OpenEFA Installer Design - Community Input Wanted (RFC)

[adrastosefa]

Hi OpenEFA Community,

Many of you know that the original EFA project has been discontinued, leaving a huge gap for
those of us who need robust, self-hosted email security. That's why we're building OpenEFA
- a modern, AI-powered email security platform that honors the EFA legacy while bringing
next-generation protection.

We Need Your Input

Before we write a single line of installer code, we want YOUR feedback on the design
decisions we've made. We've spent the last week carefully planning an automated installer
that will make OpenEFA deployment dead-simple, but we know the community has diverse needs
and use cases we might have missed.

This is your chance to shape the project before it's built.

---
Read the Full Announcement

We've published a complete announcement with our vision and design approach:

Main Announcement:
https://openefa.com/blog/installer-announcement.html

Technical Requirements Document:
https://openefa.com/docs/installer-requirements.html
(Deep dive into all 16 design questions and decisions)

---
Design Highlights

Here's what we're planning:

Installation Method

curl -sSL http://install.openefa.com/install.sh | sudo bash

Target Environment

- Primary: Ubuntu 24.04 LTS
- Supported: Ubuntu 22.04 LTS
- Assumption: Clean server/VM dedicated to OpenEFA

Module Tier System

Tier 1 - Core (Always installed):
- SPF/DKIM/DMARC Authentication
- Email Blocking (sender/domain/country)
- RBL Checking (Spamhaus, SpamCop, SORBS)

Tier 2 - Additional (User choice, recommended):
- BEC Detection
- Typosquatting Detection
- DNS Reputation
- Obfuscation Detection
- Marketing Filter
- Funding Spam Detection

Tier 3 - Advanced (Optional, ~500MB):
- NER (Named Entity Recognition with AI)
- Thread Awareness
- Conversation Learning
- Behavioral Baseline
- PDF Analyzer (TOAD/QR phishing)
- URL Reputation
- Compliance Module

Configuration Approach

- Interactive prompts (wizard-style)
- Smart defaults where possible
- Required inputs:
- Primary domain to protect
- Database password
- Admin credentials for web interface
- Relay/destination mail server IP
- DNS resolver IP

Network Architecture

Internet → OpenEFA (spam/phishing filter) → Your EFA/Exchange/Zimbra

Single relay host model (advanced multi-relay scenarios documented separately)

Key Features

- Full rollback on any failure
- Upgrade detection - same script handles fresh install AND upgrades
- Comprehensive logging - every action tracked
- Production ready - all services running after install
- Uninstaller included - clean removal if needed
- Self-signed SSL - HTTPS from day one (upgradable to Let's Encrypt)

---
Where We Need YOUR Feedback

Question 1: Deployment Environment

What's your target deployment platform?
- Bare metal server
- Virtual machine (VMware/Hyper-V/Proxmox/KVM)
- Cloud (AWS/Azure/GCP/DigitalOcean/Linode)
- Docker/containers (would you prefer this?)
- Other: ___________

Question 2: Current Email Security

What are you migrating from?
- Old EFA 3.x/4.x appliance
- Cloud email security (SilverSky, Proofpoint, Mimecast, etc.)
- No spam filter currently
- Built-in Exchange/Office 365 filtering only
- Other: ___________

Question 3: Scale & Scope

- How many domains will you protect? ___________
- Estimated daily email volume? ___________
- Mailbox count? ___________

Question 4: Technical Comfort Level

- Experienced Linux admin - comfortable with CLI
- Intermediate - can follow detailed instructions
- Beginner - prefer GUI/web-based setup
- Would pay for professional installation service

Question 5: Operating System Preference

Is Ubuntu 24.04/22.04 acceptable, or do you need:
- Ubuntu is perfect
- Debian support needed
- RHEL/Rocky/Alma Linux needed
- Docker containers (OS-agnostic)
- Other: ___________

Question 6: Database Preference

- MariaDB is fine (our default)
- Must have PostgreSQL option
- Don't care as long as it works

Question 7: Module Tier Feedback

Does the 3-tier system make sense?
- Yes, perfect - lets me choose my level
- Confusing - just install everything
- Need more granular control (pick individual modules)
- Other feedback: ___________

