Product Review: GFI MailEssentials 8 - Anti-Spam and Mail Monitoring
Striking a balance between securing network resources and ensuring that users have the tools they need to do their job presents a difficult quandary for IT managers and network administrators alike. If your network is like most, your users are likely inundated with almost unmanageable levels of junk email. Spam is not only intrusive and annoying, but also costly in terms of server storage space and user time. On the flipside, providing users with access to email also comes with a security risk in that it provides a facility by which users can easily forward data to other users or even customers, be it sensitive corporate information or simply inappropriate content. Quite simply, companies need the ability to both monitor and manage email resources as necessary for both legal and/or security reasons more than ever before.
Product: GFI MailEssentials 8
Product Homepage: click here
60-day trial version: click here
Version 8 marks a new beginning for GFI MailEssentials. In the past, the product had relied on very common anti-spam capabilities in the form of keyword lists that needed to be manually created. While this method is effective for blocking spam messages that include offers of university diplomas, cheap mortgages, and a variety of free offers, the creation and maintenance of the keyword lists can be cumbersome, especially based on the increasing creativity of spammers in getting their messages through to end users.
With GFI MailEssentials 8, it seems that GFI has recognized the need for a much higher level of spam detection in order for their product to reach maximum effectiveness. Keyword and message header checking are still a central component, including a great default list that includes many of the most commonly used spam keywords. However, the use of blacklists and its patented whitelist is what really sets GFI MailEssentials 8 apart from the competition.
For those not familiar with these terms, blacklists and whitelists are among the most effective ways to eliminate spam. A whitelist is simply a list of email addresses, maintained by GFI MailEssentials, which includes all addresses from which you always wish to receive mail for example, your customers, suppliers, and so forth. A blacklist is basically the opposite a list of addresses from which you never want to receive mail.
While individual addresses and/or entire domains can be added to these lists manually, the process can also be automated in two key ways. First, you can configure your whitelist settings such that when any user in your organization send a message to an external person, that address is automatically considered valid and added to the whitelist. This helps to ensure that incoming mail from these users is never considered to be spam, and is delivered as normal. Secondly, instead of trying to manually block the individual email addresses associated with incoming spam messages (which are usually false anyhow), GFI MailEssentials is also capable of using what are known as third-part DNS blacklists (explained shortly) to block potential spam sources.
DNS blacklists are databases of known spammers that are maintained by various organizations on the web. One of the most popular is the list of open relay servers maintained by ORDB.org, the Open Relay Database. Almost all spam received by users comes from a common source mail servers that are not properly secured, those that allow mail to be relayed through them. To account for this, GFI MailEssentials can be configured to query the ORDB or other such databases, and to either allow or deny mail from these sources. While querying DNS blacklists will slow down the message reception process somewhat, it is a highly effective tool, especially when used in conjunction with the MailEssentials whitelist feature. When messages are blocked by a blacklist, you have the option of automatically deleting them, moving them to a designated folder, or forwarding them to another address (such as an Exchange public folder!) for later review. Both the blacklist and whitelist features of GFI MailEssentials 8 are included in the freeware version of the product.
As if spam werent annoying enough, youve probably noticed that you receive an awful lot in other languages, especially in the kanji character set. To account for this, GFI GFI MailEssentials 8 also allows you to block messages by language, ensuring that those messages never reach end users.
One of my favorite anti-spam features of GFI MailEssentials 8 is one that you might easily overlook, but is one that should not be underestimated. The product is capable of delivering fake Non-Delivery Reports (NDRs) to any addresses associated with your blacklists. But why would you want to do this? The reason is simple almost all spam is automated by software, and in order to keep their lists clean, most spamming software is configured to automatically remove addresses from its list for which it receives an NDR. Sure, it may not be honest or truthful, but then fighting spam is a dirty business!
While the use of signatures attached to the end of all email messages has long been a key feature implemented in email client software, the ability to add disclaimer messages to all outgoing mail is increasingly becoming a must-have feature based on potential liability issues. For example, consider a situation where an employee forwards inappropriate materials to a client, friend, or associate. In many cases, because the message has been sent using corporate facilities (and bears the organizations name), the company could be held liable if a recipient took legal action. A disclaimer message added to the end of each could be used to make it clear that the employee sending the message is responsible for his or her actions. Conversely, the disclaimer tool could also be used to add corporate contact or promotional information to messages, thus potentially making it a new and effective marketing tool.
