BaruwaOS

Baruwa Enterprise Edition is no longer just a web interface, it is now a fully fledged mail security system using a customized enterprise Linux operating system. The goal is to provide you with a solution that just works out of the box.

The full package list is available at https://packages.baruwa.com/

BaruwaOS is described in detail in a different post, find it in part1

Baruwa Setup

Baruwa Enterprise Edition >= 2.0.7 uses an automated wizard based utility called baruwa-setup to configure the system. This utility collects configuration information from the user, performs any required software updates and then configures the system based on the profile selected and the configuration data collected. This simplifies the whole setup process in that the user does not have to edit any files.

Baruwa Setup is described in detail in a different post, find it in part2

Enhanced Clustering

This release has introduced enhanced and easy clustering with support in both BaruwaOS and Baruwa Setup.

Clustering is described in detail in a different post as well as in the documentation, find it in part3

Content Protection

Content Protection in Baruwa Enterprise Edition is used to manage the types of email attachments that users are allowed to send and receive. It can be deployed to prevent malicious attachments from entering an organizations network or to prevent internal users for sending out organization data out of the organization network via email.

Baruwa Enterprise Edition allows you to perform certain actions based on the type or name of attachments attached to an email message that is being processed by it.

Content Protection is described in detail in a different post as well as in the documentation, find it in part4

MTA Settings

This release introduces MTA settings management functionality within the web interface. Prior to this release MTA settings had to be managed by editing text files.

MTA Settings in Baruwa are used to Manage the following lists

• Empty Reply Checks Exemptions
• Subject Block List
• Anti-Virus Checks Exemptions
• System Signature Exemptions
• Ratelimit Exemptions
• TLS/SSL Exemptions
• Anonymizer List
• DKIM Checks Exemptions
• DNSBL Checks Exemptions

MTA Settings are described in detail in a different post, find it in part5

Local Settings

This release introduces Local rule score settings management functionality within the web interface.

You will now be able to set local score for various spam checking rules to override the default rules all within the interface without having to modify a single file.

Please refer to the settings section of the documentation for details.

Datafeeds

We have introduced various Baruwa datafeeds that are used by BaruwaOS to improve detection rates. We currently have the following feeds.

• DNSBL - both white and blacklists
• IXHASH
• Spamassassin Rules Channel - Our own rules channel
• Phishing lists - Both white and blacklists
• Rule scores update Channel

Using the above we are able to push in realtime new rules, scores etc, this means in most cases you do not have to monitor and manage rules and scores yourself we do it for you.

Address Tagging

This release has implemented functionality to support Email Address tagging. It is now possible to add addresses using a regex such as username-*@domain.com or username+*@domain.com. The supported delimiters are - and +.

Improved Approved and Banned Lists

Domain administrators are now able to use the list to all option which was previously only available to Administrators.

Listings to all are handled at the MTA level. MTA level checks now support blocking based on network address and network ranges as well. These were previously only supported after SMTP.

Outbound protections

Outbound relaying has been enhanced, rate limiting has been implemented as well as brute force protection. This ensures that your relays do not get blacklisted due to spam out breaks on your internal networks.

Adding on networks is now supported, previously you could only add a host.

DMARC

This release now supports DMARC checks, the checking takes place within the MTA and the scoring takes place within the scanner meaning you can use local settings to adjust the score settings.

Global Signatures

This release now supports Global Signatures which allow you to add a site signature to all mail sent out through the server regardless of the status of user or domain signatures. Can be used to add scanned by xxx messages

Baruwa Hosted Theme

The Baruwa Hosted theme is now available for installation and customization. You can install it via yum.

Timezone Awareness

This release implements timezone awareness for Baruwa reports, reports now sent to the user at the configured time in their own timezone not the server timezone. By default reports are sent at 07H00, users in New York or Sydney will each get the report at 07H00 their own local time.

Detailed SMTP Error Information

This release introduces and SMTP Error information page. This provides a more in depth error message than provided at SMTP time. The MTA will display links to this page for the detailed error message.

Monitoring

This release introduces monitoring via the NRPE protocol, depending on the system profile, the following points are available via NRPE.

• Disk space
• Uwsgi process
• Database process
• Database proxy process
• Indexer process
• Cache process
• Message Queue process
• Baruwa celery process
• Baruwa Logging process
• Mail Scanning process
• Anti Virus Engine process
• Message queue status
• System Load
• Security Updates

You can add your own NRPE monitoring points by placing a .cfg file in /etc/nrpe.d then reload the nrpe service to activate the monitoring points.

Backups

This release introduces a backup management system built on backupninja. It configures backupninja to backup the database, system configurations as well as the mail quarantine.

You can setup your own offsite backups by placing a file in the /etc/backups.d directory. The supported remote backup formats are:

• Rsync
• Rdiff
• Duplicity
• Wget