Features
GFI MailEssentialsTM Features
SpamRazerTM: A powerful Anti-spam Engine
SpamRazer is a powerful anti-spam engine that has been designed for ease-of-use. Due to frequent updates, SpamRazer needs no tweaking to be fully effective in filtering the latest spam attacks. Not only will administrators benefit from out-of-the-box filtering but they will also gain protection from each new attack without the need to tweak GFI MailEssentials. With SpamRazer filtering, greylisting, IP reputation filtering, Bayesian filtering and other advanced anti-spam technologies, our spam capture rate is over 99%. GFI MailEssentials also has an enviable low rate of false positives ensuring the safe delivery of important emails.
Greylisting
Greylisting is an anti-spam technique used to identify spam emails originating from non-RFC compliant mail servers (which are often utilized by spammers). For each new SMTP transmission, GFI MailEssentials records the sender, recipient and sending mail server's IP address (aka triplet) and rejects any emails with a temporary failure message. Compliant email servers try and resend the message after a few minutes this causes their triplet to be confirmed and connections with the same triplet are no longer rejected. Non-compliant mail servers do not try to resend the message.
Spam Quarantining
The administrator can select to quarantine spam emails. Spam emails are stored in a database and are automatically deleted after a pre-defined period of time. The administrator can also select to send a spam digest with information on quarantined emails. From the spam digest, users can review their spam emails, and approve them as required. The administrator is allowed full access to the quarantined emails.
Precise Real-time Dashboard
GFI MailEssentials also ships with a precise, real-time dashboard that gives administrators a graphic view of the software's status as well as the server's email flow. Components shown on the dashboard are: status of key services provided by GFI MailEssentials, statistics of email flow, blocked spam and,POP2Exchange logging and results which can be filtered by sender, recipient, subject, etc.
Auto-log rotation
Administrators can select to log occurrences (such as blocked or whitelisted mail) and configure to start a new log file after a pre-defined period of time or at a specific size.
Spam Digest
Administrators can now send a daily report to the users that shows how many emails he or she received and how many emails, identified as spam, were filtered. A snapshot of email traffic will show the end-user how much spam email was successfully captured. The report gives a full list of those emails identified and filtered.
Eliminate Hard-to-Catch Spam
With spammers controlling tens of thousands of zombie machines, these large botnet armies have become one of the leading sources of spam. The Botnet/Zombie check in GFI MailEssentials eliminates hard to catch attachment spam such as image spam, PDF spam, Excel and ZIP spam. The attachment spam check filters this attachment spam quickly, efficiently and with a very low rate of false-positives. GFI MailEssentials uses two anti-spam filter engines and a variety of technologies such as greylisting and IP reputation filtering.
Click Here to Read More about Attachment Spam
Click Here to Learn More about NDR Spam
Support for Unicode
GFI MailEssentials also supports Unicode. This means that GFI MailEssentials supports the industry standard for universal character encoding. This allows GFI MailEssentials to process emails in any language, and ensures that all characters are rendered properly.
Localized into German, Spanish, Italian and Russian
GFI MailEssentials is available in Russian, Spanish, Italian and German. Localization gives users the ability to install and run GFI MailEssentials in their native language.
Server-based Anti-spam and Anti-phishing
GFI MailEssentials is server-based and installs on the mail server or at the gateway, eliminating the deployment and administrative hassle of desktop-based anti-spam and anti-phishing products. A server-side solution will prevent your server message stores from filling up with spam and eliminate the need to train your users on the creation and update of anti-spam rules.
