With the increasing and ever present problem of spam email, several of my users came running to me last year, begging me to find them a solution against their spam problem. One of them was actually crying and groveling in front of me, telling me she couldn't endure seeing those V1@Gr@ emails anymore. Being an all-around nice guy and an IT super-hero, I couldn't really refuse their request. I had to find a server-side anti-spam software that would be able to run on an exchange mail server and would be affordable enough so that management would not put my head on the block when I would be showing them the price quotation. After trying out a few solutions on a test server, my choice stopped on a most excellent application from GFI: GFI Mail Essentials. In addition of being affordable, Mail Essentials is not only easy to install, but also features rich.
Like I said before, the application is server-side, so you only need to install it directly on the mail server or at the gateway. The advantage of this is that you do not have to deploy the solution on multiple desktops and administration is done from a central location. This way, you can save hours of work, letting you waste more of your valuable time on the Internet. Exciting isn't it? After all, everyone knows that system administrators do nothing all day long except surf the web, it's a well known fact.
To catch spam effectively, Mail Essentials uses several filtering technologies to determine what's considered as spam and what's not. Here is a list of those technologies:
- Sender Policy Framework: allows you to check whether a particular email sender is forged or not. Most of today's spammers use forged email addresses.
- Whitelist: List of email addresses and domain from which you always wish to receive emails. All emails coming from entries in this list won't be filtered and will end up in the user's inbox
- Directory harvesting prevention: Detect emails in which the recipient was randomly generated and blocks them.
- Custom blacklist: Permits you to specify domains and addresses from which you do not wish to receive emails.
- DNS Blacklist: This feature permits GFI Mail Essentials to block spam by querying a public database of known spammers.
- Spam URI Real-time Blacklist: This feature will extract links from the message and verify if they are listed on a public spam database.
- Bayesian Analysis: The Bayesian engine will analyzee the content of each message based on certain mathematical rules to decide if the mail is considered as spam or not. For this feature to work efficiently, you have to let MailEssentials process a few thousands inbound and outbound emails before turning the engine on.
- Header Checking: This feature will analyzee the header of each mail to detect if it contains an empty or malformed "MIME FROM:" Field. It will also mark as spam emails that have different "SMTP TO:" and "MIME TO:" Fields.
- Keyword Checking: Allows you to block messages that contain certain keywords. I prefer to turn that functionality off because I think that this feature is the least efficient of all the available ones.
When GFIME finds a spam message, it can delete it, move it to certain folder, forward it to an email address or simply tag it - you have the choice. Of all the applications I tried, this one had the best spam detection ratio (about 98%).
In addition to anti-spam filtering, MailEssentials also gives you access to other great mail management tools:
- Automatic Disclaimers
- Mail monitoring
- Internet mail reporting
- list server
- Server-based auto replies
How does the story end? GFI MailEssentials has been running in my environment for the past year with little or no complaints at all. Management was happy enough with the rock bottom price, and up to now, I still am patting myself in the back for a job well done.
Download your free trial today!
(edit 31/01/2006): Just received this announcement from GFI:
GFI is preparing to launch GFI MailEssentials for Exchange/SMTP 12, the latest version of GFI's award-winning anti-spam software. Version 12 will protect users from spam and phishing emails by detecting and blocking them before they reach the recipient's mailbox.
Featuring PURBL, a phishing URI real-time blocklist, GFI MailEssentials 12 will have the ability to extract links from the message body and check them against a list of well-known phishing sites. Version 12 will also scan for typical phishing keywords, which identify and treat the message as spam once found.
Technorati tags: security , spam , email , exchange