Product: SpamTitan Virtual Anti-Spam Software
Product Homepage: click here
Free Trial Version: click here
Several months ago we were looking for a good e-mail hygiene solution for our office. We run a mixed Exchange 2000 and Exchange 2003 environment here, so we had the option to use the Exchange built in tools. The problem was that our Exchange Server was getting hammered and the SMTP stack included in Windows Server 2003 was not quite as robust as I would have liked. While the Exchange Server environment served us well as an e-mail and collaboration solution, it really could not hold up well to the amount of spam we received.
What we needed was an “off box” solution that could handle over a million messages a day (that is an indication of the amount of incoming spam we had to deal with at that time). I did not have a lot of time to set up a complex solution, like upgrading to Exchange Server 2007, and I did not want to have to deal with dropping new hardware into our environment. Our server room is already overtaxed, and I really did not want to add to our power bill by installing more hardware.
That is when we thought about a virtual appliance. We already had an established VMware Server environment, so why not go with a virtual appliance? With a virtual appliance, all I would need to do is copy the VM to the VMware Server machine, configure the VM, and start it up. A turn key solution that I could get up and running in less than an hour. That is what I was looking for.
When doing my research for virtual e-mail hygiene appliances, I found that there were several of them on the market. However, almost all of them were hideously complex to configure, or used non-standard language in describing their functionality and configuration, which made it impossible to figure out how to get them to work. However, there was one exception, and that was the SpamTitan virtual appliance.
What I found paradoxical is that I choose a BSD based solution over a Windows solution (Exchange 2007) because the BSD solution was easier to set up and had a more intuitive interface! The people at SpamTitan did an excellent job at documenting their product and it is clear they have a lot of experience and insight into user interface design, as it was easy to figure out just about all areas of configuring using the SpamTitan interface.
While SpamTitan is remarkable easy to install and configure, it has a lot of features and capabilities that the much more expensive and difficult to install and configure virtual appliances have. For example:
- Full Free Antispam Product download
- Free 30 day maintenance and support
- Effective Spam Filter – 98.5% spam blocked
- ISO and VMware options
- Includes two AntiVirus Solutions – Kaspersky and ClamAV
- End User Spam Quarantine and digest
- Up and running in 30 minutes
- Email content controls
- Disclaimers on email
- In and outward bound email scanning
- Unlimited domains supported
- Full automated reporting suite
Let us take a walk through the SpamTitan interface so that you can see the myriad of options available and how easy it is to configure.
Overview of SpamTitan User Interface
To give SpamTitan a try, I first went to http://www.spamtitan.com/anti-spam/anti-spam-software/free-download and filled out the form. That took me to a download site where I could download the virtual machine file. SpamTitan run on VMware Workstation, VMware Server or VMware player. You can use the straightforward instructions in the SpamTitan installation guide (here) to get up and running quickly. During installation you will be asked simple questions about the IP addressing to be applied to the virtual machine, and the name of the machine.
Once installation is complete, you can log in to the Web based interface from another machine on the network, as seen in the figure below.
Once you log on you will see the dashboard. The dashboard has a lot of useful information about what SpamTitan has been doing. As you can see in the figure below, there are several sections containing interesting information. The System Overview provides information on machine statistics like CPU utilization and also information about active queues. The Scan Summary section shows you the number of spam and clean messages, as well as the number of viruses that had been detected. The Last 7 Days summary gives you an “at a glance” view of what SpamTitan has been doing for the last 7 days.
You click the tabs at the top of the page to get to the various configuration interfaces. On the System Sets tab, there are tabs for Licensing, Network, Time, Mail Relay, System Updates and Shutdown/Restart.
The figure below shows the Network section. Here you configure the IP addressing information on the appliance, including the DNS settings. SpamTitan includes a DNS caching feature that speeds up its anti-spam activities when it does things such as DNS checks.
In the Mail Relay section, you can set various configuration options related to mail relay. These include items such as maximum message size, trusted network address ranges, internal domains, and most importantly, front content control.
In the Frontline Content Control section you can set various options that control access based on the initial SMTP connection attempt, which takes place before the more processor and memory intensive tasks as anti-spam content checking and anti-malware checks. For example, you can see in the figure below that I have enabled RBL checking and entered the name of an RBL that I trust.
On the Content Filtering tab you can configure options that include AV, Spam and file extention controls. In the figure below you can see the options available in the Viruses section. In this example Virus filtering is enabled, with both the Clam and Kasperskey AV engines being active and automatically updated. Notice that you have the ability to notify both the administrator and recipient if you like, though I have disabled those options on my network.
In the Spam section on the Content Filtering tab, you can control how often automatic updates take place for the anti-spam rule base. There is also an option to bypass analysis for messages larger than a pre-defined size.
