked as a virus.

In addition to this, some of my users were telling me that spam was getting through.  Not a lot.  But a lot more than when we evaluated Spambrella and a lot more than when using postini.

Finally their development staff said that the problem was resolved.  I tested it.   It would still not deliver the email.  So I reported that, and another few weeks went by.

I finally had enough and switched back to Spambrella.

To their credit, GFI has continued to keep me updated on the progress of resolving the problem.  The have updated their system to be able to track the virus reported emails now, but this particular email still won't make it through their system.

In the end I'm happy with Spambrella.  The ONLY issue I have with Spambrella is that new 419 scam emails do make it through for a short time before they recognize them and stop them.

Monday, November 4, 2013

SpamBrella - a Postini and Google Aps alternative

In my quest to find a replacement to the debacle that is the Google Postini transition to Google Aps I evaluated a service from  You can review my previous blog posting for a detailed account of the issues I encountered in attempting to make the Google Aps solution work for my domains and my customer domains.  

Spam (Junk Email) is a serious problem and time waster.  In addition it can expose your systems to malware via links to untrusted websites that are sent in these junk email messages.  I believe every company has some sort of strategy for handling this problem.  

I have several requirements for spam filtering. 

  • A message center where users and administrators can manage their spam and filtering settings
  • Individualized white and black lists to block certain addresses and allow others through the filter
  • Significant support for multiple aliases to an email address
  • Timeliness and accuracy
  • The ability to allow me to become a reseller of the service if I should so desire
In my quest to resolve the significant issues I faced with the Postini transition I encountered a service offered by  I spoke with a very knowledgeable and friendly representative both in email and on the telephone.  I decided to try an evaluation of the service to see if it would correct my issues with Postini and meet my requirements.  Immediately I ran up against a limit with the number of aliases I had with my account but Spambrella easily provisioned my account to allow 50 aliases per user.  

The service works similarly to Postini offering both inbound and outbound filtering as well as email continuity (ability to check email via their servers even if your email server is down) and email archive.  Each of these comes at a price, but the pricing is very reasonable and largely comparable to Google Aps pricing.  One sets up their mail server addresses with Spambrella and then configures MX DNS records to point to specific spambrella mail servers positioned around the world.    A configurable daily (or two times a day) email is sent to the users detailing their held (quarantined) messages and the user can use links in the email to either login to the mail management console or release the specific email.  In addition users can simply login to the console and manage their settings and quarentined  email.  

I used exports of my Postini account and user settings to setup the initial settings at Spambrella.  The web based administrative interface is intuitive and attractive. 

Spambrella offers some additional features that no other service I encountered offers.  These are "greymail" blocking as well as link filtering.   Greymail should not be confused with greylisting that is offered by several ISP's and filtering services.  Greylisting is a strategy where by ip addresses that connect are initially denied a connection to the mail server.  Legitimate mailers will try the connection again later at which point the greylisting server will "whitelist" the ip address and allow the email through.    

Spambrella's Greymail blocking (which is optional)  allows you to block "greymail".  Most spam reported is actually greymail.  Somehow or other users end up on a mailing list for a company or product and this company sends advertising or other alerts to the subscribers.    Most of my spam complaints from users are actually greymail.   Spambrella offers an option to block this greymail by default.  The mail ends up in the users quarentine and can be released and the sending address whitelisted if desired.

Spambrella also offers a filtering of hyperlinks that are included in the email  They have partnered with McAfee for this offering and it is really interesting and beneficial.  Any hyperlinks in the email are replaced with a url that goes through McAfee.  The sites being visited are scanned against known malware and infected sites and the user is allowed through if all clear, or blocked if the site is infected with viruses or malware.  Unknown sites are scanned real time and their status is displayed so the user can decide if the visit is warranted or not.  For those administrators uncomfortable with links in email being replaced, the feature is optional.

