[pmg-devel] Feature Requests
Christian Heutger
christian at heutger.net
Thu May 17 23:57:28 CEST 2018
Hi,
I found this list in your forum and like to ask for some features (from easy to bigger job) to improve your product and reach more customers or potential subscribers:
Nice to have:
1. Ask for IPv6 optional address at installation time
2. Let a time server be set
3. Allow to replace the cert via GUI
4. Ship with a nameserver (bind or unbound, if run outside DMZ)
5. Ship with a potential firewall setup (if run outside DMZ)
6. Ship with a potential VPN setup (if run outside DMZ)
7. Ship with vim instead of this worse vim version
8. Recommended blacklists choosable from a list like spamhaus, spamcop etc. I can provide you a good list. Barracudacentral BTW is a bit like UCEPROTECT, they have a bad taste because of emailreg.org
Should have:
1. Pyzor and DCC support (if not enabled/shipped because of license issues could have a setup script or could be included in subscriptions)
2. Additional postfix restrictions/settings (smtpd_data_restrictions = reject_unauth_pipelining, unknown_address_reject_code = 550, unknown_client_reject_code = 550)
3. Additional blacklist possibilities, in particular here domain blacklist for HELO, sender and client (reject_rhsbl_helo dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org, reject_rhsbl_client dbl.spamhaus.org)
4. Additional blacklist possibilities, in particular here content filter blacklists for tagging (barracudacentral, manitu, wpbl as all of them have false-positives, which make them unusable for blocking on postfix reject level)
5. Additional clamav signatures (as well a cooperation with the signature vendors especially SecuritInfo and MalwarePatrol could improve your subscriptions) or another antivirus software like Sophos or the possibility to use more than one scanner
6. Backup settings (if everything included, it’s enough, otherwise the option also to backup all customization paths) to external storage, e.g. via lftp and e.g. with a 7 day rotation
7. Possibility to use compiled versions of SA rules
8. Enable GeoFilter and add GeoFilter rules (also maybe explain, that the language setting in spam filtering does)
9. Possibility to add additional rule lists e.g. schaal-it, sought rules, heinlein support, zmi for sa-update (combined with the auto-update of spamassassin rules themselves, I did not find the cron job therefor, so I need to add my own cronjob)
10. Possibility to add additional spamassassin plugins or ship with extremeshoks from reply to plugin (shipping with would help, that the github scripts like clamav additional signatures, extremeshok plugin and openvpn script will always be updated with the system)
11. Possibility to reject messages with a special spam score (I can block in actions, but does this send a legal reject via postfix or just block further delivery?) It’s somehow illegal to „eat“ spam away, if block would do that, but it’s legal to quarantine, tag in header or reject in mail handling, so the sending server get’s a reject and can report to the sender, that the mail was not able to send through.
12. Possibility to better handle virus mails, e.g. inform the receipient, that this message had a virus and the one has been removed (I did my own subject tagging therefor, same for dangerous attachments) and/or to reject virus mails also already in the sending stage (reject to the sender)
13. Possibility to use dns blacklists with treshold (scores are able to been set in the GUI, but there is no option to set the treshould), I suggest zen.spamhaus.org*2 bl.spamcop.net*2 psbl.surriel.com*2 spamrbl.imp.ch*2 noptr.spamrats.com*2 escalations.dnsbl.sorbs.net*2 ix.dnsbl.manitu.net b.barracudacentral.org db.wpbl.info with a treshold of 2
14. Possibility to set system updates to autoupdate with report of the updates performed to the admin mail address (BTW, I got no update notifies yet at all)
Must have (e.g. not adjustable by easy manual work on CLI, however, this work prevent from higher subscriptions support as customized, so also the CLI things above should be shipped with the product to keep the customers also taking higher subscriptions):
1. Tracking center should include subject, maybe also message content (last could be removed, restricted on four eyes access or just for a period of x days), regarding GDPR also subject is no problem, expecting that an administrator has been choosen by his role he also would need to be able to check the mail archive solution on its success and will also see the subjects and contents there. Maybe let’s choose the content available or the columns displayed by adjusting possibilities. Most important, Tracking center and statistics should be combined (by extra filters and adjusting colums/views), currently to check a full trail, it’s required first to look in the tracking center, second in the spam statistics. For sure, I understand, the one ist from postfix, the other from spamassassin, but it’s no good handling. Or provide a link. Also the filtering options like status (maybe more status options for rejected ones) could be optimized.
2. Statistics graphs should be customizable, e.g. don’t include spam mails, spf, ... and there is no clear definition of what is junk (I know, it’s the rejected and spam is the content filtered one), similar as the tracking center, seperate statistics graphs for pregreet vs. rbl is not such fine, could and should be integrated with the other statistics.
3. Better documentation on the options (e.g. help bubbles, text or a documentation linked with more information, your pdf is a bit small), e.g. on advanced statistics, which are about getting valid users from outgoing filtering need to be disabled on incoming filtering only
4. Nicer presets on tracking center start and end date as everytime an error occure if first choosing today in start and e.g. today + 1 in end
5. Spam statistics receivers should be combined by ignoring lower or upper case, currently with only incoming filtering and advanced statistics disabled all combinations are case-sensitive and result in extra datasets
6. Maybe the possibility to use rspamd instead of spamassassin, should be faster, better quality, maybe to choose between both, maybe in different subscriptions, maybe rspamd would also help to solve some points above)
7. Mobile view of the GUI or mobile app, currently PMG GUI is completely unusable on mobile
8. For outgoing filtering, PMG should support SMTP-AUTH as well as DKIM
9. Greatest would be (could be another subscription or an optional addon subscription) as well as mail archiver or secure mail gateway, e.g. integrate something like piler (it also use open source components and put them together, but with your quality of GUI) or ciphermail (also open source based on components which are as well open source, but combined with your GUI)
I hope, I did not forgot anything. All steps I was able to do and did are documented in your forum in my thread Feature request. I would be happy to see your product growing and improving e.g. with the suggestions above our provide a user voice solution to have the community ask for features. I would also accept special subscriptions with more features or integrated ones instead of only differenting in service, especially if the service is not available on adjustments.
Regards,
Christian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pve.proxmox.com/pipermail/pmg-devel/attachments/20180517/e7b610c5/attachment-0001.html>
More information about the pmg-devel
mailing list