SpamTitan uses multiple methods to control spam. You can see the anti-spam options when you click on the Anti-Spam Engine tab. SpamTitan can use both Network based spam tests, such as Razor v2, Pyzor and RBLs to determine whether a message is spam. In addition, SpamTitan can use Bayesian analysis to control spam. If you use SpamTitan as an outbound SMTP relay, it can auto-earn what is spam and not spam based on the messages leaving your organization.
The figure below shows more of the anti-spam options, including Botnet analysis, passive OS fingerprinting and SMTP process tuning. While you can take advantage of these options, I find that even when these are disabled that SpamTitan’s anti-spam capabilities are exceptional even when they are not enabled.
On the Settings tab there are a number of sections that you can perform a variety of functions. These include: Change Password, Interface Settings, SSL, TLS, Access/Authentication, Backup, Notification Templates, Remote Syslog, Outbound Disclaimers, and SNMP. Each of these sections provides you powerful options to extend the functionality of SpamTitan. And even though the options are powerful and flexible, you will find them easy and intuitive to configure. Having to refer to the manual will be more of an exception than a rule when working with SpamTitan.
In the Filter Rules section, you can configure both Blacklists and Whitelists. Just click on the Global Blacklist or Global Whitelist sub-tabs and type in your entries. If you have saved a large collection of domains that you want to whitelist or blacklist, then you can take advantage of the Import feature.
On the Quarantine tab, you can access messages in quarantine and configure quarantine parameters. In the figure below you can see options on the Settings sub-tab, where you can configure a quarantine report and the quarantine expiration period. You need to be careful when configuring the quarantine expiration period, as quarantine mails take up drive space. However, even with a 30 day quarantine period, we have found that only about 8 GB of space on the 30 GB VM have been used, and that includes both the quarantined e-mail messages and log files.
SpamTitan has a very robust reporting feature and there are a number of sub-tabs under the Reporting tab. In the figure below you can see information about the system on the System Information sub-tab. You can see memory use, CPU status, hard disk usage and the status of the system services on this page. You can also perform useful system diagnostics, such as a spam test, view the mail queue, and even establish a secure connection to SpamTitan support. When you do this, a SpamTitan engineer has direct access to your SpamTitan appliance and can fixed it himself. Nice!
On the Graphs sub-tab there are a number of useful graphs that give you information about anti-spam and anti-virus activity over the last day, the last week, the last month and the last year. The graphs make it easy to see trends and make decisions about how to fine tune SpamTitan (if you are the kind of admin who likes to tweak configuration settings).
On the History sub-tab you can see a complete list of quarantined messages. I find this very useful for when I suspect that a message was blocked as a false positive. For the first few days of working with SpamTitan you’ll need to tune your whitelists so that mailing lists and other domains are allowed that might be caught by SpamTitan. However, I found that it only took a few days before we had things tuned up with almost no false positives. The search feature in the Mail History section makes it easy to find the message that you are looking for, so you do not have to manually fish through the quarantined messages. One thing I was very impressed with was the speed of the searches. Even when there were tens of thousands of quarantined messages, SpamTitan search always found messages of interest in a second or two.
On the Logs tab you have access to mail, interface and system message logs. These logs are helpful for troubleshooting problems and for just getting a good bead on what is happening with the appliance. I found that after tuning the appliance for about a week, I have not had to look at the logs for months. The logs are stored as plain text files and you can download them or view them in an HTML interface. They are very easy to work with and if you need to use them to troubleshoot problems, you’ll find their format easy to interpret so that you’ll find the information you need quickly.
We were looking for a powerful, one-stop, easy to install and configure anti-spam and anti-malware solution for our e-mail organization and we found it in SpamTitan. When doing some basic performance testing, I find that it was able to easily handle over 1000 messages per minute, even when RBL and other frontline content control where disabled. If you enable these features, you’ll find that SpamTitan can easily handle 2000-5000 messages per minute!
SpamTitan has been exceptionally reliable. I have never had to reboot the virtual machine and the virtual machine updates itself on a regular basis without me needing to log into the box to check on the updates. I have configured several reports to be sent to me each day and those reports are created and emailed to me reliably. In fact, SpamTitan has not missed a day!
I highly recommend SpamTitan for businesses of all sizes. The virtual appliance makes disaster recover a simple affair, and its performance characteristics enable you to support even the busiest of e-mail environments. Perhaps most importantly, SpamTitan is very reasonably priced, so that both small businesses and enterprise deployments can obtain a cost-effective anti-spam and e-mail anti-malware solution. If you are an organization that wants control and not turn it over to an unpredictable and unreliable cloud, then SpamTitan is the ideal e-mail hygiene solution.
WindowsNetworking.com Rating 5/5
Get more information about SpamTitan Virtual Anti-Spam Software