Products > GFI MailDefense Suite for Exchange/SMTP/Lotus > Features	Print this page  |  Datasheet

GFI has packaged its two leading email products – GFI MailEssentials and GFI MailSecurity – into a single downloadable suite, allowing you to install either or both of these market leading products as well as saving nearly 30% when purchasing the suite. The GFI MailDefense Suite is available here.

GFI MailEssentials for Exchange/SMTP offers you an effective way to beat spammers at their game. With over 60 awards to its name, 80,000 satisfied customers and the lowest prices on the market, GFI MailEssentials is an anti spam filter that captures over 98% of spam and, since it is server-based, it eliminates the need to install and update anti spam software on each desktop.

GFI MailEssentials is server-based and installs on the mail server or at the Gateway, eliminating the deployment and administration hassle of desktop-based anti-spam and anti-phishing products. Desktop-based software involves training your users to create anti-spam rule sets, and subsequently users have to spend time updating these rules. Besides, this system does not prevent your server message stores from filling up with spam. View screenshot.

Bayesian filtering is widely acknowledged by leading experts and publications as the best way to catch spam. A Bayesian filter uses a mathematical approach based on known spam and ham (valid email). This gives it a tremendous advantage over other spam solutions that just check for keywords or rely on downloading signatures of known spam. GFI’s Bayesian filter uses an advanced mathematical formula and a dataset which is ‘custom-created’ for your installation: The spam data is continuously updated by GFI and is automatically downloaded by GFI MailEssentials, whereas the ham data is automatically collected from your own outbound mail. This means that the Bayesian filter is constantly learning new spam tricks, and spammers cannot circumvent the dataset used. This results in a 98+% spam detection rate, after the required two-week learning period. In short, Bayesian filtering has the following advantages:

• Looks at the whole spam message, not just keywords or known spam signatures
• Learns from your outbound email (ham) and therefore greatly reduces false positives
• Adapts itself over time by learning about new spam and new valid email
• Dataset is unique to your company, making it impossible to bypass
• Multilingual and international.

Read more about Bayesian filtering in this GFI white paper.

With spammers controlling tens of thousands of zombie machines, these large botnet armies have become one of the leading sources of spam. The Botnet/Zombie check in GFI MailEssentials eliminates hard to catch attachment spam such as image spam, PDF spam, Excel and ZIP spam. The attachment spam check filters this attachment spam quickly, efficiently and with a very low rate of false-positives. GFI MailEssentials uses a variety of technologies such as uses Bayesian Filter, DNS Blacklists, Sender URI RealTime Blocklists and Keyword Checking to keep Non-Delivery Report (NDR) spam at bay. Click here to read more about attachment spam or click here to lean more about NDR spam!

GFI MailEssentials’ anti-phishing module detects and blocks threats posed by phishing emails by comparing the content of the scam with a constantly updated database of blacklisted mails, thereby ensuring all the latest phishing emails are captured. As extra protection, it also looks for typical phishing keywords in every email sent to your organization. Read more about phishing.

GFI MailEssentials gives you the flexibility to choose what to do with spam. You can delete it, move it to a folder, forward the spam mail to a public email address or folder, or send it to individual customizable folders (for example, a “junk mail” folder) in the end-users’ inboxes. This allows users to easily review mail that has been flagged as spam. View screenshot.

A list server is the best method for distributing company newsletters, since it automates the process of allowing users to subscribe and unsubscribe (required by anti-spam regulations). However, until now, list servers have been expensive and difficult to administer and they did not integrate with Exchange Server. GFI MailEssentials integrates with Exchange and can use Microsoft Access or Microsoft SQL Server as the backend. Both newsletter lists and discussion lists are supported. View screenshot.

GFI MailEssentials enables you to add disclaimers to the top or bottom of an email. Text and HTML formats are supported. You can include fields/variables to personalize the disclaimer. You can also create multiple disclaimers and associate them with a user, group or domain. View screenshot.

The email monitoring feature enables you to keep a central store of the email communications of a particular person or department. By configuring the email to be copied to an email address, all email can be stored in an Exchange or Outlook store, making searching for email or content easy. View screenshot.

GFI MailEssentials can archive all inbound and outbound mail to a Microsoft SQL Server database. You can search for a particular email or an entire email thread via the included web interface. Mail archiving is essential for back-up and search reasons. For a complete email archiving solution, please check out GFI MailArchiver for Exchange.

• Allow users to whitelist or blacklist via public folders
• Email header analysis and keyword checking
• Third party DNS blacklists (DNSBL) checking
• Support for multiple third party SURBL servers
• Automatic whitelist management reduces false positives
• Instant view of emails from new senders
• Eliminates directory harvesting
• Support for SPF – the Sender Policy Framework

With over 30,000 customers and the best price on the market, GFI MailSecurity acts as an email firewall protecting you from email viruses, exploits and threats, as well as email attacks targeted at your organization. GFI MailSecurity uses up to five anti-virus engines and ships with state-of-the-art content management policies to prevent data leakage.