Bayesian Filtering: An Advanced Method to Detect Spam
Bayesian filtering, which uses a mathematical approach based on known spam and ham, is an effective way to catch spam. GFI's Bayesian filter has a tremendous advantage over other spam solutions that only check for keywords or rely on downloading signatures of known spam as it uses an advanced mathematical formula coupled with a dataset that is custom-made for your installation: Spam data is continuously updated by GFI and is automatically downloaded by GFI MailEssentials, whereas the ham data is automatically collected from your own outbound mail. This means that the Bayesian filter is constantly learning new spam tricks; spammers cannot circumvent the dataset used. This results in an exceptionally high spam detection rate, after the required automated two-week learning period. In short, Bayesian filtering has the following advantages:
- Looks at the whole spam message, not just keywords or known spam signatures
- Learns from your outbound email and therefore greatly reduces false positives
- Adapts itself over time by learning about new spam and new valid emails
- Dataset is unique to your company, making it impossible to bypass
- Multilingual and international
Downloads Updates to Spam Profile Database
GFI MailEssentials can download updates to the Bayesian spam profile database from the GFI site, ensuring that it recognizes the latest spam and spamming techniques. GFI maintains the spam profile database by working with a number of spam collection organizations that continually supply spam samples.
Protect your users Against the Menace of Phishing Emails
GFI MailEssentials' anti-phishing module detects and blocks threats posed by phishing emails by comparing the content of the spam with a constantly updated database of phishing URLs, thereby ensuring all the latest phishing emails are captured. As extra protection, it also looks for typical phishing keywords in every email sent to your organization.
Sort Spam to Users' Junk Mail Folders
GFI MailEssentials gives you the flexibility to choose what to do with spam. You can delete it, move it to a folder, forward the spam mail to a public email address or folder, quarantine it or send it to individual customizable folders (for example, a junk mail folder) in the end-users' inboxes. You can also select multiple actions as required. This allows you to sort spam and to easily review mail that has been flagged as spam.
List Server for Newsletter Lists and Discussion Lists
A list server is useful for distributing company newsletters, automating the process of allowing users to subscribe and unsubscribe (required by anti-spam regulations). However, list servers have traditionally been expensive and difficult to administer and few integrated with Exchange Server. GFI MailEssentials integrates with Exchange and can use Microsoft Access or Microsoft SQL Server as the backend. Both newsletter lists and discussion lists are supported.
Easy Tuning of the Bayesian Engine via Public Folders
Administrators can easily tune the Bayesian engine by dragging and dropping spam or ham to the appropriate public folder. GFI MailEssentials learns from the spam and ham that it picks up from these folders and further improves its spam detection rate. Administrators can control access to this feature through the use of Public Folder security.
Allow Users to Whitelist or Blocklist via Public Folders
GFI MailEssentials allows users to Whitelist or Blocklist senders simply by dragging and dropping the appropriate mail to a public folder. This gives users more control and reduces administration. Administrators can control access to this feature through the use of Public Folder security.
Email Header Analysis and Keyword Checking
GFI MailEssentials intelligently analyzes the email headers and disclaimers and identifies spam based on message field information. It detects forged headers, encoded IPs, spam mutation, spam sent from invalid domains, and more. It also enables you to configure keywords to check for spam using keyword checking.
Third Party DNS Blocklists (DNSBL) Checking
GFI MailEssentials supports DNS blocklists (real time blocklists), which are databases of known spammers. If the sending mail server is on one of those lists, it marks the email as spam. GFI MailEssentials supports popular third party blocklists, such as SpamHaus and Spamcop, and also enables administrators to configure custom RBL servers.
Support for Multiple Third Party URI DNS Blocklists
GFI MailEssentials checks links in emails against URI DNS Blocklists. Administrators can configure multiple URI DNSBLs, add their own and also define priorities for which server should be checked first.
Automatic Whitelist Management Reduces False Positives
Whitelists enable you to ensure that email from particular senders or domains are never flagged as spam, permitting more stringent anti-spam rules. GFI MailEssentials includes a patent-pending automatic Whitelist management tool, which adds outgoing mail recipients to your Whitelist. This greatly reduces false positives without any need for additional administration. Whitelists can also be built based on domain names, email addresses and keywords.
Active Directory Disclaimers
The disclaimers can be automatically tailored for the sender of the message by including information about the sender. Administrators can select to include information about the sender from Active Directory.
Instant View of Emails from New Senders
The New Senders feature provides users with an instant view of emails sent from people with whom they have not had previous contact, thereby helping users to better organize emails in their email client. If GFI MailEssentials does not identify an email as spam and yet it is not on the Whitelist, then the New Senders module can move that email to a user's subfolder, for example, Inbox New Senders.
