Major OpenEFA Updates: Quarantine System & Antivirus Integration

We're excited to announce two major feature additions to OpenEFA that bring us even closer to complete feature parity with traditional email security appliances like MailGuard and EFA.

🔒 Email Quarantine System

OpenEFA now includes a complete email quarantine management system, giving administrators and users full control over suspicious emails before they reach inboxes.

Key Features

Database Architecture

The quarantine system uses a robust database design with four dedicated tables:

• email_quarantine - Stores full email content and metadata
• quarantine_actions_log - Audit trail of all user actions
• quarantine_statistics - Performance metrics and trends
• quarantine_config - Retention and policy settings

🦠 ClamAV Antivirus Integration

OpenEFA now includes complete antivirus scanning powered by ClamAV, the industry-standard open-source antivirus engine.

What This Means

Performance

Integration Details

The antivirus scanner module integrates seamlessly with the existing email processing pipeline:

1. Email arrives at OpenEFA
2. SpaCy AI analysis (spam, phishing, BEC detection)
3. ClamAV scans all attachments
4. Combined score sent to SpamAssassin
5. Email delivered or quarantined

🔐 Additional Improvements

Admin-Only Blocking Rules

Blocking rules are now restricted to administrators only, preventing accidental blocks by domain users.

• Client Users: View-only access with "View Only" badges
• Admin Users: Full control - add, delete, toggle rules across all domains
• Statistics showing blocked email counts (last 30 days)

Enhanced Password Reset

Password reset messages in SpacyWeb now include:

• Copy-to-clipboard button for instant password copying
• Extended 30-second visibility (vs 5 seconds for regular messages)
• Fallback clipboard support for HTTP and older browsers

Production Data Sanitization

The installer has been completely sanitized for public distribution:

• Removed hardcoded production domain lists (15+ domains)
• Removed test user quick-fill buttons
• Made all configurations dynamic from database
• Genericized regex patterns for any domain

📊 Feature Parity Progress

With these updates, OpenEFA now has ~95% feature parity with traditional Email Filter Appliances (EFA/MailGuard).

🚀 Deployment

Fresh Installation

System Requirements:

• Ubuntu 24.04 LTS or 22.04 LTS
• 2+ GB RAM (4GB recommended with ClamAV)
• 20+ GB disk space
• Root access

Updating Existing Installations

The update script automatically handles database migrations and service restarts:

📈 Performance Impact

Production Metrics

Based on live deployments processing thousands of emails daily:

• Spam detection: 95%+ accuracy
• False positives: < 0.1%
• Quarantine usage: ~2-5% of total email volume
• Virus detection: 100% EICAR test pass rate

🐛 Bug Fixes in v1.1.0

• Fixed Postfix configuration chmod error during installation
• Fixed admin users not receiving access to all configured domains
• Added iputils-ping for Ubuntu Server minimal installations
• Fixed quarantine permission checks to use recipient domains
• Fixed duplicate flash message display in SpacyWeb

🎯 What's Next

v1.2.0 Roadmap (Q4 2025)

• Email digest notifications (daily/weekly quarantine summaries)
• Enhanced analytics dashboard
• PDF/attachment content analysis improvements
• Let's Encrypt SSL automation
• Multi-server clustering support

v1.3.0 Vision (Q1 2026)

• Active-Active high availability
• Shared database clustering (Galera)
• Geographic distribution support
• Advanced threat intelligence feeds

🙏 Community

OpenEFA is open source (GPL-3.0) and community-driven. We welcome:

Special thanks to all early adopters who provided feedback on the quarantine interface and helped test the ClamAV integration!