Roadmap |
MailWasher Server Development
Overview
MailWasher Server is an open-source, server-side junk mail filtering package. MailWasher Server differs from other open-source server anti-spam packages in that it offers a polished, well-integrated web interface and built-in quarantine management facilities - making it easier both for administrators to set up and manage the package on your server and for users to use the product on a day-to-day basis - and that it has full support for Windows Server/Exchange Server systems, in addition to Unix-based systems such as Linux and Solaris.
This document provides a roadmap for future versions, giving the major features currently planned of the package. This is a living document: it will be updated as new features and directions are suggested by the community. For a more detailed list of proposed or requested features, or to make some of your own, see the feature request tracker.
Many other ideas will come from other open-source antispam packages - even if technical and legal matters make it undesirable to use the same code, we hope that the free cross-pollination of ideas will bring benefits to all such projects.
| Release | Target date | Proposed features |
|---|---|---|
| 2.2 | March 2005 | Antivirus integration, More user customizability, Documentation port |
| 2.3 | May 2005 | Administrator quarantine access, SURBL support |
| 2.4 | July 2005 | Customizable regexp support, Complete code implementation for multilingual |
| 3.0 | October 2005 | LDAP integration, Multilingual translations |
Proposed features
Antivirus integration
The biggest benefit of integrating an antivirus package such as ClamAV into MailWasher Server is that it would provide a single quarantine facility, offering both good ease of use for end users, and tight administrator control (for example, many system administrators wish to prevent users from rescuing infected messages).
Unfortunately, license issues may prevent ClamAV from being compiled into the MPD directly, but we want to make integration as clean and easy-to-setup as possible.
Firetrust also intends to offer an alternative commercial antivirus system for those organisations who want commercially supported, turnkey antivirus protection provided by one of the major antivirus vendors.
More user customizability
MailWasher Server's convenient and user-friendly interface makes it easy to give users more control over their interaction with the product. We want to continue to extend the product's flexibility in this manner.
For example, one planned feature is to allow users to opt for HTML quarantined message summaries instead of the plain-text message summaries the product currently sends; the HTML summaries should look nearly identical to the web interface's quarantine pages, showing the synopsis and making rescue or download of the messages quick and as simple as clicking a link.
Port documentation to open system
The online help has previously been maintained in a commercial, Windows-only help system (though the help it exports is HTML-based and usable on all platforms). The documentation needs to be moved to an open-source, cross-platform documentation management system so it can be worked on collaboratively by developers on all platforms.
Administrator quarantine access
One often-requested feature is for administrators to be able to access their users' quarantined email, including being able to rescue it (regardless of the 'allow rescue' options they may have set to prevent end users from rescuing undesirable mail).
This will be especially valuable once antivirus support has been added, as in certain cases administrators may wish to examine infected messages if requested by users, for example if the user believes the message or attachments may contain important content that could be disinfected.
As with many other MailWasher Server features, new permissions will be added for the right to view other users' quarantined mail, and to rescue it, ensuring that organisations do not need to give only the permissions appropriate for each employee.
SURBL support
Current versions of MailWasher Server support IP4R RBLs and RHSBLs. Support for SURBLs should be easy to add and will be a useful filtering feature.
Customizable regular expression support
Adding support for administrator-customizable regular expression filtering will provide a simple way to help administrators deal with localized threats.
While we don't intend for this to become as fundamental a part of the filtering feature set as it has been in packages such SpamAssassin, we believe an interface that makes it easy to install and modify rulesets (in addition to individual rules) would also be very useful.
For users to be able to add their own personal rules, as they can do for the personal address blacklists and whitelists, would also be helpful, and it will be most efficient to develop this support at the same time.
LDAP integrationCurrently MailWasher Server uses its own, built-in accounts system. While these accounts can be auto-created when required, they still require users to remember (or manually synchronize) a seperate password, and since auto-creation can be a problem if the site suffers a dictionary attack, many administrators turn this off and set up the accounts manually - a time-consuming procedure for large organisations.
Integrating LDAP support into both the MPD and the MWI will allow MailWasher Server to natively support both Exchange Server (which uses Active Directory, which in turn uses LDAP as the directory protocol) and Solaris and OpenLDAP-based systems. This will greatly reduce the administrative burden of MailWasher Server for large sites, and will pave the way for distributed multi-server configurations.
Since many sites, especially those running on Linux, do not use LDAP, the current built-in accounts system will be retained and administrators will be able to choose which system they wish to use when they first install the product.
Multilingual translations
MailWasher Server's web interface gives a convenient, user-friendly interface to the product, but it currently offers English only; translations to other languages are planned and will greatly expand the potential user base of the package. The few automated emails sent by the system that are not already configurable will also need to be translated into these languages.
Code support for the internationalisation of the product has been slowly developing over time. The web interface uses the system locale to format dates and times appropriately. Unicode is used throughout, greatly simplifying the process of supporting other languages, and the web interface is almost completely created from simple editable UTF-8 text files, which can be easily altered to localize the interface.