OpenEFA Installer Script: Simplified Deployment Coming Soon

Posted on OpenEFA.com | October 9, 2025 | By the OpenEFA Team

📢 Coming Soon!

The OpenEFA installer script is currently in development and will be available soon. This post previews what's coming in the first release.

We're excited to share our progress on the OpenEFA installer script! When released, getting enterprise-grade email security will be as simple as running a single command.

From Complex to Simple

Historically, deploying advanced email filtering solutions required extensive Linux expertise, manual configuration of multiple services, and hours of troubleshooting. With OpenEFA's upcoming installer script, you'll be able to go from a fresh Ubuntu server to a fully functional email security appliance in minutes.

# Coming soon!
curl -sSL https://install.openefa.com/install.sh | sudo bash

That's the goal: One command. Full installation. Production-ready.

What Gets Installed?

The installer handles the complete OpenEFA stack from scratch:

Core Email Infrastructure

  • Postfix – Mail Transfer Agent configured for OpenSpacy integration
  • MariaDB – Database with complete schema and initial configuration
  • Redis – High-performance queue management

OpenSpacy AI Engine

  • Python Environment – Isolated virtual environment with all dependencies
  • Tiered Module Selection – Choose your protection level during installation:
    • Tier 1 (Core): Authentication, basic spam scoring, RBL checking
    • Tier 2 (Standard): BEC detection, typosquatting, DNS reputation, obfuscation detection
    • Tier 3 (Advanced): NLP models, PDF analysis, behavioral baselines (optional)
  • SpacyWeb Interface – Secure HTTPS web dashboard for management and monitoring
  • API Services – Three API endpoints for release tracking, whitelisting, and blocking

Production-Ready Services

  • Systemd Services – All components configured to start automatically
  • Log Rotation – Automatic log management to prevent disk fill
  • OpenSpacyMenu – Complete management toolset (23+ options)
  • SSL Certificates – Self-signed certificates for immediate HTTPS access

Interactive Installation

The installer uses a wizard-style approach to gather essential configuration details:

  1. Initial domain to protect (e.g., yourcompany.com)
  2. Database credentials (secure password generation)
  3. Admin account details for SpacyWeb (username, email, password)
  4. EFA/destination server IP (where to relay processed mail)
  5. Internal DNS resolver (for lookups and validation)

Smart defaults reduce complexity while maintaining security best practices – no default passwords, no guesswork.

Built for Ubuntu LTS

For the first release, we're focusing on Ubuntu 24.04 LTS (with support for 22.04 LTS) to ensure:

  • Predictable, well-tested installations
  • Consistent behavior across deployments
  • Simplified support and troubleshooting
  • Reduced maintenance burden for the initial release

Support for additional distributions will come in future versions based on community feedback.

Security by Design

Every aspect of the installer follows security best practices:

  • Unprivileged Service User: All OpenSpacy services run as the spacy-filter user with minimal permissions
  • Strict File Permissions: Configuration files are readable only by the service user (640)
  • HTTPS by Default: Self-signed certificates provide immediate encrypted access
  • No Default Credentials: Every password is set during installation
  • Network Isolation: Clear separation between internet-facing and internal services

Post-Installation Validation

After installation completes, the script offers optional validation testing:

  • Verify all services are running and healthy
  • Test database connectivity and schema integrity
  • Confirm Redis queue operations
  • Send a test email through the complete relay chain
  • Display SpacyWeb URL and login credentials

This ensures you have a working system before processing production email.

Safe Rollback & Uninstallation

Installation errors happen. That's why the installer includes:

  • Automatic Rollback: If installation fails, the system returns to its pre-install state
  • Detailed Logging: Every action is logged to /opt/spacyserver/logs/install.log
  • Clean Uninstaller: Complete removal script for testing or migration scenarios

Safe to run on production systems, easy to recover if something goes wrong.

Future-Proof Update Path

The installer is designed for the long term:

  • Detects Existing Installations: Offers upgrade mode for existing deployments
  • Automatic Backups: Preserves configurations and databases before upgrades
  • Database Migrations: Versioned schema updates for seamless upgrades
  • Package Manager Ready: Structured for eventual apt/yum repository packaging

When Available: Getting Started

When the installer is released, here's what you'll need:

Prerequisites

  • Fresh Ubuntu 24.04 LTS server (virtual or physical)
  • Root or sudo access
  • Internet connectivity for package downloads
  • IP address of your existing mail server (relay destination)

Installation Steps (Coming Soon)

  1. Run the installer:
    # Available soon!
    curl -sSL https://install.openefa.com/install.sh | sudo bash
  2. Answer the interactive prompts (domain, passwords, IPs)
  3. Choose your module tier (Tier 1+2 recommended for first deployment)
  4. Wait for installation (typically 5-10 minutes)
  5. Run validation tests when prompted (recommended)
  6. Access SpacyWeb at the provided URL

Network Architecture

OpenEFA is designed as a front-end relay that sits in front of your existing email infrastructure:

Internet → OpenEFA/SpaCy → Existing EFA/Mail Server → Mailboxes

All AI-powered filtering happens at the OpenEFA layer before mail reaches your existing systems.

Complete Documentation

For detailed information about the installer design and requirements, see our complete documentation:

Full Technical Details: Installer Requirements & Design Decisions

Join the Discussion

Excited about the installer? Have questions or feedback? Want to be notified when it's released? Join the conversation on our community forum:

Community Forum: forum.openefa.com

We'll announce the installer release on the forum as soon as it's ready for testing!

What's Next?

The installer script is just the beginning. We're already working on:

  • Automated Testing Suite: Continuous integration for installer reliability
  • Multi-Distribution Support: Debian, CentOS, and RHEL variants
  • Configuration Migration Tools: Import settings from existing EFA deployments
  • High Availability Options: Clustered deployments and load balancing
  • Package Repository: apt/yum packages for even easier updates

Open Source All the Way

Like everything in OpenEFA, the installer script will be fully open source under the GPL license. When released, you'll be able to:

  • Review the code before running it
  • Modify it for your specific needs
  • Contribute improvements back to the community
  • Learn from the implementation

The installer source code will be published on GitHub soon.

Thank You

This installer represents months of planning and community feedback. Special thanks to everyone who contributed ideas and helped shape the requirements.

OpenEFA exists because of our community. Together, we're making enterprise-grade email security accessible to everyone.

Want to be notified when the installer is ready? Join the discussion on our forum!

About OpenEFA

OpenEFA is the open-source successor to the EFA (Email Filter Appliance) project. Powered by advanced AI filtering through OpenSpacy modules, OpenEFA provides transparent, community-driven email security without proprietary lock-in or enterprise pricing.

Resources

← Back to Blog Index