In my evaluation period of the service, I found the support to be exceptional and the filtering to be first rate.  There were few false positives (Aside from greymail that we actually wanted to see) and virtual no spam making it through the system.  The quarantine summaries were easy to read and handle.  The end users had no complaints and the performance of the system was superior speed wise.

For businesses and users transitioning from Postini to Google Aps who are dissatisfied with the accuracy, feature set and stability of the Google platform and for those looking for junk mail filtering for the first time, I heartily recommend   

Postini Transition Alternatives to Google Aps

A long time ago, when I first developed web sites and was also active on news groups, I started getting a lot of junk mail (spam).  I had published my email address on multiple web sites.  I don't like having to switch email addresses and I really like the ISP I use for web hosting and email so I looked for a spam fighting solution.  The isp ( uses spamassasin for reducing junk email, but it just really didn't keep up with the annoying mass of email that kept arriving.  In addition other associated email addresses that I have setup for subcontractors and family also received a ton of junk email.  

I went on a search again for an email filtering solution that would be easy to implement, relatively inexpensive, and accurate.  I ended up finding Postini.   Postini had been recently purchased by Google but I was very impressed with the accuracy and simplicity of the product.  Basically you point Postini to your mail server and point your DNS MX (mail exchange) records to a special Postini set of addresses.   You can then manage your email users, with multiple aliases, set levels of spam filtering and create white and black lists for spam delivery.  This worked flawlessly for several years.

I liked the service so much that I transitioned some of my web hosting customers over to Postini.  I wanted to become a Postini reseller but Google had discontinued that option, so I just setup individual accounts for these clients.

Then the ultimate in corporate consolidation began.  Postini users were told they would be transitioned to Google Aps for Business.  The pricing would remain the same and equivalent features would be available and everything would work the same, expect you would get superior spam filtering.

I had noticed that the filtering Postini had begun to falter at times, but overall it was still very good.  A few more false positives than I liked and some spam making it through, but the whitelist took care of the false positives and the others gradually died off as postini did update their filters.

I attended several webinars given by Google about the postini transition.  They really wanted people to switch to gmail for their end users but for several reasons I didn't want to do that.  My users were all happy and well versed in using the email services and could use any email client that they liked.  In addition gmail just was going down too often, while my ISP email NEVER went down.

However, Google promised that these external mail servers could continue to work with enhancements that they would make to Google Aps.  There were several other features that were essential to me as well.  One of these was a user specific white and black list.  Often times people would get on mailing lists, or company notification email lists, and while technically not spam, these users would not want these emails.  Blocking or allowing these on a user by user basis is essential.  In their webinars when this subject was brought up, Google just said Gmail would learn from the user marking items as spam or not and would then properly deliver email.  This was such a weak response that many questioned it.  The main objection is that these accounts are not going to use Gmail!

Postini also has a message center that will allow users to administer their own spam settings (if the administrator desires to allow it) or that the administrator can use to look at user email quarentine  and manage white and black lists.  I used this feature heavily to help the less tech savvy users block and allow email and to handle filtering of known malware links that might show up first in my mailbox.  If it made it past postini filtering in to my box I could be assured some of my users would get it as well.

Google hadn't (And as of this writing still HASN'T) developed a message center.

Google's repeated promise was that the transition would NOT begin for any accounts until equivalent functionality was available.

Frankly with Postini starting to fall down on the filtering job and complaints increasing from my users I was looking forward to the transition from Postini to Google Aps.  Google was to transition accounts on their anniversary date which for me is April, in case some accounts didn't want to make the jump for some reason.

Imagine my surprise when I received email on all my accounts about transitioning in late August that indicated my accounts would be transitioned and that it was required and that once the transition began it could not be reversed.  Google obviously has a drop dead date for Postini and they wanted to transition these accounts ahead of their anniversary dates.

