GFI MailDefense Suite Software

Comprehensive anti-virus, anti-spam and anti-phishing protection for SMBs
GFI has packaged its two leading email products – GFI MailEssentials and GFI MailSecurity – into a single downloadable suite, allowing you to install either or both of these market leading products as well as saving nearly 30% when purchasing the suite. The GFI MailDefense Suite is available here.

Features: GFI MailEssentials – Anti-spam, anti-phishing and email management

GFI MailEssentials for Exchange/SMTP offers you an effective way to beat spammers at their game. With over 60 awards to its name, 80,000 satisfied customers and the lowest prices on the market, GFI MailEssentials is an anti spam filter that captures over 99% of spam and, since it is server-based, it eliminates the need to install and update anti spam software on each desktop.

NEW! - SpamRazer: An additional anti-spam engine
The latest version of GFI MailEssentials includes a new, second anti-spam engine, SpamRazer, which provides a second layer of protection. It has been designed to be very simple to use and due to frequent updates, SpamRazer will require no tweaking or training for it to be fully effective whilst filtering the latest spam attacks such as NDR spam, CNN spam, MSNBC spam and many more. Not only will administrators benefit from out-of-the-box filtering but they will not need to tweak GFI MailEssentials each time a new attack is out. With SpamRazer filtering, IP reputation filtering, Bayesian and other advanced anti-spam technologies, the spam capture rate is well over 99%. GFI MailEssentials is the market-leader for reducing false positives thereby ensuring that good and important emails are not deleted.

NEW! - Precise real time dashboard
GFI MailEssentials also ships with a precise, real-time dashboard that gives administrators a graphical view of the software’s status and as well as the server’s email flow. Components shown on the dashboard are the status of key services provided by GFI MailEssentials, statistics of email flow and blocked spam and also POP2Exchange logging.

NEW! - Improved performance
GFI MailEssentials hooks into Exchange server at the SMTP protocol level and the Exchange server does not need to download all the email before the software can determine whether an email is spam or a genuine message. This feature saves bandwidth and processing power.

NEW! - Inbuilt spam reporting
Administrators can now use GFI MailEssential’s reporting function to send a daily report to the users within the organization that shows how many emails were received by that individual and how many emails are identified as spam and filtered. This snapshot of email traffic shows the end-user how effective the anti-spam engine is and that the bulk of spam sent to him or her was successfully captured. The report also gives a full list of those emails identified and filtered as spam.

IMPROVED! - Eliminate hard to catch NDR, MSNBC and CNN spam!
With spammers controlling tens of thousands of zombie machines, these large botnet armies have become one of the leading sources of spam. The Botnet/Zombie check in GFI MailEssentials eliminates hard to catch attachment spam such as image spam, PDF spam, Excel and ZIP spam. The attachment spam check filters this attachment spam quickly, efficiently and with a very low rate of false-positives. GFI MailEssentials uses two anti-spam filter engines and a variety of technologies such as Bayesian Filtering and IP reputation filtering to keep Non-Delivery Report (NDR), CNN spam, MSNBC spam and many more at bay.

Server-based anti-spam and anti-phishing
GFI MailEssentials is server-based and installs on the mail server or at the Gateway, eliminating the deployment and administration hassle of desktop-based anti-spam and anti-phishing products. Desktop-based software involves training your users to create anti-spam rule sets, and subsequently users have to spend time updating these rules. Besides, this system does not prevent your server message stores from filling up with spam.

Bayesian filtering technology
Bayesian filtering is widely acknowledged by leading experts and publications as the best way to catch spam. A Bayesian filter uses a mathematical approach based on known spam and ham (valid email). This gives it a tremendous advantage over other spam solutions that just check for keywords or rely on downloading signatures of known spam. GFI’s Bayesian filter uses an advanced mathematical formula and a dataset which is ‘custom-created’ for your installation: The spam data is continuously updated by GFI and is automatically downloaded by GFI MailEssentials, whereas the ham data is automatically collected from your own outbound mail. This means that the Bayesian filter is constantly learning new spam tricks, and spammers cannot circumvent the dataset used. This results in a 99+% spam detection rate, after the required two-week learning period. In short, Bayesian filtering has the following advantages:

• Looks at the whole spam message, not just keywords or known spam signatures
• Learns from your outbound email (ham) and therefore greatly reduces false positives
• Adapts itself over time by learning about new spam and new valid email
• Dataset is unique to your company, making it impossible to bypass Multilingual and international

Read more about Bayesian filtering in this GFI white paper.

