The Austrian company Proxmox has developed the spam filter "Mail Gateway" as open source under the GNU AGPL v3 license. This means that the spam filter can be used free of charge. I've been looking for a SPAM filter for test environments for a while now, so I'm taking a closer look at the Proxmox solution.
Here is an overview of the functions:
Proxmox Mail Gateway Datasheet (PDF)
The community license costs 99 EUR per year, but you can also use the appliance without a subscription, but then you have to wait for support and "tested updates":
Proxmox Proxmox Mail Gateway is open-source software distributed under the GNU Afero GPL, v3 and
you have the freedom to download, use and modify the software for private or business use. So yes, you
can use Proxmox products without a subscription. Just be aware that if you choose to run Proxmox Mail
Gateway without the Enterprise Repository, you may have packages that are not always heavily tested and
validated.
Proxmox does not recommend using the no-subscription repository on a production server.Source: Subscription Agreement
I can live with this limitation quite well in my private life. I have therefore downloaded it and will test it. The installation has already run smoothly in my test environment. The environment looks slightly different to how Proxmox imagines the environment:
The mail gateway is not located in my intranet, but in a DMZ. Referring to the picture above, there is another firewall instance between the mail gateway and the mail server (Exchange Server 2016, of course).
So much for the environment, the installation ran smoothly on Hyper-V in the test environment, here are a few screenshots of the installation:
After installation, I was also able to access the gateway directly via the browser:
I had a look around, the WebGUI looks quite tidy at first glance. I actually wanted to replace the certificate directly (I hate certificate error messages), but this is not possible via the WebGUI. However, a quick look at the documentation provides the necessary shell commands. So far, the first impression is quite positive.
However, the limits here are also recognizable at first glance: it is a classic SPAM filter, AntiSPAM, virus scan, RBL, SPF etc. - in other words, classic filtering techniques. Just the classic filter techniques. Other solutions on the market go much further: data loss prevention, sandboxing, sanitization, encryption/decryption, content conversion, etc. Although there are also open source solutions for this, they are not united under one roof, so here you have to "do it yourself" or buy the corresponding ready-made solutions (although they usually cost "a little" more).
However, I'm going to start with the configuration and will carry out a few tests over the next few days, after which there will be a corresponding article.