modusGate, Delivering Mail Server Protection at the Gateway

By ServerWatch Staff (Send Email)
Posted Feb 8, 2007

Vircom modusGate: Gateway that secures and filters e-mail to an upstream mail server. Vircom's modusGate is putting a new spin on mail server protection. The "e-mail gateway" functions as a proxy server and can secure any SMTP-based mail server.

Vircom's modusGate "e-mail gateway" puts a flexible spin on mail server security, separating the "security" side of the equation from the mail server. Often, we see mail servers designed with their own security and filtering defenses. Indeed, Vircom's own modusMail is one such product. With modusGate, Vircom has modularized the security architecture seen in modusMail and spun it off to pair up with virtually any mail server.

Discuss this article in the ServerWatch discussion forum

Available for Windows 2000 Server and 2003 Server, modusGate is an 85MB download with an initial installed footprint of 145MB. By nature, modusGate will rely heavily on disk storage, and its supporting database could consume much more capacity on an active server. Vircom recommends at least a 7200 RPM drive for database operation, which is typical by today's hardware standards. Because modusGate is a security filter for e-mail, but not an e-mail server itself, it operates in conjunction with an existing mail server.

modusGate integrates in a slightly streamlined fashion with Microsoft Exchange 5.5, 2000, and 2003. It can also interoperate with any standard mail server that supports SMTP. Once in place, modusGate's purpose is to filter both incoming and outgoing mail against a customizable set of rules, including spam detection and anti-virus scanning. It then takes preventive, defined action before passing mail to either the local server or the outside world. Vircom's Windows-based administration console can connect either to a modusGate server installed on the same machine or remotely.

The gateway can authenticate users through SMTP, LDAP or Active Directory, and it can automatically create users to mirror the mail server. It supports a range of databases, including Microsoft SQL2000+, SQL Express, Access, MSDE and PostgreSQL, which is included. Of modusGate's four primary functions — quarantine, monitoring, audition and sieve — Vircom recommends only SQL2000+ or SQL Express for handling all four. The included PostgreSQL database is adequate for a server setup only to quarantine and monitor.

To improve performance in demanding environments, modusGate and its supporting database can be installed on separate servers. Vircom recommends this architecture when demand is expected to exceed 5,000 mailboxes or eight messages per second.

The core of modusGate, of course, is its "gate" — that is, the ways in which it can filter and scan messages. And those ways are many. modusGate can test messages against criteria including message size, attachment status and type, header field content, origin, real-time blacklist (RBL), trusted sender whitelist, message body language, Vircom anti-spam detection algorithms, virus scans, and custom Sieve rules.

Versions of modusGate with anti-spam support feature the Sequential Content Analyzer, Vircom's own recipe of spam/phishing detection analysis. It claims to catch 98 percent of nefarious "image spam," which often eludes purely text-based analysis. An annual subscription to Vircom's update service includes updates to the spam detection filtering rules. But besides Vircom's own detection formulas, administrators can write their own rules using standard Sieve scripts.

modusGate's anti-virus scanner is integrated into the gateway, but its virus detection database is provided by a third-party, either McAfee, for most versions, or Norman Data Defense for service providers. As one would expect, the scanner can delete or quarantine infected messages or attachments and provide appropriate notifications. Users can be given privilege to access and manage their quarantined messages.

For organizations keeping up with electronic recordkeeping laws, modusGate can keep copious activity logs — three main logs with 18 subcategories. Altogether, the logs include records of server performance, configuration, operation, security, spam and virus scans, authentication activity, and audits of message transactions.

Pros: Modular security for any mail server; Comprehensive features; Scalable performance.
Cons: Redundant for organizations with robust mail servers in place; pricing less attractive for low-volume users.

Reviewed by: Aaron Weiss
Original Review Date: 02/07/2007
Original Review Version: 4.4

Page 1 of 1

Thanks for your registration, follow us on our social networks to keep up-to-date