I posted an answer to this question on Monday on the Webmail blog.  However, something is broken with the feedburner RSS feed on our site.

Anti-spam has been one of my areas of focus for several years, and something that I have enjoyed.  Recently though, spam fighting has gotten pushed to the side with all of the other things that I am responsible for.  It is painful to watch spam slip by the filters and I am definitely excited to have Mike T working on this project.

The first thing Mike is going to do is take our existing whitelist/blacklist functionality and push it up to the Postfix level, rather than the amavisd + spamassassin level.  This will ensure that system-wide rules don’t override individual user or domain rules.  The second thing he is going to do is give our customers the ability to whitelist/blacklist IP addresses, in addition to just sender email addresses.  Next, Mike will be building a system that makes "whitelist/blacklist/greylist/unknown" decisions based on aggregate whitelist/blacklist data, sending history, mail volumes and third party sender reputation databases.  This will be some really powerful stuff.  After that, he will do some work on the content filters behind this sender reputation system, possibly incorporating DSPAM which learns from the spam that each individual receives.

I mentioned back in February that we are switching our POP3/IMAP proxy software from Perdition to Dovecot.  These proxy servers are still in beta, because there is a bug with how Dovecot handles SSL connections.  Timo (Dovecot’s author) attempted a fix a few weeks ago, but the fix introduced new problems, so we reverted back.  I am hoping to get the final bugs resolved within the next couple of weeks so that we can release this out of beta.

In the mean time, we have been hard at work upgrading our backend IMAP software – also to Dovecot.  Currently we run Courier-IMAP, but Courier does not handle large mail folders efficiently.  Webmail, unlike desktop clients, does not have its own cache, so it relies on the IMAP server to obtain header listings and to perform sorts and searches.  Courier lacks indexes that would make these operations fast.  Instead it must open every message file and parse out the header information in order to return a sorted list of emails back to webmail.  Dovecot on the other hand, makes heavy use of indexes.  The indexes allow a folder with 10,000 messages to be sorted in less than a second, whereas Courier would take 30-60 seconds or even longer, and usually cause a timeout.  The speed difference is amazing.

In order to make the switch seamless, we have configured Dovecot to run in parallel with Courier on the existing mailbox servers.  We patched Dovecot to utilize Courier’s folder subscription and message UID lists, so that both systems can utilize the same maildirs.  If you are interested in these patches, shoot me an email and I will send them to you.

Webmail will be the first application to switch to Dovecot.  We began rolling this out server-by-server on Wednesday.  We are taking our time with this rollout since it is such a big change, just in case any unforeseen problems arise.  So far the issues have been minor, and easily corrected.

Once the beta proxy is bug-free, we will start migrating the front-end POP3 and IMAP systems to Dovecot.  Needless to say, we are making a big commitment to this Dovecot thing.  It will be at the core of what’s to come.