Product Review: GFI MailEssentials

Product: MailEssentials 2012

Product Homepage: http://www.gfi.com/exchange-server-antispam-antivirus

Free Trial: Click here

Introduction

Spam, in a word, sucks. We all know it, let’s be adult about it. We need to do whatever we can to keep it out of our environment. It wastes our user’s time if it makes it into their Inbox. Time is money. It carries with it malware or phishing scams or links to inappropriate sites and the list goes on. The question is what to do about it?

There are a variety of different solutions that range from an online hosted filtering system to keeping it in-house and going with Microsoft options or a third-party solution. GFI’s MailEssentials is actually offered as both, a hosted solution called MailEssentials Online™ (which has only a subset of the full products features) and a server-based solution called MailEssentials. If I had to sum up the product in one sentence it would be “why choose one protective solution, when you can have many?”

In keeping with that theme, MailEssentials attempts to eliminate spam and protect your network from viruses by providing multiple filtering engines (up to 5 antivirus options and a variety of different spam engines and filtering choices).

MailEssentials Features

Let’s take a look at a subset of the feature list:

VBSpam-Certified for Spam Protection: VBSpam is an independent verification test that has GFI ranking pretty high when comparing spam catch rate and false positive rate. One of the keys to its success is combining multiple anti-spam filtering engines and techniques (I counted 11 including engines and lists like SpamRazer, Bayesian analysis, Directory Harvesting, anti-phishing and more).

Spam Filtering Lists: Part of the anti-spam filtering features is a combination of lists. There is an email blocklist, an IP DNS blocklist, a URI DNS blocklist, a Greylist filter (which temporarily blocks email from unknown senders so they are neither black nor white, but “grey”) and a Whitelist. These all combine to provide solid protection against most (almost all) spam.

A Potential 5 Engine Anti-Virus Solution: New viruses are released all the time and signature updates are released by vendors for their engines at varying speeds. To better protect yourself you can utilize multiple engines to increase your chances of getting the latest signature defense. Out of the box MailEssentials offers protection through VIPRE anti-virus protection and BitDefender anti-virus (with a one year subscription included as part of the initial fee for the solution). However, with an additional license purchase you can utilize Kapersky, Norman and McAfee anti-virus solutions (shown in Figure 1). Note: The additional pricing is a one-year subscription that depends on the solution(s) chosen and the number of mailboxes. Each solution is unique and the combination offers a strong detection solution.

Figure 1: The Virus Scanning Engines screen in the GFI MailEssentials web-based UI.

User Interaction Options: MailEssentials allows users to see their quarantined spam so they can manually release emails that have been incorrectly labeled as such. Users can also see email listed as a “New Sender”, that is from someone that hasn’t emailed that user in the past.

Email Security Scanners: There are several interesting options available including the following:

• Trojan & Executable Scanner: Detects and scans through an unknown executable. It does this by disassembling the executable, determining what it will do if it runs, and then making a judgment on whether it is harmful and should be quarantined or passed through.
• Email Exploit Engine: Focuses on a list of 31 different typical email-based attacks like URL spoofing, Long Subjects, Popup Object exploits and so forth. It looks for suspicious items and those considered High Alert.
• HTML Sanitizer: Because attacks can come through scripts embedded in your email with HTML, the sanitizer checks for script code in the body of an email and disables it before passing it forward.  .

“Advanced” Content Filtering: Every solution has some form of content filtering so when I saw “advanced” this caught my attention. MailEssentials has the common keyword filtering, attachment filtering and an interesting decompression engine which can check within archives. The “advanced” content filtering has two default content policies for blocking credit card information and social security number content. You can create additional rules as well, but I thought these two options were great to see.

The web-based interface is easy to work with for administration and management, and also includes web-based reporting, which are easy to work with and customize. You can use it with virtualized environments. Personally I hate to leave out good features but I think it is pretty obvious that from an anti-spam/anti-virus point of view, MailEssentials has a solid solution here. You can see a full list and explanation of features here:  http://www.gfi.com/exchange-server-antispam-antivirus/mesfeatures.htm

Installation

The installation is long. I think I counted nearly 20 different screens from beginning to end (if you include the post-installation wizard). First off I reviewed the system requirements, which included firewall port settings that are certainly essential depending on where you plan on putting your monitoring solution. I looked over pre-installation actions that included help and guidelines for where you might install MailEssentials. For example, if you plan on installing it on a server running Exchange 2007/2010 you can install it on an Edge Transport, a Hub Transport, or a Hub Transport running with the Mailbox Roles (so that internal emails can be scanned too). It doesn’t seem to mind CAS or UM server roles being on the same boxes in multi-role deployments. You might want to install it on a non-Exchange box, like an email gateway or relay/perimeter server. That option included a lot more setup work so I just chose to install it right on my Hub/Mailbox server.

My first hiccup was not having the .NET Framework 4.0 installed. I thought ‘oh boy, this is off to a bad start’. I saw it in the requirements but tried to just push ahead and I had to take a step back and get .NET 4.0 installed. Now what was really nice about the installation is that this wasn’t the only piece of the puzzle for prerequisites that I had ignored. I was supposed to have ASP .NET 4.0 web extension allowed by the IIS server and a few other items. What was great about the install process is that, aside from the .NET Framework 4.0, all the other missing pieces were presented to me so that with the click of a button it would take care of it. I liked that.

