dcsimg

GFI MailEssentials: Comprehensive Anti-Spam and Mail Monitoring

By Dan DiNicolo (Send Email)
Posted May 1, 2003


Striking a balance between securing network resources and ensuring users have the tools they need to do their job presents a difficult quandary for IT managers and network administrators alike. If your network is like most, your users are likely inundated with almost unmanageable levels of junk email. Spam is not only intrusive and annoying, but also costly in terms of server storage space and user time. Providing users with access to email also comes with a security risk by providing a facility with which users can easily forward data to other users or even customers, be it sensitive corporate information or simply inappropriate content. Companies need the ability to both monitor and manage email resources as necessary for both legal and/or security reasons more than ever before. With the latest release of its MailEssentials package, GFI has made big improvements on an already impressive list of features. Dan DiNicolo says it might be the best weapon you'll ever use in the war against spam.

Out of the box, most email server products provide limited monitoring, security, and anti-spam functions. In those that do, the feature sets tend to be weak and seemingly implemented as an afterthought. However, the new GFI MailEssentials 8 product from GFI Software provides some of the most comprehensive anti-spam capabilities currently available, but also industrial-strength mail monitoring, the ability to add disclaimers to all outgoing messages, and more. Impressively, GFI provides many of the product's best features as freeware, making GFI MailEssentials 8 a must-evaluate product for administrators of large and small networks alike.

Anti-Spam Features
Version 8 marks a new beginning for GFI MailEssentials. In the past, the product relied on very common anti-spam capabilities in the form of keyword lists that needed to be manually created. While this method is effective for blocking spam messages that include offers of university diplomas, cheap mortgages, and a variety of "free" offers, the creation and maintenance of the keyword lists can be cumbersome, especially considering the increasing creativity of spammers show getting their messages through to users.

With GFI MailEssentials 8, it seems GFI has recognized the need for a much higher level of spam detection in order for its product to reach maximum effectiveness. Keyword and message header checking are still a central component, including a great default list that includes many of the most commonly used spam keywords. However, the use of blacklists and its patented whitelist is what really sets GFI MailEssentials 8 apart from the competition.

For those not familiar with these terms, blacklists and whitelists are among the most effective ways to eliminate spam. A whitelist is a list of email addresses, maintained by GFI MailEssentials, which includes all addresses from which you always wish to receive mail such as your customers or suppliers. A blacklist is basically the opposite &emdash a list of addresses from which you never want to receive mail.

While individual addresses and/or entire domains can be added to these lists manually, the process can also be automated in two key ways. First, you can configure your whitelist settings so when any user in your organization sends a message to an external person, that address is automatically considered valid and added to the whitelist. This helps ensure incoming mail from these users is never considered to be spam, and is delivered as normal. Second, instead of trying to manually block the individual email addresses associated with incoming spam messages (which are usually false anyhow), GFI MailEssentials is also capable of using what are known as third-part DNS blacklists (explained shortly) to block potential spam sources.

DNS blacklists are databases of known spammers maintained by various organizations. One of the most popular is the list of open relay servers maintained by ORDB.org, the Open Relay Database. Almost all spam received by users comes from a common source &emdash mail servers that are not properly secured, those that allow mail to be relayed through them. To account for this, GFI MailEssentials can be configured to query the ORDB or other such databases and either allow or deny mail from these sources. While querying DNS blacklists will slow down the message reception process somewhat, it is a highly effective tool, especially when used in conjunction with the MailEssentials whitelist feature. When messages are blocked by a blacklist, you have the option to automatically delete them, move them to a designated folder, or forward them to another address (such as an Exchange public folder!) for later review. Both the blacklist and whitelist features of GFI MailEssentials 8 are included in the freeware version of the product.

Page 1 of 3


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.