Skip to content

Key Features

Mailborder V6 provides comprehensive email security through an extensive feature set designed for enterprise deployments.

Email Security Features

Multi-Engine Spam Detection

Mailborder combines multiple spam detection technologies for maximum accuracy:

Rspamd Integration - Advanced statistical analysis - Machine learning classification - Bayesian filtering with automatic training - Neural network scoring - Reputation-based filtering - Greylisting support

Content Analysis - Header analysis and anomaly detection - MIME structure validation - HTML and JavaScript analysis - URL reputation checking - Attachment type restrictions - Character set detection

Real-Time Blacklists (RBLs) - Query multiple public and private RBLs - Configurable score weighting - Custom RBL support - DNS-based blocklists for IPs and domains

Scoring System - Aggregate scores from all detection methods - Configurable thresholds (pass, quarantine, reject) - Per-user and per-domain score adjustments - Detailed score breakdowns in logs

Virus and Malware Protection

ClamAV Integration - Real-time virus signature updates - Millions of known threat signatures - Heuristic detection for unknown threats - Archive scanning (ZIP, RAR, 7z, etc.) - Document macro scanning - Executable analysis

Malware Detection - Phishing URL detection - Malicious attachment blocking - Encrypted archive handling - Password-protected archive policies - Suspicious pattern detection

File Type Filtering - Block dangerous extensions (.exe, .scr, .bat, etc.) - Whitelist approved file types - MIME type validation - Filename obfuscation detection

Sender Authentication

SPF (Sender Policy Framework) - Validate sender IP authorization - Configurable pass/fail actions - SoftFail handling options - None/Neutral policy support

DKIM (DomainKeys Identified Mail) - Cryptographic signature verification - Multiple key support - Subdomain handling - Signature failure actions

DMARC (Domain-based Message Authentication) - Policy enforcement (none, quarantine, reject) - Alignment checking (SPF and DKIM) - Aggregate report generation - Forensic report support - Subdomain policy inheritance

GeoIP Filtering

  • Block or allow email by sender country
  • City-level granularity (where available)
  • Automatically updated GeoIP database
  • Whitelist exceptions for trusted senders
  • Detailed geo-location in logs

Content Filtering

Subject and Body Analysis - Keyword blocking and scoring - Regular expression support - Multi-language content detection - Encoding manipulation detection

Header Filtering - Custom header rules - Missing header detection - Forged header identification - Received header analysis

Attachment Policies - Size limits - Count limits - Type restrictions - Filename pattern blocking - Nested archive handling

Policy Management

Flexible Policy Engine

Rule-Based Processing - Define custom filtering rules - Combine multiple conditions (AND/OR logic) - Action options: pass, quarantine, reject, tag, modify - Priority-based rule ordering - Per-rule logging and statistics

Policy Scope - Global policies (all email) - Domain-specific policies - User-specific policies - Group-based policies - Time-based policies

Whitelist/Blacklist Management - Sender email addresses - Sender domains - IP addresses and CIDR ranges - Regular expression patterns - Import/export lists

Quarantine Management

Quarantine Features - Web-based quarantine viewer - User self-service quarantine access - Administrator release/delete controls - Bulk operations - Quarantine aging and auto-deletion - Search and filter capabilities

Notification System - Daily quarantine summary emails - Per-message notifications - Configurable digest schedules - Custom email templates - Multi-language support

Administration Features

Web-Based Interface

Modern UI - Responsive design (desktop, tablet, mobile) - Dark mode support - Real-time dashboard - AJAX-driven for speed - Browser-based, no client software needed

Dashboard - Live statistics (messages processed, spam blocked, viruses caught) - System health indicators - Service status monitoring - Recent activity log - Performance graphs

User Management - Create administrator accounts - Role-based permissions - Password policies - Account enable/disable - Session management - Login history and audit logs

Authentication and Security

Multi-Factor Authentication - TOTP (Time-based One-Time Password) - Compatible with Google Authenticator, Authy, 1Password - Per-user 2FA enforcement - Backup codes for account recovery - QR code enrollment

Passkey/WebAuthn Support - Passwordless authentication - Hardware security key support (YubiKey, etc.) - Biometric authentication (Touch ID, Face ID, Windows Hello) - Phishing-resistant authentication - Multiple passkeys per user

Session Security - Session fingerprinting (IP + User-Agent) - Automatic timeout - "Remember this device" with secure cookies - CSRF protection on all forms - HttpOnly and Secure cookie flags

Multi-Language Support

  • 56 language translations
  • Automatic browser language detection
  • Per-user language preferences
  • Admin interface fully translated
  • User-facing emails localized
  • Easy translation updates

Logging and Reporting

Comprehensive Logging - All email transactions logged - Policy decisions recorded - Authentication events tracked - System events captured - Structured log format for parsing

