OpenEFA is coming back — and I owe you an explanation
Posted: Mon Apr 20, 2026 3:59 am
It's been a while, and some of you were here when OpenEFA first went out as an open-source project. You deserve a straight answer about where
things have been.
When I first released OpenEFA, I was trying to do two things at once: ship all the code to the open-source world, and build a hosted business on
top of it. I couldn't make that math work. If everything were public, I couldn't see a sustainable path for a commercial side — competitors
could take the whole stack, and I couldn't point at anything specific I could offer. So I pulled the repo private and told myself I'd come back
when I had a model that worked.
That took longer than it should have, and I stopped communicating along the way. For folks who'd already deployed the code, filed issues, or
were willing to help build — you deserved a signal, and I didn't send one. That's on me.
Here's where I landed:
OpenEFA is coming back open — under a new name, OpenEFA-CN (Community Node). The code is being rebuilt from the ground up around a shared
threat-intelligence commons, where every node that runs contributes and every node benefits. It's a different architecture from the OpenEFA you
remember, and I think it's a better answer to "how does an open-source email filter compete in 2026?".
More concrete announcements coming over the next few weeks. For anyone who wants to be part of the rebuild — especially those of you who were
around the first time — reply here or DM me. I should have told you sooner. I'm telling you now.
— Scott
things have been.
When I first released OpenEFA, I was trying to do two things at once: ship all the code to the open-source world, and build a hosted business on
top of it. I couldn't make that math work. If everything were public, I couldn't see a sustainable path for a commercial side — competitors
could take the whole stack, and I couldn't point at anything specific I could offer. So I pulled the repo private and told myself I'd come back
when I had a model that worked.
That took longer than it should have, and I stopped communicating along the way. For folks who'd already deployed the code, filed issues, or
were willing to help build — you deserved a signal, and I didn't send one. That's on me.
Here's where I landed:
OpenEFA is coming back open — under a new name, OpenEFA-CN (Community Node). The code is being rebuilt from the ground up around a shared
threat-intelligence commons, where every node that runs contributes and every node benefits. It's a different architecture from the OpenEFA you
remember, and I think it's a better answer to "how does an open-source email filter compete in 2026?".
More concrete announcements coming over the next few weeks. For anyone who wants to be part of the rebuild — especially those of you who were
around the first time — reply here or DM me. I should have told you sooner. I'm telling you now.
— Scott