Question 8: Most Important Feature

Rank these from 1 (most important) to 6 (least important):
- Easy installation (one command, done)
- AI-powered spam/phishing detection
- Multi-tenant/multi-domain management
- Migration tools from existing systems
- Self-service web interface
- Professional support option

Question 9: Deal Breakers

What would prevent you from using OpenEFA?
- Missing feature: ___________
- OS compatibility: ___________
- Complexity: ___________
- Other: ___________

Question 10: Migration Priority

If migrating from existing EFA, what's most critical?
- Import allow/block lists
- Preserve quarantine
- Zero downtime migration
- Training/documentation
- Other: ___________

---
Timeline

- Now - Oct 15: Community feedback period (THIS IS YOUR WINDOW!)
- Oct 16: Design finalization based on feedback
- Oct 17-20: Installer development & testing
- Oct 21: Beta release to early adopters
- Nov 1: v1.0.0 public release

---
How to Provide Feedback

Option 1: Reply to this thread with your answers to the questions above

Option 2: Create a detailed post with your specific use case/requirements

Option 3: Comment on the blog announcement:
https://openefa.com/blog/installer-announcement.html

All feedback will be reviewed and considered!

---
Discussion Points

Beyond the specific questions, we'd love to hear about:

- Your current pain points with email security
- Features from old EFA you can't live without
- Wish list items EFA never had
- Integration needs (ticketing systems, SIEM, etc.)
- Compliance requirements (HIPAA, PCI, etc.)
- Budget constraints (should we offer hosted option?)

---
Our Commitment to You

1. We will read and consider EVERY comment
2. We will respond publicly to all feedback (even if we can't implement it in v1.0)
3. We will publish a decision summary before we start coding
4. We will credit contributors in release notes
5. We will deliver on our timeline (or communicate delays transparently)

This is a community-driven project. OpenEFA succeeds only if it serves YOUR needs.

---
What's Already Built

For those wondering about project maturity, we already have:

Core Engine (Production):
- AI-based spam/phishing detection
- BEC (Business Email Compromise) detection
- Typosquatting detection
- PDF phishing analyzer (TOAD detection)
- RBL integration
- Conversation learning system
- Multi-tenant web dashboard
- REST APIs for integration
- Blocking rules management
- Whitelist management

What We're Building Now:
- Automated installer (this discussion!)
- Migration tools
- Documentation
- Community support infrastructure

OpenEFA is NOT vaporware - it's running in production protecting multiple domains RIGHT NOW.
We're just making it accessible to everyone.

---
Resources

- Website: https://openefa.com
- Forum: https://forum.openefa.com (you are here!)
- Blog Announcement: https://openefa.com/blog/installer-announcement.html
- Technical Details: https://openefa.com/docs/installer-requirements.html
- Source Code: Will be released with v1.0 under GPL license

---
About OpenEFA

OpenEFA is the spiritual successor to the EFA project. When efa-project.org was
discontinued, we realized the community needed a modern, actively-maintained solution. We've
built OpenEFA from the ground up with:

- AI/ML-powered detection (not just SpamAssassin rules)
- Active development (not abandoned)
- Modern architecture (Python 3, REST APIs, web dashboard)
- GPL open source (community-owned, not vendor-locked)
- Production-tested (running live since 2025)

We're committed to keeping email security accessible to everyone - from small businesses to
enterprises.

---
Thank You!

Thank you for being part of this community. The original EFA project served us well for over
a decade. Let's build something even better together.

Your input over the next week will shape OpenEFA for years to come. Please take 10 minutes
to share your thoughts.

Feedback deadline: October 15, 2025

Let's do this!

---
Read the full details:
https://openefa.com/blog/installer-announcement.html
https://openefa.com/docs/installer-requirements.html

---
P.S. - Early Adopter Opportunity

If you're willing to test the installer on a fresh Ubuntu VM when it's ready (~Oct 20),
please reply with "Count me in!" We'll need 5-10 beta testers to shake out bugs before the
public release.

Beta testers get:
- Early access
- Direct support during testing
- Name in credits
- Warm fuzzy feeling of helping the community

---
Comments welcome below!

[MauriceW67]

Count me in for testing!