Eliminates Directory Harvesting
Spammers often try to guess recipient addresses by generating multiple random email addresses at a domain; they then send their spam mail to all those addresses. GFI MailEssentials checks the validity of ALL the email addresses included in the mail sent, either via a query to Active Directory or through support for LDAP, and if they are not all valid, marks the mail as spam. Directory Harvesting can optionally be done at the initial stage of the SMTP transmission, thus eliminating any traffic that is generated by this type of spam.
Reports on Spam Filtering and Email Usage
The database-driven reporting engine allows you to create advanced reports on your inbound and outbound email. You can report on the amount of spam filtered and on rules which caught most spam. You can also generate reports on user, domain and mail server usage.
Support for SPF the Sender Policy Framework
As most of today's spammers spoof email addresses, it is important to be able to check whether an email is genuine or if it has been sent from a forged sending address. This can be done via the Sender Policy Framework (SPF), which allows users to test whether a particular email originates from its claimed source. The GFI MailEssentials SPF module automatically checks whether the mail from a particular company was actually sent by its registered mail servers.
For more on SPF, visit http://www.openspf.org.
Set Priorities for Each Anti-spam Module
You can configure which method of capturing spam is to be given priority and create your own hierarchical list. For example, the administrator can opt for the GFI MailEssentials whitelisting anti-spam feature to be applied first to all incoming mail, then Bayesian scanning, and so on.
Company-wide Disclaimer, Header and Footer Text
GFI MailEssentials enables you to add disclaimers to the top or bottom of an email. Text and HTML formats are supported. You can include fields and variables to personalize the disclaimer. You can even create multiple disclaimers and associate them with a user, group or domain.
Email Monitoring
The email monitoring feature enables you to keep a central store of the email communications for a particular person or department. By configuring email to be copied to an email address, all email can be stored in an Exchange or Outlook store, making searching much easier.
Email Archiving to an SQL Database
GFI MailEssentials can archive all inbound and outbound mail to a Microsoft SQL Server database. You can search for a particular email or an entire email thread via the included web interface.
For a complete email archiving solution, please check out GFI MailArchiverTM for Exchange.
Seamless integration with Exchange Server, Lotus Domino and other SMTP servers
GFI MailEssentials integrates seamlessly with Microsoft Exchange 2003/2007/2010. It installs on the Exchange SMTP service and does not require gateway configuration. It also works with Exchange 5.5/2000, Lotus Dominoand other popular SMTP/POP3 servers via the SMTP protocol.
Content Checking, Antivirus and Anti-trojan
Get antivirus, email content checking and anti-trojan protection for your mail server with the GFI MailDefense SuiteTM. GFI MailSecurityTM for Exchange/SMTP is an email content checking, exploit detection, threats analysis and antivirus solution that removes various types of email-borne threats before they can affect your email users.
Support for Virtual Environments
Organizations that are currently using or plan to use virtualization on their network can still install and use a range of GFI products with confidence. GFI MailEssentials supports and runs on the most common virtualization technologies in use, namely VMware, Microsoft Virtual Server and Microsoft Hyper-V.
Other Features:
- Whitelisting of emails by keyword
- Blocking foreign language spam based on character set
- Email monitoring of a particular user's or department's email communications
- Fake non-delivery reports (NDRs)
- Personalized server-based auto replies with tracking number
- POP3 downloader
- Web interface for searching email archive
GFI MailSecurity Features
Virus Checking with Multiple Scanning Engines
GFI MailSecurity uses multiple antivirus engines to scan inbound email. Using multiple scanners drastically reduces the average time required to obtain the latest virus signature, enabling a faster response to combat the latest threats. Each antivirus software engine has a different response time to each new virus, depending on where the virus was discovered, and other factors. By using multiple antivirus engines, GFI MailSecurity gives you a much better chance of having the right defense, at the right moment, to combat the latest attack. Since each engine has its own heuristics and detection methods, each one brings its own strength to your email environment for detecting a particular virus and its variants. Multiple antivirus engines, as provided by GFI MailSecurity, mean better virus protection.