The install is pretty straightforward. You agree to the license agreement, you include a license key, you agree to the website configuration options, shown in Figure 2, unless you see the need to make adjustments.

Figure 2: The Web Server Setup

As I mentioned, along the way you may get a few messages that you are missing something, but the program always asks if you want to let it help, as shown in Figure 3.

Figure 3: ASP .NET web service extension needs to be allowed.

The Post-Installation Wizard has quite a bit more to it. For starters it asks you to specify the DNS server to be used for domain lookups, shown in Figure 4. You can then configure proxy settings (depending on if the server connects directly to the Internet or through a proxy). You will be presented with the inbound email domains and you need to add any additional ones that you want MailEssentials to treat as inbound.

Figure 4: DNS Server configuration

Next you will configure SMTP server configuration, as shown in Figure 5.

Figure 5: SMTP server configuration

Then you can choose your default anti-spam action, which as you can see in Figure 6 I left at the default setting of moving spam to a sub folder in the recipients Exchange mailbox. The down arrow reveals a variety of additional options. Note: if you select the sub folder option you will need to have a user that either you create or the wizard creates (shown in Figure 7) that has impersonation rights. If you ever need to change that user account you can do so by going into the GFI MailEssentials Switchboard, choosing the Move To Exchange tab and selecting the “Specify User Account” option. Note: You can also use the Switchboard to adjust remoting ports and several other configuration adjustments from the post-install wizard.

Figure 6: Setting the default anti-spam action to move to a sub folder.

Figure 7: Configuring the “Move to Exchange” action

At that point the wizard detects the roles running on the server (if any) and installs the various agents on the system. It concludes with a summary of what agents were installed and lets you launch right into the web-based interface shown in Figure 8.

Figure 8: The MailEssentials opening Dashboard

Working with GFI MailEssentials

One of the things I love most about anti-spam/anti-virus solutions is that they typically go right to work on their own. Most important features are “enabled” right out of the box and you only have to go forth and tweak. And tweaking is usually a simple, intuitive matter that involves enabling other options (or disabling them if you please) and making a few adjustments. Nobody wants to study rocket science to keep spam and viruses out. Beyond a certain complexity and time commitment level you’re better off outsourcing a solution that bogs you down.

MailEssentials doesn’t disappoint in this regard. Everything is pre-configured to protect. You can easily navigate through the web-based interface to enable options that are purposely left to your discretion. Items like New Senders under the Anti-Spam settings have to be enabled by the administrator first. Perhaps you want to also establish “exceptions” to the New Sender filter. All of this is done quite easily with very clear instructions.

The content filtering options are preconfigured but you may need to go in and make adjustments to the conditions. For example, if you go to your keyword filtering settings you will see four Rules that have been created that block racial, sexual, profane and common keywords. These are all disabled by default but can be enabled with two-clicks. Upon investigating the words preconfigured I think you will be pretty well covered if you enabled all of these rules. But if you do need to add to the conditions you can do that too.

Through the web-based UI you can see at-a-glance quarantine information for your organization. You can quickly generate reports. You can configure partial access through access control settings so that some individuals can access partial features in the UI.

In addition to the web-based UI (and the Switchboard mentioned earlier) there is also an Anti-Spam Synchronization Agent and an Email Management Tools option that allows you to configure a few other items like disclaimers for your organization, which are easier to work with than transport rules because of the HTML editor included. There are also a variety of different canned disclaimers to choose from and tweak for your organization. Note: This feature is actually a freeware offering from GFI. http://www.gfi.com/anti-spam-freeware

Pricing and Support

It always comes down to price. Not only do you have to decide from between three different editions of GFI MailEssentials (Anti-Spam Ediiton, EmailSecurity Edition and UnifiedProtection Edition) but you also may want to consider the hosted online edition. The feature set is not as robust but the pricing is lower for SMBs looking to have high quality protection at a reasonable price. With the on-premises MailEssentials your main price will come down to the number of mailboxes you have and whether or not you want additional anti-virus protection included. Pricing is listed here: http://www.gfi.com/products/gfi-mailessentials/pricing. Personally I found the pricing to be a bit frustrating. Several options, different pricing per mailbox, additional anti-spam… where is my calculator? There is a big button that says “Click here for a customized quote” and I would probably just do that. It’s important to remember there is also an annual renewal for the Software Maintenance Agreement.

From a support perspective I can honestly say I didn’t need to contact an actual person through the entire process. The install went off without an issue (other than my having to search for and install .NET Framework 4.0, which wasn’t a big deal). Once in the UI everything was either intuitive or had a clear description or explanation for what I was looking at. And for those items I was unsure about I just clicked the Help button and the additional Help files were all I needed.

Final Thoughts

Not only was I pleased with GFI’s MailEssentials but I was impressed by some of the added features and overall flow of the product. I’ve worked with many anti-virus/anti-spam solutions and I would say MailEssentials would rank as one of my favorites, perhaps even on top of the list. I honestly couldn’t find a complaint other than pricing confusion and I’d recommend anyone get a personalized quote and negotiate a bit based on your environment.

In summary, I found the solution easy to install (although long), easy to configure, self-supported through a solid Help system, great at both spam and virus protection with a variety of configurable features, reporting elements, an easy-to-use dashboard and UI and end-user interaction elements for those rare cases where end-users may need to see and adjust what is viewed as spam.  Thumbs up!

MSExchange.org Rating 4.9/5

Learn more about GFI MailEssentials or download it here.