My feedback:

Question 1: Deployment Environment

What's your target deployment platform?
- Virtual machine (Hyper-V)

Question 2: Current Email Security

What are you migrating from?
- EFA 5.x appliance

Question 3: Scale & Scope

- How many domains will you protect? 1
- Estimated daily email volume? 20-50
- Mailbox count? 5

Question 4: Technical Comfort Level

- Intermediate - can follow detailed instructions

Question 5: Operating System Preference

Is Ubuntu 24.04/22.04 acceptable, or do you need:
- Ubuntu is perfect

Question 6: Database Preference

- MariaDB is fine (our default)

Question 7: Module Tier Feedback

Does the 3-tier system make sense?
- Yes, perfect - lets me choose my level

Question 8: Most Important Feature

Rank these from 1 (most important) to 6 (least important):
1 Migration tools from existing systems
2 Easy installation (one command, done)
3 AI-powered spam/phishing detection
4 Self-service web interface
5 Professional support option
6 Multi-tenant/multi-domain management

Question 9: Deal Breakers

What would prevent you from using OpenEFA?
- Other: If it starts to cost money

Question 10: Migration Priority

If migrating from existing EFA, what's most critical?
- Preserve quarantine

[Woger]

First of all, count me in.

Question 1: Deployment Environment

What's your target deployment platform?
- Other: VPS

Question 2: Current Email Security

What are you migrating from?
- Old EFA /4.x appliance (latest)

Question 3: Scale & Scope

- How many domains will you protect? 150
- Estimated daily email volume? 4000
- Mailbox count? 300

Question 4: Technical Comfort Level

- Experienced Linux admin - comfortable with CLI

Question 5: Operating System Preference

Is Ubuntu 24.04/22.04 acceptable, or do you need:
- Ubuntu is perfect

Question 6: Database Preference

- MariaDB is fine (our default)

Question 7: Module Tier Feedback

Does the 3-tier system make sense?
- Yes, perfect - lets me choose my level

Question 8: Most Important Feature

Rank these from 1 (most important) to 6 (least important):
1- Multi-tenant/multi-domain management
2- Self-service web interface
3- Migration tools from existing systems
4- AI-powered spam/phishing detection
5- Easy installation (one command, done)
6- Professional support option

Question 9: Deal Breakers

What would prevent you from using OpenEFA?
- Other: Costs

Question 10: Migration Priority

If migrating from existing EFA, what's most critical?
- Other: preserve users

Let me know if you want more detailed explanation.

[mattch]

Thank you for picking EFA up!

1) environment
typically VMware / bare metal.

2) current setups
EFAv4 in front of on-prem exchange
and the occasional relay for copiers/devices

3) scale
A handful or so domains. Several instances.
Volume varies, at most couple thousand per day.
a couple mailboxes up to ~100.

4) tech level
I would like to think I'm an expert LOL. Intermediate to be real and humble abou tit.

5) Ubuntu
Heck yea Ubuntu 22/24 is acceptable and super stoked about. The cent/alma OS were getting absurdly large which is why I never got to mess with v5 very much.

5) DB
Maria. I think most have some experience with maria/mysql

7) Tiers
A little confusing but I see the direction.

8)
Easy install 4 (would be nice, but not important)
AI 3 (unsure/most likely yes)
Multi Tenant 3 (would be nice but not important)
Migration Tools 6 (not important)
web portal 1 (super important)
Pro support 6 (not important)

9) deal breakers. Cant think of any atm.

10) migration priority-
import white black list

User quarantine flow. As tech I love it but a little confusing for end user to see. Seeing message headers first, then scrolling to bottom and to the right to click the message link to view the message. Most users just release, inspect and then decide if it was legit. I notice users rarely report as spam because they dont know what the options mean or forget. Maybe an easy button SPAM/not SPAM. close by an easy whitelist button. On some, I removed the HTML message preview, maybe a option to turn that on and off. Some users seeing HTML they freeze like a deer in headlights

One feature Ive always thought about is geo-ip filtering. Allow/exclude certain countries. Currently use pfblockerng on firewall port, only allowing USA/CA/a few misc, cuts down a tremendous amount of spam (average 25-30% spam down to 5% for some). Then again that system had a long ass time to train on spam emails before we did country blocker..hm. One time a ms365 sender (usa based) had an email routed through Singapore to be blocked but quickly resolved it self.