Scan for Trojans and Malicious Executables
The GFI MailSecurity Trojan and Executable scanner detects unknown malicious executables by analyzing what an executable does. A trojan (or malicious executable) is software that enters the victim's computer undetected, granting an attacker unrestricted access to the data stored there. The Trojan and Executable Scanner takes the approach of using built-in intelligence to rate an executable's risk level. It does this by disassembling the executable, detecting in real time what it might do and comparing its actions to a database of malicious actions. The scanner then quarantines any executables that perform suspicious activities, such as accessing a modem, making network connections or accessing the address book.
Norman Virus Control and BitDefender Included
GFI MailSecurity is bundled with Norman Virus Control and BitDefender. Norman Virus Control is an industrial strength antivirus engine that has received the 100% Virus Bulletin award over 30 times. BitDefender is a very fast and flexible award-winning antivirus engine that can recognize and scan a strikingly wide range of formats. GFI MailSecurity automatically checks and updates the Norman Virus Control and BitDefender definition files as they become available. The GFI MailSecurity price includes updates for one year.
Kaspersky, McAfee and AVG (optional)
To achieve even greater security, you can add the Kaspersky, McAfee and/or AVG antivirus engines as a third, fourth or fifth antivirus engine. Kaspersky Antivirus is ICSA-certified and is well known for the depth of its object scanning; for the high rate at which new virus signatures are released; and for its unique heuristic technology effectively neutralizing unknown viruses. Another engine, McAfee, is particularly strong at detecting non-virus attacks such as rogue ActiveX controls. You can also get AVG from GRISOFT. With 15 years of experience in the antivirus industry, GRISOFT employs various experts in antivirus software, specifically in the areas of virus analysis and detection.
Norman Sandbox and AVG Link Scanning for Enhanced Malware Detection
Combating new malware is a major challenge for administrators. One of the best ways to detect the most recent malware, for which definitions have yet to be released, is to run it in a Sandbox. GFI MailSecurity features Norman Sandbox, a technology which makes use of an emulated environment to analyze the behavior of suspicious files in cases where signature-based analysis falls short. Additionally, for those also using the optional AVG antivirus, GFI MailSecurity uses the AVG LinkScanner to analyze hyperlinks in email bodies to determine whether they point to malicious content. The AVG LinkScanner can also be configured to scan the links' destination pages.
Automatic Removal of HTML Scripts
The advent of HTML email has made it possible for hackers and virus attackers to trigger commands by embedding them in the HTML. GFI MailSecurity checks for script code in the body of an email message disabling these commands before sending the cleaned email on. GFI MailSecurity protects you from malicious HTML email using our patented process, safeguarding you from HTML viruses and attacks launched via HTML email.
Email Exploit Detection Engine
GFI's Email Exploit Engine builds on our cutting-edge research into email exploits, safeguarding you from any email virus or attack that uses known application or operating system exploits. For example, GFI MailSecurity would have protected you against the Nimda and Klez viruses when they first emerged, without requiring an antivirus update, because they used known exploits.
Spyware Detection
GFI MailSecurity's Trojan and Executable Scanner can recognize malicious files including spyware and adware. GFI MailSecurity can also detect spyware transmitted by email with the Kaspersky antivirus engine (optional) which incorporates a dedicated spyware and adware definition file that has an extensive database of known spyware, trojans and adware.
Attachment Checking
GFI MailSecurity's attachment checking rules enable administrators to quarantine attachments based on user and file type. For example, all executable attachments can be quarantined for administrator review before they are distributed to the user. GFI MailSecurity will scan for information leaks such as an employee emailing a database. You can also choose to delete attachments like .mp3 or .mpg files. The administrator can configure GFI MailSecurity to block certain attachments only if they exceed a specific size and to strip suspicious attachments from the email before sending it to the user.
Dashboard
GFI MailSecurity has a dashboard that gives access to various counters and important logs, giving the administrator total control of the email scanning system, resulting in improved product manageability.