I was satisfied to do it - but they did note that the message center application wasn't ready but would be early in the third quarter.  There didn't seem to be any option to wait, however, as they gave a 90 day deadline to make the transition.  As Postini filtering continued to deteriorate I decide to go ahead and start the transition.

That's when the pain began.  My users didn't all fully transition.  Some were partially in the new Google Aps for Business user interface and some were in one area but not others.  I reported the issue but it went unresolved so I manually deleted and re-added the users that were not properly configured.

I learned that each email account would have a separate Gmail address.  This gmail address could be used to view the spam that was filtered and the user would also receive a daily quarantine summary similar to postini where they could mark email that was captured as spam to not be spam and it would be delivered to their inbox.

I set things up according to Google specifications and mail began to filter through the new engine.  And more and more spam started to appear in end users mail boxes.  In addition a lot of false positives started to happen.  More troubling was that some occasional emails were showing up in the gmail account inboxes.  Google assured me that nothing should show there.  That my users didn't even have to know about the existence of these inboxes because we were using an external (What Google in market speak termed "Legacy Servers") mail server.  However, email was definitely showing there and there was NO FACILITY To get that email into the end users "legacy" email inbox.

I went round and round with Google Aps support on this issue and they finally said that the problem was that the email made it past their first filter but in the second filter it was identified as spam.  They never could explain why it didn't end up in the spam folder or why it never showed on the quarantine summary.

Then the issue of email undelivered came up with my users.  My users (and even myself) sometimes deleted the quarantine summery.  The summary had links to release email that was held as spam.  However, if you lost or deleted the summary there was NO WAY to get the held email delivered to your inbox.  If you logged into the secret gmail account and marked spam in the spam folder as not spam, it would move to the secret gmail inbox and NOT be delivered to the end users email server.  Without a message center there is no way to manage delivery.

In addition there is no per user white or black list available.  The filters are to learn as you release email that the email isn't spam.   They have a confusing scheme where email is released, but can then in the same interface be marked as spam.  This is so you can look at the email, then decide if it was really spam and mark it.  This was so counter intuitive to my users that they were marking legitimate email as spam as the mark as spam button was the largest and default on the screen.

In addition to all of this I was receiving email from another client that was clearly not destined for me in any way, shape, or form.  This never happened with postini.  For each of my clients I had setup an email alias that forwarded to my email for managing the billing and the root postini account.

I would setup  this account and then have a forward to the principal at the business and to me.   With Postini this was never a problem.  With Google Aps I was suddenly receiving email that was destined for another user at my client's domain.  What I found out after a bit of going back and forth is that when an aliased email is released, it is delivered not to the alias email address but to the main address associated with the alias.  So while I wasn't doing anything wrong, the email was going to the base account email because the primary business owners email was the one it was addressed to and it was the one I have the special account setup to forward to!

At this point I am spending a lot of time managing email systems that here to fore were working perfectly.  And things are becoming quite frustrating.

I also have some special needs because in the past I setup special email addresses to bypass filtering and expedite delivery.  Some of these are still in use but I personally have about 30 aliases that go to one email inbox. Postini handled this well.

In all my frustration I turned to the internet to find an alternative to Postini that would give me equivalent functionality and filtering that would be superior to the now inferior Google Aps solution.

I found several offerings.  McAfee has one, Symantec and I found a few others as well.  Each of these  had a 5 alias limit per paying account and the pricing would often quintuple what I was paying for Postini.   In addition I am responsible for more than just my domains.  I have clients that are being negatively impacted by the transition to Google Aps and I need to act.  It would be nice to be a reseller for these services in order to get some volume discounts and to better serve my clients.

I eventually found two Postini competitors that use the same basic infrastructure of  special MX servers as well as the ability, if desired, to archive email for those clients requiring an email archive.

I am going to review each of these in a separate blog posting.  Stay Tuned....

Thursday, September 9, 2010

My life with my Mac

As you may or may not know, I'm primarily a "Windows" developer.  However, about a year and a half ago, I decided I wanted to do some iphone development.  The only way to do this is to use a mac.

