Linux-first server deployment • Tested on Ubuntu 24.04 + Exim + Dovecot • Trust control before inbox

Protect the organization before risky email becomes a human mistake.

For corporate and government rollouts, SIP Shield provides a Linux-first server package path that runs on the client’s own infrastructure. The reference flow already works on Ubuntu 24.04 with Webuzo, Exim, and Dovecot: discover local mailboxes, confirm the protected set, then keep spoofing, phishing, scams, impersonation attempts, and uncertain messages outside the trusted inbox path until they are reviewed.

Corporate / Government Discuss Server Rollout

Linux firstThe first working package path targets self-hosted Linux mail platforms before expanding to Windows Server and cloud variants.

Mailbox discoveryWhere supported, the server app can scan the local mail platform so IT does not have to type every mailbox or prepare CSV files first.

PrivateMailbox credentials and message content stay on the client’s infrastructure instead of being handed to our VPS.

Explainable reviewHeld messages can trigger a one-time user review link, so uncertain mail stays out of the inbox until the user sees why it was held and chooses release or delete.

Monthly Customer-ID reportsEnterprise flagged-email activity can be summarized monthly for the customer account email, with CSV exports in the portal.

What the server app will do.

The server deployment is designed to stay practical for IT while acting as a trust-control layer for end users.

Discover mailboxes

Scan the local mail environment and present mailbox candidates for confirmation before activation.

Control trust before inbox

Check inbound mail upstream for phishing, spoofing, fraud indicators, and unsafe attachments before people treat it as routine mail.

Quarantine uncertainty

When the system is not confident enough to deliver or reject, keep the message out of the inbox and quarantine it instead.

Explainable review links

Notify the intended user and offer a one-time-use review page that explains why the message was held instead of forcing that user into a full admin dashboard.

Monthly reporting for management and IT.

Enterprise and government customers can now keep a monthly report trail of flagged messages tied to the Customer ID email only, so the organization has one central audit copy with CSV export instead of sending summaries to every mailbox user.

Monthly totals

See how many messages were flagged, how many mailboxes were affected, and what sender or category patterns repeated during the month.

Detailed rows

When the Linux agent posts message-level events, the portal can show the actual flagged rows for the month instead of only aggregate counters.

CSV download

The monthly report page can export the same data as CSV for internal filing, procurement, compliance, or audit handoff.

Customer-ID delivery

The scheduled report goes only to the customer account email on file, keeping reporting centralized at the organization level.

What is already proven on the Linux reference path.

The current server release is no longer just a concept page. The reference Linux flow has already been exercised end to end on a live Ubuntu VPS.

Mailbox discovery

The Linux agent can discover local mailboxes from the active mail environment and report them back to the customer portal for confirmation.

Pre-inbox interception

Inbound mail is routed through SIP Shield before normal mailbox delivery, so suspicious messages can be held upstream.

Quarantine notice

If a message is held, the intended recipient receives a separate notice instead of the risky message itself.

One-time review

The recipient can open a one-time review link, inspect the held message summary, and choose release or delete.

What stays simple for the client.

The rollout should not force the customer to hand over mailbox passwords to us or maintain a complicated control plane.

Client ID and password

The organization can still use a normal SIP Shield portal login instead of learning a separate admin system.

Confirm the mailbox list

If more mailboxes are discovered than licensed, the IT team can remove extras and proceed with the approved set.

Roll out by count

Licensing is based on protected mailbox count, not on how many administrators or devices happen to view the portal.

Keep privacy local

Mailbox credentials and mail content remain on the organization’s server wherever possible.

Compatibility profiles instead of separate Linux packages.

SIP Shield keeps one main Linux package and adapts deployment using compatibility profiles, so the product stays simple while still recognizing different Linux families and mail environments.

Supported

Ubuntu and Debian are the strongest starting point and the clearest documented rollout path.

Compatible

AlmaLinux, Rocky, and other RHEL-family systems can use the same package with light environment adjustments.

Profile written locally

The installer writes an install profile showing distro family, package manager, service manager, control panel markers, and mail stack markers.

One bundle

There is no need to maintain separate customer products for Ubuntu, Debian, AlmaLinux, or Rocky if the compatibility profile is clear.

Environment roadmap.

The rollout starts with Linux because that is the cleanest first environment for self-hosted mail protection.

Linux

First target for self-hosted mail environments and the current tested reference path on Ubuntu 24.04 with Exim + Dovecot.

Windows Server

Planned option for organizations standardized on Microsoft server infrastructure.

AWS / Azure / cloud VMs

Future path for private cloud deployments where SIP Shield can still run before staff inbox delivery, using the same licensing and mailbox-confirmation model.

Hybrid

Use server-side protection for the organization while preserving desktop tools where they still make sense.