GFI MailSecurity uses multiple virus scanners to scan inbound email. Using multiple scanners drastically reduces the average time to obtain virus signatures which combat the latest threats, and therefore greatly reduces the chances of an infection. The reason for this is that a single anti-virus company can never ALWAYS be the quickest to respond. For each outbreak, virus companies have varying response times to a virus, depending on where the virus was discovered, etc. By using multiple virus engines, you have a much better chance of having at least one of your virus engines up-to-date and able to protect against the latest virus. In addition, since each engine has its own heuristics and methods, one virus engine is likely to be better at detecting a particular virus and its variants, while another virus engine would be stronger at detecting a different virus. Overall, more virus engines means better protection. View screenshot.

The GFI MailSecurity Trojan & Executable Scanner detects unknown malicious executables (for example, trojans) by analyzing what an executable does. Trojans are dangerous as they can enter a victim’s computer undetected, granting an attacker unrestricted access to the data stored on that computer. Anti-virus software will NOT catch unknown trojans because it is signature-based. The Trojan & Executable Scanner takes a different approach by using built-in intelligence to rate an executable's risk level. It does this by disassembling the executable, detecting in real time what it might do, and comparing its actions to a database of malicious actions. The scanner then quarantines any executables that perform suspicious activities, such as accessing a modem, making network connections or accessing the address book. View screenshot.

GFI MailSecurity is bundled with Norman Virus Control and BitDefender. Norman Virus Control is an industrial strength virus engine that has received the 100% Virus Bulletin award 32 times running. It also has ICSA and Checkmark certification. BitDefender is a very fast and flexible virus engine that excels in the number of formats it can recognize and scan. BitDefender is ICSA certified and has won the 100% Virus Bulletin award and the European Information Technologies Prize 2002. GFI MailSecurity automatically checks and updates the Norman Virus Control and BitDefender definition files as they become available. The GFI MailSecurity price includes updates for one year. View screenshot.

To achieve even greater security, users can add the Kaspersky, McAfee and/or AVG anti-virus engines as a third, fourth or fifth anti-virus engine or as a replacement to one of the other engines. Kaspersky Anti-Virus is ICSA-certified and is well known for the unsurpassed depth of its object scanning, the high rate at which new virus signatures are released and its unique heuristic technology that effectively neutralizes unknown viruses. The McAfee virus engine is particularly strong at detecting non-virus attacks such as rogue ActiveX controls. With 15 years of experience in the anti-virus industry, GRISOFT employs some of world's leading experts in anti-virus software, specifically in the areas of virus analysis and detection. Click here for pricing!

The advent of HTML email has made it possible for hackers/virus writers to trigger commands by embedding them in HTML email. GFI MailSecurity checks for script code in the email message body and disables these commands before sending the "cleaned" HTML email to the recipient. GFI MailSecurity is the only product to protect you from potentially malicious HTML email using a GFI patented process, safeguarding you from HTML viruses and attacks launched via HTML email.

GFI's Email Exploit Engine builds on GFI's leading research on email exploits, and safeguards you from future email viruses and attacks that use known application or operating system exploits. For example, GFI MailSecurity would have protected you against the Nimda and Klez viruses when they first emerged without needing any updates, because these viruses use known exploits. GFI SecurityLabs regularly finds new email exploits, and these are automatically downloaded by GFI MailSecurity. GFI MailSecurity is the only email security product to detect email exploits. View screenshot.

GFI MailSecurity's Trojan & Executable Scanner can recognize malicious files including spyware and adware. GFI MailSecurity can also detect spyware transmitted by email via the Kaspersky virus engine (optional) which incorporates a dedicated spyware and adware definition file that has an extensive database of known spyware, trojans and adware.

GFI MailSecurity's attachment checking rules enable administrators to quarantine attachments based on user and file type. For example, all executable attachments can be quarantined for administrator review before they are distributed to the user. GFI MailSecurity can also scan for information leaks, for example, an employee emailing a database. You can also choose to delete attachments like .mp3 or .mpg files. View screenshot.

Using GFI MailSecurity's powerful content policies rules engine, you can configure rule sets based on user and keywords that allow you to quarantine potentially dangerous content for administrator approval. In this way, GFI MailSecurity can also scan for offensive content.

• Multiply the value of GFI MailSecurity with powerful reporting
• Custom quarantine filters
• Enable easy quarantine folder monitoring through RSS feeds
• Web-based configuration – enables remote management from any location
• Approve/reject quarantined email using the moderator client, email client or web-based moderator
• Searching within quarantined emails
• Automatic quarantining of Microsoft Office documents with macros
• Detects attachment extension hiding & renaming
• User-based, flexible rules configuration
• Scans embedded emails
• Lexical analysis.