My main computers were a Dell Desktop and a Dell Latitude laptop.  The latitude was showing it's age so rather than buy a Mac Mini I opted to replace the Dell laptop with a shiny new aluminum MacBook.  I opted for the 13 inch.  I travel a bit and lugging around the heavy Dell was getting tiresome.  The 13 inch Macbook is light.  I opted for the 2.4ghz Core 2 Duo with 4 gig of RAM.  I wanted the extra RAM because I still wanted to run Windows for my development work.

I didn't have any particular love for the Mac.  When they came out initially in the 1980's we used to call them "Crash 'n Toss" computers because they only did word processing and spreadsheets and when the hard drive crashed it was basically toss it and get a new one.  I knew little about the user interface or multi-touch gestures (Though I did have a new iphone).  I had opted to pursue Windows years ago because of the installed user base.  But here I am with this brand new Mac notebook computer.

I had considered using a Mac tool called "Bootcamp" to boot to Windows on the Mac.  However, prior to this I had switched all my Windows development to be performed within Virtual Machines.  I created a Windows Virtual Machine and would work within it.  I could separate my clients work, I could test software on different versions of Windows and I could backup the machines easily just backing up the entire virtual disk.

I wanted to continue this strategy so I looked at the virtualization solutions for the mac.  There were three.  Parallels, VMWare Fusion and Virtual Box.  I wanted a solution that would allow me to take the Virtual Machines from a Windows host to a Mac, and BACK in case I had a problem with the mac.  Parallels would not import my variable sized virtual machine disks, and Virtual Box just didn't really work.  I ended up choosing VMWARE Fusion and I'm really happy with the choice.  As the product has matured I can even run and test 64 bit versions of Windows.  All in a VM.  Unlike Microsoft Virtual PC at the time, I could even use USB devices.  Printers are shared with the Mac and the sharing of folders is seamless.  I really like it.

I still did a lot of my daily work in Windows.  I used the windows web browser, and email clients.  I did word processing and spreadsheets on windows and of course my development was performed on Windows.  But the Virtual Machines are great and I have never had to boot the mac to Windows.

What about all this neat software that came with the Mac?  I started toying with the browser and with Firefox on the Mac and just with the general user experience.  I wish I could quantify this for you better, but the end result is that the user experience on the Mac is just WAY BETTER than under Windows. 

The track pad is smooth.  The laptop itself is better.  The track pad is large and supports multi-touch gestures (which I will get to in a minute).  The way the "finder" works, the way the machine is organized and the way the user dock works and the application menu at the top is just smooth and easy.  There is only a single menu bar - at the top of the screen.  When an application has "focus" the menu bar changes to the bar for that application.  Everything is very consistent and easy to use.  In the doc active applications have an indicator.  And can I tell you how STABLE this machine is?  I never have to reboot it and it almost never crashes in any way. 

What about software for the Mac.  Since the OS is UNIX based most Linux projects have OS/X versions and there are OS/X versions of most major software.  I use Microsoft Office for the Mac now as well.  In fact I've migrated all of my day to day work and administration to the Mac - except for actual software development that I still do in Windows Virtual Machines.  Much of the software is free!

I keep my desktop Windows 7 machine around just for testing and in case this laptop dies and I need to run my VM's there - but I never use it.

Did I mention how FAST this machine is?  The processor and RAM really aren't impressive.  The Windows desktop machine is a quad core 2.8mhz machine also with 4 Gig of RAM.  However, the Mac is super snappy and even the Virtual Machines run quickly.  I'm super impressed.

So now I've switched all my daily information to my Mac.  The contact management of Mac Mail is superb.   The software highlights contact info embedded in email and lets you add it easily.  The search functions of "Spotlight" make it EASY to find old messages, PDF files, documents or anything.  And it's fast. 