Protect your users against the menace of phishing emails
GFI MailEssentials’ anti-phishing module detects and blocks threats posed by phishing emails by comparing the content of the scam with a constantly updated database of blacklisted mails, thereby ensuring all the latest phishing emails are captured. As extra protection, it also looks for typical phishing keywords in every email sent to your organization.

Sort spam to users' junk mail folders
GFI MailEssentials gives you the flexibility to choose what to do with spam. You can delete it, move it to a folder, forward the spam mail to a public email address or folder, or send it to individual customizable folders (for example, a “junk mail” folder) in the end-users’ inboxes. This allows users to easily review mail that has been flagged as spam.

List server for newsletter lists and discussion lists
A list server is the best method for distributing company newsletters, since it automates the process of allowing users to subscribe and unsubscribe (required by anti-spam regulations). However, until now, list servers have been expensive and difficult to administer and they did not integrate with Exchange Server. GFI MailEssentials integrates with Exchange and can use Microsoft Access or Microsoft SQL Server as the backend. Both newsletter lists and discussion lists are supported.

Automatic whitelist management reduces false positives
Whitelists enable you to ensure that email from particular senders or domains are never flagged as spam, permitting more stringent anti-spam rules. GFI MailEssentials includes a patent-pending automatic whitelist management tool, which automatically adds outgoing mail recipients to your whitelist. This greatly reduces false positives, without any need for additional administration. Whitelists can also be built based on domain names, email addresses and keywords.

Instant view of emails from new senders
The New Senders feature provides users with an instant view of emails sent from people they never had previous contact with, thereby helping users to better organize emails in their email client. If an email is not found to be spam by the GFI MailEssentials anti-spam modules and is also not on the whitelist, then the New Senders module has the ability to move the email to a user's subfolder, for example, Inbox\NewSenders.

Reports on spam filtering and email usage
The database-driven reporting engine allows you to create advanced reports on your inbound and outbound email. You can report on the amount of spam filtered and on rules which caught most spam. You can also generate reports on user, domain and mail server usage.

Email monitoring
The email monitoring feature enables you to keep a central store of the email communications of a particular person or department. By configuring the email to be copied to an email address, all email can be stored in an Exchange or Outlook store, making searching for email or content easy.

Email archiving to a SQL database
GFI MailEssentials can archive all inbound and outbound mail to a Microsoft SQL Server database. You can search for a particular email or an entire email thread via the included web interface. Mail archiving is essential for back-up and search reasons. For a complete email archiving solution, please check out GFI MailArchiver for Exchange.

Other features:

• Allow users to whitelist or blacklist via public folders
• Email header analysis and keyword checking
• Third party DNS blacklists (DNSBL) checking
• Support for multiple third party SURBL servers
• Automatic whitelist management reduces false positives
• Instant view of emails from new senders
• Eliminates directory harvesting
• Support for SPF – the Sender Policy Framework

Features: GFI MailSecurity – Email anti-virus, content policies, exploit detection and anti-trojan

With over 30,000 customers and the best price on the market, GFI MailSecurity acts as an email firewall protecting you from email viruses, exploits and threats, as well as email attacks targeted at your organization. GFI MailSecurity uses up to five anti-virus engines and ships with state-of-the-art content management policies to prevent data leakage.

Virus checking with multiple virus scanning engines
GFI MailSecurity uses multiple virus scanners to scan inbound email. Using multiple scanners drastically reduces the average time to obtain virus signatures which combat the latest threats, and therefore greatly reduces the chances of an infection. The reason for this is that a single anti-virus company can never ALWAYS be the quickest to respond. For each outbreak, anti-virus companies have varying response times to a virus, depending on where the virus was discovered, etc. By using multiple anti-virus engines, you have a much better chance of having at least one of your anti-virus engines up-to-date and able to protect against the latest virus. In addition, since each engine has its own heuristics and methods, one anti-virus engine is likely to be better at detecting a particular virus and its variants, while another anti-virus engine would be stronger at detecting a different virus. Overall, more anti-virus engines means better protection. View screenshot.

Scan against trojans and executables
The GFI MailSecurity Trojan & Executable Scanner detects unknown malicious executables (for example, trojans) by analyzing what an executable does. Trojans are dangerous as they can enter a victim’s computer undetected, granting an attacker unrestricted access to the data stored on that computer. Anti-virus software will NOT catch unknown trojans because it is signature-based. The Trojan & Executable Scanner takes a different approach by using built-in intelligence to rate an executable's risk level. It does this by disassembling the executable, detecting in real time what it might do, and comparing its actions to a database of malicious actions. The scanner then quarantines any executables that perform suspicious activities, such as accessing a modem, making network connections or accessing the address book. View screenshot.

