I have reviewed Declude Reboot and consider it a pretty solid product. I am not sure why they still call it a Beta test. I fear that some change to Windows will break the old Declude and I will be suddenly be high and dry because of being dependent on unsupported code. But at the same time, the existing Declude is working so well that the fear and effort required to change has been higher than my fear of staying put.
At the time of my initial testing, I was disappointed by the lack of documentation. I wrote up what I learned and sent it to MailsBestFriend for validation. If they do not distribute my document, or a variant, with their kits, I am happy to share my notes with anyone who sends a private message with their email address.
Some notes for the benefit of anyone curious:
The product now has two services: a workflow manager (DR) and the re-written DecludeProc service. The workflow manager routes messages through configured services, which include an RBL checker (now separated from the Declude service), the Declude rules engine, and the MessageFilter content evaluator. The architecture seems to allow new products to be integrated with minimal effort, but I have not pursued that idea. I don't use MessageFilter so I just removed the workflow configuration for that service.
Declude Reboot runs under SmarterMail and PostFix. My testing has used only SmarterMail on Windows. I think Reboot with PostFix is an intriguing idea. I have read enough PostFix documentation to understand that it is a powerful product with a lot of available plug-ins, but PostFix is also intimidating for the newcomer. Last time I asked, Declude Reboot was not configurable as a "milter". That means both PostFix and SmarterMail versions run after the SMTP session is closed. For PostFix, that limitation seems fixable with a little programming effort, while no solution is likely for Reboot on SmarterMail. At one point, I was annoyed that SmarterMail could not invoke Declude during the SMTP session, but in recent years I have decided that I don't want to return any information to senders, most of whom are malicious, so unwanted messages always get silent discard. It no longer matters to me when the process runs, but it might be important others.
The Declude Reboot configuration files and log files use XML. That makes transitioning from old Declude a little bit intimidating and makes the product feel a little bit more fragile. MailsBestFriend intends to address my fear of XML with a configuration tool. A sufficient step would be for someone to create a namespace schema and provide instructions for running an XML validator to ensure that tags are balanced correctly. That way, you would not need to worry about a minor change breaking the system because of a misplaced or missing XML tag,
For XML parsing, I use the features in SQL Server to convert test files in XML format into SQL tables. The feature is pretty easy to learn, and I could provide some examples if anyone has trouble getting started. The bulk insert features of SQL Server are shockingly fast, whether the source is XML or flat text. I am simply not familiar with options for parsing into other databases, but I assume they exist.
Because log files are XML based, reviewing a log file requires a couple of extra steps: (1) make a copy of the file and append a closing tag, (2) parse the XML into a structured format such as a SQL database, (3) query the structured data for desired information. Using XML opens opportunities for intelligent agents to evaluate the data, but someone would need to build those.
Declude Reboot has a Scoreboard feature which logs real-time statistics, but those statistics only go to an XML log file. That capability only seems useful if the data is sent to a real-time event processor, so I turned it off to avoid clutter in the log files.
I cannot express how much I have benefitted from having a customizable rules engine as part of my defenses. I still use a commercial appliance for content filtering, but I wish I could get by without it. The commercial product does not permit SQL queries, and therefore its results cannot be synchronized with my Declude processing results.