Recently I bought a third party package called Mail Steward to archive all of my email.  I have kept everything since I started emailing and it's a vast resource of information.  Using this software, I can quickly find anything.

What about backing up the machine?  This is one of the coolest things about the Mac.  The software is built in and called "Time Machine".  It runs in background all the time, making incremental backups and managing the backup sets on any backup volume you desire.  I do mine wirelessly.  I have my wife using an external hard drive.  I let her use my Mac for a bit and she loved it so we switched her to the Mac as well.  We even bought an iMac for my daughter.   I have restored files via Time Machine easily and quickly.

What about reliability of the hardware?  I've never had a problem but my wife's machine had a fan rubbing.  We took it to the apple store and they sent it off.  We had it back in two days - delivered to the door.   At the time I didn't know how long it would take so I took my wife's time machine volume and plugged it into my daughters iMac.  I then restored my wife's user account from the time machine backup onto the iMac.  It loaded EVERYTHING from documents and files to the actual SOFTWARE she had installed and had been using. 

It was fantastic.

What about software updates and operating system updates?  I've been through several minor updates and one major update.  All went seamlessly and I've never had an issue.  And they happen quickly. 

There are several things I like about the operating system.  One is the multi-tough gestures.  The one use most is the two finger scroll.  Scroll bars (Even in Windows Virtual Machines) can be scrolled by two fingers.  Another is the "Zoom".  Since I have the 13 inch MacBook sometimes I need things bigger.  Just press the control key and two fingers up and down slide zoom in and out.

There are other productivity features as well.  A Mac feature called Spaces allows you to have multiple desktops and place applications on different desktops.  Switching is easy and if you activate an application from the dock, it activates the proper desktop.

Multiple monitors are supported easily as well. 

At this point, short of actual software development for Windows, there's nothing I can't do easier and better on my Mac.  It's been well worth the purchase. 

I welcome comments and questions about my experience. 

Thursday, November 19, 2009

Let's try something new

It's strange sometimes how resistant to change we can be.  For example: food.
We like what we like and seldom try new things.  Well, some people are adventurous and try new foods on occasion.  Sometimes you can find something really good if you just try it.

Let's take Apples.  I'm not talking about the computer kind - though I could make that argument fairly soundly.

If you go into the grocery store you will normally find a few standard kinds of apples.  If you go into the store that starts with W you find Golden Delicious and Red Delicious and occasionally Granny Smith.

Did you know that there are a lot of other wonderful types of apples.  My family and I went to a local apple orchard and sampled Cameo, Dixie Red, Johnathan, Jonagold, Mutsu and a host of others.  We liked the Mutsu best of the green apples and Cameo of the red.  You can find some of these in the grocery store. 

While the Cameo was our favorite, when we went back they didn't have any.  Did I mention, that from an orchard they are quite inexpensive?

Back at the grocery store, we tried Braeburn, Jazz and Honey Crisp.  We really like the Jazz and the Honey Crisp.  My personal favorite is the Honey Crisp.

If you get a chance you should stop by the supermarket - even if you don't like apples - and try some of these.  Get a Honey Crisp or Jazz - you won't be sorry.  You won't find them in that big W store - so try somewhere else.

Sunday, October 25, 2009


To start out I thought I would just tell you a little about myself.  I'm the author of Sams Teach Yourself COBOL in 24 hours.  I'm self employed full time as a consultant.  I develop software in various forms for many different companies and individuals.  In addition, my business handles website development and hosting for small and medium sized businesses.

Most of the software development I handle is for Microsoft Windows.  I can and do code in COBOL, Java, C, C++ and C#.  I'm delving into OS/X and iPhone development as well.

I'll be blogging about Software development, Hardware and assorted other things that I think you might find interesting. 

There are links to my personal and professional websites.  If I get enough interest maybe I'll join Facebook.  I do have a twitter account for Software Simple - but we haven't done anything with it yet.

If there's something you would like me to write about or comment on - please let me know!