Norman Virus Control & BitDefender virus engines are included
GFI MailSecurity is bundled with Norman Virus Control and BitDefender. Norman Virus Control is an industrial strength anti-virus engine that has received the 100% Virus Bulletin award 32 times running. It also has ICSA and Checkmark certification. BitDefender is a very fast and flexible anti-virus engine that excels in the number of formats it can recognize and scan. BitDefender is ICSA certified and has won the 100% Virus Bulletin award and the European Information Technologies Prize 2002. GFI MailSecurity automatically checks and updates the Norman Virus Control and BitDefender definition files as they become available. The GFI MailSecurity price includes updates for one year. View screenshot.

Kaspersky, McAfee and AVG virus engines (optional)
To achieve even greater security, users can add the Kaspersky, McAfee and/or AVG anti-virus engines as a third, fourth or fifth anti-virus engine or as a replacement to one of the other engines. Kaspersky Anti-Virus is ICSA-certified and is well known for the unsurpassed depth of its object scanning, the high rate at which new virus signatures are released and its unique heuristic technology that effectively neutralizes unknown viruses. The McAfee anti-virus engine is particularly strong at detecting non-virus attacks such as rogue ActiveX controls. With 15 years of experience in the anti-virus industry, GRISOFT employs some of world's leading experts in anti-virus software, specifically in the areas of virus analysis and detection.

Automatic removal of HTML scripts
The advent of HTML email has made it possible for hackers/virus writers to trigger commands by embedding them in HTML email. GFI MailSecurity checks for script code in the email message body and disables these commands before sending the "cleaned" HTML email to the recipient. GFI MailSecurity is the only product to protect you from potentially malicious HTML email using a GFI patented process, safeguarding you from HTML viruses and attacks launched via HTML email.

Email exploit detection engine
GFI's Email Exploit Engine builds on GFI's leading research on email exploits, and safeguards you from future email viruses and attacks that use known application or operating system exploits. For example, GFI MailSecurity would have protected you against the Nimda and Klez viruses when they first emerged without needing any updates, because these viruses use known exploits. GFI SecurityLabs regularly finds new email exploits, and these are automatically downloaded by GFI MailSecurity. GFI MailSecurity is the only email security product to detect email exploits. View screenshot.

Spyware detection
GFI MailSecurity's Trojan & Executable Scanner can recognize malicious files including spyware and adware. GFI MailSecurity can also detect spyware transmitted by email with the Kaspersky anti-virus engine (optional) which incorporates a dedicated spyware and adware definition file that has an extensive database of known spyware, trojans and adware.

Attachment checking
GGFI MailSecurity's attachment checking rules enable administrators to quarantine attachments based on user and file type. For example, all executable attachments can be quarantined for administrator review before they are distributed to the user. GFI MailSecurity can also scan for information leaks, for example, an employee emailing a database. You can also choose to delete attachments like .mp3 or .mpg files. View screenshot.

Granular user-based email content policies/filtering
Using GFI MailSecurity's powerful content policies rules engine, you can configure rule sets based on user and keywords that allow you to quarantine potentially dangerous content for administrator approval. In this way, GFI MailSecurity can also scan for offensive content.

Other features:

• Multiply the value of GFI MailSecurity with powerful reporting
• Custom quarantine filters
• Enable easy quarantine folder monitoring through RSS feeds
• Web-based configuration – enables remote management from any location
• Approve/reject quarantined email using the moderator client, email client or web-based moderator
• Searching within quarantined emails
• Automatic quarantining of Microsoft Office documents with macros
• Detects attachment extension hiding & renaming
• User-based, flexible rules configuration
• Scans embedded emails
• Lexical analysis

Screenshots:
(click to enlarge)

GFI MailDefense Suite:

Centralized console for GFI mail products management

Pre-requisites checks for successful installation

Uninstall of GFI mail products directly from console

GFI MailEssentials:

GFI MailEssentials configuration

GFI MailEssentials dashboard – status tab

GFI MailEssentials dashboard – statistics tab

Extensive options to deal with spam

GFI MailSecurity:

GFI MailSecurity configuration

Configure attachment checking

Configure what to do with mails that contain certain content

Creating Quarantine Search Folders

Centralized console for GFI mail products management

Configure attachment checking

Exploit engine quarantines emails with OS application exploits

Trojan & Executable Scanner configuration