PS - Count me in on beta.

[adrastosefa]

Thanks for the detailed feed back. We just launched version 0.9 and after reading your responses, I am sure you are going to happy. We are working on the final bits of documentation, posts in the forum and a few other things. We have been building OpenEFA for many months now, and will be bringing a great deal more to the community. That being said, I am personally so stoked at getting the first round up and running.

Stay tuned.

sb

[Carl Brunning]

1) Vmware then when to Proxmox
2) using 4 and 5 right now
3) as it about 6 domains daily about 100email, mailbox about 25
4) Experienced linux solaris, unix (freebsd) and windows lol
5) any linux is fine for me ubuntu I use a lot
7) yes
8) 1 Migration tools from existing systems
2 Easy installation (one command, done)
3 AI-powered spam/phishing detection
4 Self-service web interface
5 Professional support option
6 Multi-tenant/multi-domain management
9) there none that i can think
10) easy path and everything moved like allow./block list

my quick list lol

[ajmind]

my feedback:

Question 1: Deployment Environment

What's your target deployment platform?
- Virtual machine (XCP-NG)

Question 2: Current Email Security

What are you migrating from?
- EFA 5.x appliance in front of two exchange servers as gateway and relay.

Question 3: Scale & Scope

- How many domains will you protect? 2-5
- Estimated daily email volume? av. 500 good ones
- Mailbox count? 100

Question 4: Technical Comfort Level

- Experienced Linux admin - comfortable with CLI

Question 5: Operating System Preference

Is Ubuntu 24.04/22.04 acceptable, or do you need:
- Ubuntu is perfect

Question 6: Database Preference
- Don't care as long as it works

Question 7: Module Tier Feedback

Does the 3-tier system make sense?
- Yes, perfect - lets me choose my level

Question 8: Most Important Feature

Rank these from 1 (most important) to 6 (least important):
- Easy installation (one command, done) - 4
- AI-powered spam/phishing detection - 3
- Multi-tenant/multi-domain management -2
- Migration tools from existing systems 5
- Self-service web interface -1
- Professional support option -6

Question 9: Deal Breakers

What would prevent you from using OpenEFA?
Idk atm

Question 10: Migration Priority

If migrating from existing EFA, what's most critical?
- Preserve quarantine

[adrastosefa]

Thanks for the feedback. We have a version out now, and are currently working on the user web interface. It is coming along nicely. I see from most of the comments, we are going to need to migrate the quarantine. How many days of quarantine are you currently maintaining?

my feedback:

Question 1: Deployment Environment

What's your target deployment platform?
- Virtual machine (XCP-NG)

Question 2: Current Email Security

What are you migrating from?
- EFA 5.x appliance in front of two exchange servers as gateway and relay.

Question 3: Scale & Scope

- How many domains will you protect? 2-5
- Estimated daily email volume? av. 500 good ones
- Mailbox count? 100

Question 4: Technical Comfort Level

- Experienced Linux admin - comfortable with CLI

Question 5: Operating System Preference

Is Ubuntu 24.04/22.04 acceptable, or do you need:
- Ubuntu is perfect

Question 6: Database Preference
- Don't care as long as it works

Question 7: Module Tier Feedback

Does the 3-tier system make sense?
- Yes, perfect - lets me choose my level

Question 8: Most Important Feature

Rank these from 1 (most important) to 6 (least important):
- Easy installation (one command, done) - 4
- AI-powered spam/phishing detection - 3
- Multi-tenant/multi-domain management -2
- Migration tools from existing systems 5
- Self-service web interface -1
- Professional support option -6

Question 9: Deal Breakers

What would prevent you from using OpenEFA?
Idk atm

Question 10: Migration Priority

If migrating from existing EFA, what's most critical?
- Preserve quarantine

[MauriceW67]

Thanks for the feedback. We have a version out now, and are currently working on the user web interface. It is coming along nicely. I see from most of the comments, we are going to need to migrate the quarantine. How many days of quarantine are you currently maintaining?

You say you have a version out now, but when I run the curl command I get this:

bash: line 1: syntax error near unexpected token `newline'
bash: line 1: `<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">'

And when running it without bash to see the install.sh script it tells me 'forbidden':

<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>

[adrastosefa]

Checking now.