Both the standard and freeware versions of GFI MailEssentials 8 include the ability to add disclaimers to all outgoing messages. Advanced features include the ability to add different disclaimers to messages associated with a given user, group, or domain, as well as use variables to insert common information such as a users name or email address within the disclaimer text.
GFI MailEssentials 8 also provides the ability to configure auto-reply responses to messages sent to a specified email address. For example, if your company uses a generic address such as [email protected] to which existing or potential customers forward questions, the auto-reply feature can be used to automatically send them a reply stating that their message was received. Further to this, GFI MailEssentials is also capable of adding a tracking number to these messages for organizational and record-keeping purposes, using variables within the reply message, and even sending out different automated responses based on the subject line of a message. Although not a particularly glamorous feature, the auto-reply capability is definitely a useful way to let your customers know that their message has been received and will be attended to.
Mail Monitoring and Archiving
While monitoring corporate email has always been the source of a great deal of controversy, the ability to monitor messages on a full-time or as-necessary basis has become a virtual necessity in almost all environments. The Mail Monitoring feature of GFI MailEssentials 8 allows you to send a copy of all messages sent to or from a particular user or domain to another configured email address, such as that of another user or a particular designated account like [email protected] The uses of this feature range from the basic archiving of email messages for backup purposes to the monitoring of employee communications for security reasons. The Mail Monitoring tool also allows exceptions to be configured for this feature for example, you might choose to implement Mail Monitoring for all users except senior executives. Because of the potentially sensitive nature of using such a capability, you would well be advised to obtain the necessary managerial approval before implementing this feature as an administrator.
In many industries (as well as many countries), policies and laws state that all email messages must be archived. While not very common in the past (except perhaps via backups), this is becoming an increasingly relevant feature for many organizations. GFI MailEssentials 8 provides the ability to archive all messages to a text file, as well as Microsoft Access and SQL Server databases. As an administrator, you have the ability to archive inbound, outbound, or both types of user email messages.
While most email server software packages provide basic logging functions relating to sent and received messages, the log files that they provide are often cryptic and unmanageable long. While a variety of third-party software packages can be used to parse and display this data in different types of reports, this feature is already included in GFI MailEssentials 8. The GFI MailEssentials Reporter tool provides a wide variety of reports, including ones that display daily usage statistics for individual users, domains, and the server itself. For example, the user report displays information such as the total number of email messages sent by a user, and their cumulative size. Furthermore, these reports can be tweaked and tuned through the use of filters that allow you to view specific information such as the amount of inbound or outbound mail sent by a user, dates, and the number of messages retrieved.
For administrators, the reports generated by GFI MailEssentials provide a simple way to not only manage your server more effectively, but also provide management with a slick printout that will certainly keep them happily occupied for hours.
The last major feature of GFI MailEssentials 8 is an integrated POP3 downloader utility. The main purpose of this utility is to download messages from an external POP3 server (at your ISP, for example) to your local Exchange Server. While this capability is not usually necessary if you have a properly configured SMTP server onsite with the appropriate DNS MX record configured, some companies will still find this feature useful. For example, companies using a dial-up Internet connection will often not receive email to their internal SMTP or Exchange server in cases where they dial into the Internet only intermittently. In this case, mail can be stored on their ISPs POP3 server, and then downloaded once a connection is made. Once connected, mail can be downloaded and forwarded into a local mailbox bearing the same name, or to a different specified local address. The POP3 downloader also allows you to specify a schedule at which the server should connect to the Internet to download messages. Again, this feature is not for everyone, but many companies will be thankful for the feature not natively implemented in Microsoft Exchange.
Having used the previous version of GFI MailEssentials for well over a year, my feeling is that GFI has put a great deal of time and effort into making version 8 a much more robust, useful, and intelligent application. Not only does it do a superior job of defeating spam compared to other products on the market, the additional features like Mail Monitor, disclaimers, and the reporting capabilities combine to make it an unbeatable value for any network that includes its own mail server. However, there is still always room for improvement I would love to see GFI include the ability to configure their products via a web interface (instead of only via the MMC), if only to give administrators maximum flexibility. That aside, this is one product that you simply cannot afford not to try given that many of the core features are also provided in the freeware version, you simply have nothing to lose. Use GFI MailEssentials for a week, and youll wonder what you ever did without it.
MSExchange.org Rating 5/5
For more information about GFI MailEssentials 8, click here.