Multiply the Value of GFI MailSecurity with Powerful Reporting
The GFI MailSecurity ReportPackTM is a rich featured reporting companion to GFI MailSecurity. From trend reports for management (ROI) to daily drill-down reports for technical staff; the GFI MailSecurity ReportPack provides you with a comprehensive and easy-to-view understanding of your security patterns. Full automation and custom scheduling provide install-it-and-forget-it-functionality. The GFI MailSecurity ReportPack offers several default and customizable reports that can be prepared on an hourly, daily, weekly or monthly basis including:
- Viruses blocked
- Inbound email traffic
- Outbound email traffic
- Total inbound and outbound email traffic
- Processed emails
- Blocked emails
- And more
Granular User-based Email Content Policy Enforcement
Using GFI MailSecurity's powerful content policy rules engine, you can configure for policy rules based on user and keywords. We not only help you to quarantine potentially dangerous material for administrator approval, but also help you to scan for offensive content.
Custom Quarantine Filters
GFI MailSecurity enables you to configure a series of search folders (similar to MS Outlook) within the âQuarantine Store', permitting you to manage quarantined emails better and faster. For example, you can set up a folder for emails that were quarantined by virus checking and another for emails quarantined by attachment checking for a particular user, thus allowing you to prioritize. For example, it may be more important in your environment to examine the attachment checking folder first, allowing you to quickly approve and forward those emails that are appropriate.
Easy Quarantine Folder Monitoring through RSS feeds
GFI MailSecurity takes advantage of the power of RSS (Really Simple Syndication) feeds to simplify your work as an administrator in keeping an eye on your email quarantine store. Through RSS feeds, you will be informed of all new quarantined objects, eliminating the need to log onto the quarantine store to check for new updates manually.
Web-based Configuration for Remote Management
Our web-based configuration allows you to configure and monitor the product as well as to manage quarantined emails remotely from any computer with a browser. That means that you can monitor and manage GFI MailSecurity from anywhere in the world.
Dispatch Quarantined Email using Powerful Moderator Interface
GFI MailSecurity provides several options for moderating quarantined email. Our moderator client software gives you a familiar Windows interface for approving and rejecting email. The web-based moderator allows you to approve and reject emails from anywhere on your network. We will also forward quarantined emails to an email address of your choosing, enabling you to use a public folder to distribute the work of accepting and rejecting email to multiple administrators.
Search Inside of Quarantined Emails
GFI MailSecurity lets you conduct searches within quarantined email in a number of useful ways. For example, you can search among in or outbound email to or from a particular user. Searches can be carried out based on sender, recipient, the reason for quarantine and more, freeing the administrator from the tedious task of sifting through a folder full of email, one-by-one.
Full Threat Reporting for Quarantined Emails
When an email is quarantined, GFI MailSecurity gives a full report detailing all threats identified per email.
Server-based Anti-spam
GFI MailSecurity's companion product, GFI MailEssentials for Exchange/SMTP offers spam protection at server level, eliminating the need to install and update anti-spam software on each desktop. GFI MailEssentials includes a number of effective tools to virtually eliminate spam from your network. It also provides disclaimers, Internet email reporting, server-based auto replies and POP3 downloading. GFI MailEssentials integrates seamlessly with GFI MailSecurity and both can be purchased separately or as a bundle in the GFI MailDefense Suite.
Â
Support for Virtual Environments
Organizations that are currently using or plan to use virtualization on their network can still install and use a range of GFI products with confidence. GFI MailSecurity supports and runs on the most common virtualization technologies in use, namely VMware, Microsoft Virtual Server and Microsoft Hyper-V.
Other Features:
- Automatic quarantining of Microsoft Office documents with macros
- Detects attachment extension hiding and renaming
- User-based, flexible rules configuration
- Scans embedded emails
- Lexical analysis
Email is a primary means of communication, making it a perfect breeding ground for fraud, unsolicited advertisements, and malicious network attack. Dealing with the enormous amount of junk email hitting mail servers, along with email threats such as viruses and other malware, can be a nightmare.
