After some fumbling around with the quarantine manager (user-portal) i figured out that there is a way to get e EXE file which is blocked (in Mailsec. - SMTP - Antivirus - Blocked file ext.) saved as an .eml-file. That's not nice because it overrides our security-policy. No user, except an administrator should be allowed to save/export/release a blocked file when it matches as an executable.

Add the ability to have individual hostnames for the SMTP proxy if you have multiple external links. This would be for links to multiple ISP's with different MX records for each links for failover purposes for example.

We need a solution to download an Public-Postmaster-Key.
Only one PGP-Public-Key for the complete Company.

The Phising Filter in the mail security already filters URL's in mail for known phising servers. Please also add the possibility to filter more URL categories - at least "Malicious Sites" and "Spyware/Adware". Or the nonplusultra feature would be, if we could filter mails against any of the Smartfilter XL categories (as P2P and others).

The rising number of mails linked to malicious sites will make this feature very desireable.

==> http://www.searchsecurity.de/themenbereiche/bedrohungen/phishing-und-spam/articles/258639/?nl=1&cmp=newsletterapplikationssicherheit13-04-2010

We often have a situation, that our customers send us mails with BMS-files attached instead of using PNG or GIF.
I want to have an option, that I can define, which attachments can be converted from BMP to PNG or GIF. Maybe this can be combined with a ruleset so that I also can define, that a LOG or TXT-Attachment can be zipped, if it is greater than a limited file size.
This feature will save a lot of space on our mail-server and also on our POP3-clients.

I would appreciate it to have the ability to manipulate E-Mails like rewriting envelope senders/recipients, some functions to set conditions and the corresponding actions, something like a granular DLP on the gateway itself.

It would be nice to have a "test function" for Expression Filter. The admin should enter the expression and the body of message. Clicking on a "test" button, Astaro should check if the expression matches or not.

Using a special marker mail should be disallowed if encryption/signature are not possible.
This should result in an NDR - "mail not send - encryption not possible"

Some isp's offer multidrop pop3 accounts. Basically one acount downloads all the messages from the pop3 server

Current SMTP database log only allows 30 days retention. Many organizations will have a one-year retention policy.

To prevent Intellectual Property Data-Loss, it would be much better,
if there are 2 separate Filter Lists - one for Incoming and one for Outgoing Extension Blocking.
Via Extension Blocking we want to prevent, that e.g. DWG-File Attachments are sent to customers by the Engineering department without approval.
After approval, the secretary should be able to release the outgoing blocked Mail.

Currently Email Relay checks for allowed users and Host based, in both cases the user name or IP address can be spoofed or hijacked by a spambot, it would be great to have more granular checks such as that the user allowed to relay should send with the same account and as well limit maximum number of emails per sender.

Currently if a user is enabled for mail encryption and there is an existing certificate it will be used - there's no check if it's still valid (date).

PLEASE add a check that expired certificates are not longer used!

regards

It would be nice if it was possible to name an administrator for a domain and have the Mail Manager in Mail Security show quarantine and mail activity just to/from addresses in an individual domain

Admin should be able to add/manage POP3 account for prefetch. Login in to the enduser portal is cumbersome as password of all users must be obtained first.

The Quarantine Report should provide a 3rd option (besides release & whitelist), namely whitelist domain. This would trim the size of the user's whitelist considerably and cut down on false positives from the same domain.

It should be possible to constantly monitor the status of the SMTP host that gets the mails after they were filtered by the Astaro's SMTP proxy. Is it pingable, is port 25 open? If not, please let my Astaro send me an email over another relay so I get informed that there is a problem and can do something about it.

It would be nice if you through the web interface, can change how much time a mail should be stored in the firewall before it reaches the bounce.

So we have a server that went down on 29/12 but first came up again on 4 / 1, there are now some lost mails, because Astaro V7, only save the mails in 48 hours, and I can not find a way to change this?

This would save on Admin time.

You have an address like @domain.com with some mail server behind your Astaro.
The mail server have different primary domains, domainX.com, domainY.com ..
Mail routing via LDAP query of mail address.
Routing should be host based like:

User1@domain.de -> smtp:mail.domainX.com
User2@domain.de -> smtp:mail.domainY.com