Log Search and Analysis - Web-based log viewer - Full-text search - Filter by date, sender, recipient, action - Export to CSV - Real-time tail mode

Reporting - Email volume statistics - Spam/virus detection rates - Top senders and recipients - Policy enforcement summaries - System performance metrics - Scheduled report generation

System Features

Service Architecture

Modular Design - Independent, specialized daemons - Unix socket communication - Process isolation for security - Graceful degradation - Hot reload of configurations

Service Management - SystemD integration - Automatic service restart on failure - Resource limits (CPU, memory, I/O) - Service dependencies - Health monitoring

Guardian Watchdog - Monitors all Mailborder services - Automatic restart of failed services - Performance monitoring - Resource usage tracking - Alert generation

Performance and Scalability

High Performance - Multi-process architecture - Parallel email scanning - In-memory caching (Redis) - Connection pooling - Optimized database queries

Scalability - Single server: 10,000+ mailboxes - Cluster mode for larger deployments - Horizontal scaling by adding nodes - Load balancing across cluster - Shared configuration and data

Resource Management - Per-service memory limits - CPU throttling for background tasks - I/O priority for critical services - Disk space monitoring - Queue size limits

Database and Storage

MariaDB Backend - Robust relational database - ACID compliance - Replication support for HA - Automatic schema updates - Regular maintenance automation

Redis Caching - In-memory data structure store - Language file caching - User metadata caching - Session storage - Pub/Sub for clustering

Efficient Storage - Compressed quarantine storage - Log rotation and compression - Database cleanup automation - Configurable retention periods

Update and Maintenance

Automatic Updates - Signature updates (spam, virus) - GeoIP database updates - Software package updates (opt-in) - Zero-downtime update process

Maintenance Tasks - Scheduled database optimization - Log rotation and cleanup - Quarantine aging - Temporary file cleanup - Performance monitoring

Backup and Restore - Configuration backup - Database backup - Automated backup scheduling - Restore procedures - Disaster recovery support

Integration Features

API Access

RESTful API - Programmatic configuration management - User provisioning - Policy creation and updates - Quarantine operations - Statistics and reporting - Webhook support

Authentication - API key authentication - Per-key permissions - Rate limiting - Audit logging

Directory Integration

LDAP/Active Directory - User authentication sync - Group membership mapping - Automatic user provisioning - Password policy enforcement - SSL/TLS connection support

Mail Server Integration

Postfix Integration - Milter protocol support - Policy delegation - Header modification - Content filtering - Transparent to users

Universal Compatibility - Works with any RFC-compliant mail server - Exchange, Zimbra, Postfix/Dovecot - Cloud email services (Office 365, Google Workspace) - Split-delivery configurations - MX record or smart host deployment

Advanced Features

Clustering

  • Master/child node architecture
  • Centralized management
  • Distributed scanning
  • Load balancing
  • Failover support

Custom Policies

  • Lua scripting engine
  • Custom policy modules
  • Extended pattern matching
  • External data source integration
  • Complex decision logic

High Availability

  • Active/passive failover
  • Shared storage
  • Database replication
  • Configuration synchronization
  • Virtual IP management

Security Hardening

  • SELinux/AppArmor policies
  • Encrypted code execution
  • Privilege separation
  • Minimal attack surface
  • Regular security audits

Compliance Features

Audit Trail

  • Comprehensive logging of all actions
  • Administrator activity tracking
  • Policy change history
  • User access logs
  • Immutable log storage options

Data Protection

  • Email encryption in transit (TLS)
  • Database encryption at rest (opt-in)
  • Secure deletion of quarantine
  • GDPR compliance tools
  • Data retention controls

Reporting for Compliance

  • Standard compliance report templates
  • Custom report builder
  • Scheduled delivery
  • Export to PDF, CSV, HTML
  • Long-term report archiving

What Makes Mailborder Different

Nuclear-Facility-Level Security

Unlike typical email security products, Mailborder's core code is encrypted and runs in-memory only. This prevents:

  • Reverse engineering of proprietary algorithms
  • Unauthorized modification of security logic
  • Accidental disclosure in backups
  • Tampering by malicious actors

Defense in Depth

Multiple layers of security work together:

  • Process isolation prevents compromise from spreading
  • Unix sockets eliminate network attack surface
  • SystemD hardening restricts process capabilities
  • Fork-per-request architecture limits persistent state
  • Memory and resource limits prevent DoS

Battle-Tested Components

Mailborder builds on proven open-source foundations:

  • Postfix - The most deployed MTA in the world
  • Rspamd - Advanced spam filter with machine learning
  • ClamAV - Industry-standard open-source antivirus
  • MariaDB - Enterprise-grade database
  • Redis - High-performance caching

These components are hardened, optimized, and integrated into a cohesive security platform.

Next Steps