The concept^

The general idea behind decency is to evaluate the probability of a mail being spam or ham by applying multiple techniques and tests. Each of those provides a scoring and will be accounted until a a certain threshold is reached. decency is designed to be an extendable middle-ware between multiple third party filters (virus, spam), but also implements it’s own filters and policies, following a strict modular design. To achieve the most accurate decisions, it takes the results of a policy server, a content filter and a log parser in account. Furthermore, decency can be deployed in distributed structures as well as on a single mail server.

Why another content filter ? Why another policy server ?^

Well, that is the first reason why: there is no single (open source) application that combines both that i know of. The spam threat has not been decreased over the time, quite the contrary: it has hugely increased. I think it is of the outermost importance to bring those two points of defense as close together as possible.

Then there is the reason, that those (who implement one or the other) are not on CPAN, which might sound insignificant to the reader – but is not. In our hosting company – Fortrabbit – we require very special and unique abilities – both from policy server and content filter – which i could not find in existing solution out there. A solution dedicated to extendability tends to have a very modularized design – quite like a CPAN Perl Module.

The third reason is: distributability (is this an English word?). We, at least, have a broad spread architecture in our mail servers to reduce the impact of a single breakdown to an absolute minimum. decency supports this design – as well as it does works perfectly in a single mail server environment.

The fourth and last reason is more personal. I tend to make too much configuration mistakes. Amavis is a great piece of software – but to complex for my purposes. Then again, maybe decency’s configuration seams much easier to me, because i wrote it Also, after i became interested in this kind of software, i simply could not stop myself from writing it.

Of course neither of those reasons might apply to your setup nor improve your existing configuration – as always: it depends..

Is it “postfix only” ?^

No, or at least it does not has to be. For now, mainly postfix is supported, but most other MTAs should be able to implement the content filter. Exim should be able to use the policy server (with a work around). For the log parser, there is only a postfix parser modules available, but others can be implemented. Because i work mainly (you could say only) with postfix, i cannot implement other “bindings” then for postfix. But i try to keep it as modular as possible, not to slow down any effort to do this.

What about qpsmtpd ?^

Yes, there is qpsmtpd, which does implement the above mentioned techniques (content filtering, policy server) and is also open source. However the approach is entirely different: it is a replacement for your smtp(d) server. It  does implements it’s policy and content filters capabilities and then delivers the mails to your MTA (postfix, exim, qmail, ..). This is of course more flexible regarding the mail servers which support it, but also reduces the “backend MTA” to a delivery server. decency’s approach is the “other way around”: it relies on your MTA as the “main SMTP server” and integrates itself below.

To put it exaggeratedly: with qpsmtpd you could substitute the backend MTA. With decency, you could substitute your anti-spam measurements. Therefore i would not argue that both address the same issue.

Which approach is better or worse is not the question (imho), it is more: which can you integrate in your environment.

So, how does it work ?^

There are three servers in the decency core:

1. Policy server
   Sits at the very frontier and fights spam before it is received with various measurements.
2. Content filter
   Middleware for applying all kinds of content filtering, such as SPAM filters and virus filter from third party. Also implements some core functions like DKIM, archiving, anti SPAM filter training and some more…
3. Log parser
   Mail server log analyses is most important for running a healthy system, this tries to clean up and simply this effort.

The structure^

A simple setup^

• A mail is to be received from the internet, Postfix does not yet accept it.
• Postfix applies his own policies and then asks the policy server whether the mail shall pass.
• Postfix accepts and receives (or rejects) the mail and delivers it to the content filter.
• The content filter might reject the mail, which will force postfix to bounce it, or passes it again and re-inject it into another postfix process.
• The last postfix process delivers the mail (eg mailbox)

This is a very simplified diagram of the actual processes. However, it shows the position of two decency components: the policy server and the content filter. This setup is also an example for a simple, single mail server scenario.

Some more complex^

The concepts here are the same, but all components are dedicated to a single task. The trick has to be to allow all components to communicate easily – and imho without configuration hassle – to assure that all their unique results are accounted for and seen in a “global” scope. decency does that.

The syslog parser component is not on the diagrams, because it is not part of the mail deliver process. However, it takes part in the communication process by being able to track a mail through each re-injection to it’s very delivery (or bounce or whatever).