Try GFI Today! Free Trial!

GFI - Security and Messaging Software.GFI MailSecurity

Antivirus and email security software for Exchange Server

GFI MailSecurity

Sorry, This software has been discontinued.



Server-based email security with up to five virus scanners

The ever-increasing range of email-borne viruses and malware has outdated any products that use merely a single antivirus engine to scan inbound email as they simply cannot provide sufficient protection. That is why GFI MailSecurity™, our popular email security solution for small to medium-sized businesses (SMBs), provides multiple layers of security and up to five antivirus engines to protect your email server.

Multiple antivirus engines Antivirus Engines

Reduce the average time to obtain virus signatures which combat the latest threats, take advantage of greater strength

and virtually eliminate the chances of an infection.

Trojan and Executable Scanner Trojan and Executable Scanner

GFI MailSecurity’s unique scanner detects malicious executables without the need for virus updates.

Exploit engine Exploit engine

The product’s Email Exploit Engine and HTML Sanitizer block email exploits and disable any malicious scripts.

Granular filtering Granular Filtering

Using its powerful content policy rules engine, you can configure policy rules based on user and keywords.

Highly competitive price Highly competitive price

GFI MailSecurity offers an excellent package at a very affordable price. GFI MailSecurityReportPack™, a rich-featured reporting companion that offers an easy-to-see understanding of your email security patterns is also included in the price.

Compatibility Compatibility

Supports industry-leading messaging platforms such as Microsoft Exchange and Lotus Domino.

What's new in GFI MailSecurity™ 2011?

GFI MailSecurity 2011 now offers the following new features and improvements:

Norman AV Sandbox: It is well-known that the best way to detect the most recent malware, for which definitions have yet to be released, is to run it in a sandbox. GFI MailSecurity 2011 now features Norman Sandbox, a technology which uses an emulated environment to analyze the behavior of suspicious files in cases where signature-based analysis falls short.

AVG LinkScanner: For those using the optional AVG antivirus engine with GFI MailSecurity, this new scanning technology analyzes hyperlinks in email bodies to determine whether they point to malicious content. Additionally, AVG LinkScanner can also be configured to scan the links’ destination pages.

Full scans of internal emails: GFI MailSecurity 2011 now performs full scanning for internal emails. For example, attachment-filtering rules can now be applied to internal emails, in addition to inbound and/or outbound emails.

Dashboard: GFI MailSecurity 2011 has a dashboard that gives access to various counters and important logs, giving the administrator total control of the email scanning system.

Reduced size of antivirus updates: The latest version of GFI MailSecurity provides compact antivirus updates that take less time to download and install, and consume less bandwidth; GFI MailSecurity 2011 is therefore able to protect against the latest threats sooner.

HTML sanitizer exclusion list: Legitimate emails which are automatically generated run the risk of their HTML tags and HTML forms being disabled by the GFI MailSecurity HTML Sanitizer. The exclusion list featured in the new 2011 version allows emails from approved senders to bypass HTML Sanitizer scanning. 

Attachment checking improvements: The administrator can now configure the solution to block certain attachments only if they exceed a specific size. For example, if an email contains an attachment which infringes an attachment-filtering rule, a copy of the email can be delivered to the recipient without that attachment; the original email can be either deleted or quarantined in full.

Note: GFI MailSecurity 2011 does not install on Windows 2000 and Microsoft Exchange 2000.

GFI MailSecurity™ - ReportPack

The GFI MailSecurity ReportPack is a feature rich reporting companion that adds-on free to GFI MailSecurity. We will let you to see the number of email security threats blocked as well as help you to plan hardware upgrades to the email server based on the email traffic patterns extracted from the graphic reports.

The GFI MailSecurity ReportPack offers several default and customizable reports including:

  • Viruses blocked
  • Inbound email traffic
  • Outbound email traffic
  • Total inbound and outbound email traffic
  • >Processed emails
  • Blocked emails
  • And more

The GFI MailSecurity ReportPack adds on to the GFI MailSecurity software.

NOTE: This ReportPack integrates fully with GFI ReportCenter™.

Sample reports

Executive reports:

Emails blocked per month
Emails processed per month
Viruses blocked per month
Email traffic per month
Inbound email traffic per week day
Outbound email traffic per week day
Total inbound and outbound email traffic per week day
Emails processed and blocked per month.

Administrative reports:

Emails blocked per 4 hours
Emails processed per 4 hours
Emails processed and blocked per 4 hours
Emails processed and blocked per day
Emails processed and blocked per week
Emails processed and blocked per month.


Top Features

Virus checking with multiple scanning engines

GFI MailSecurity uses multiple antivirus engines to scan inbound email.

Using multiple scanners drastically reduces the average time required to obtain the latest virus signature, enabling a faster response to combat the latest threats. Each antivirus software engine has a different response time to each new virus, depending on where the virus was discovered, and other factors. By using multiple antivirus engines, GFI MailSecurity gives you a much better chance of having the right defense, at the right moment, to combat the latest attack. Since each engine has its own heuristics and detection methods, each one brings its own strength to your email environment for detecting a particular virus and its variants. Multiple antivirus engines, as provided by GFI MailSecurity, mean better virus protection.

Scan for trojans and malicious executables Trojan & Executable Scanner configuration

The GFI MailSecurity Trojan and Executable scanner detects unknown malicious executables by analyzing what an executable does.

A trojan (or malicious executable) is software that enters the victim’s computer undetected, granting an attacker unrestricted access to the data stored there. The Trojan and Executable Scanner takes the approach of using built-in intelligence to rate an executable's risk level. It does this by disassembling the executable, detecting in real time what it might do and comparing its actions to a database of malicious actions. The scanner then quarantines any executables that perform suspicious activities, such as accessing a modem, making network connections or accessing the address book.

Norman virus control and BitDefender included GFI MailSecurity supports multiple virus engines

GFI MailSecurity is bundled with Norman Virus Control and BitDefender.

Norman Virus Control is an industrial strength antivirus engine that has received the 100% Virus Bulletin award over 30 times running. BitDefender is a very fast and flexible award-winning antivirus engine that can recognize and scan a strikingly wide range of formats. GFI MailSecurity automatically checks and updates the Norman Virus Control and BitDefender definition files as they become available. The GFI MailSecurity price includes updates for one year.

Kaspersky, McAfee and AVG (optional) GFI MailSecurity supports multiple virus engines

To achieve even greater security, you can add the Kaspersky, McAfee and/or AVG antivirus engines as a third, fourth or fifth antivirus.

Kaspersky Antivirus is ICSA-certified and is well known for the depth of its object scanning; for the high rate at which new virus signatures are released; and for its unique heuristic technology effectively neutralizing unknown viruses. Another engine, McAfee, is particularly strong at detecting non-virus attacks such as rogue ActiveX controls. You can also get AVG from GRISOFT. With 15 years of experience in the antivirus industry, GRISOFT employs various experts in antivirus software, specifically in the areas of virus analysis and detection.

Norman Sandbox and AVG Link scanning for enhanced malware detection

Combating new malware is a major challenge for administrators.

One of the best ways to detect the most recent malware, for which definitions have yet to be released, is to run it in a Sandbox. GFI MailSecurity features Norman Sandbox, a technology which makes use of an emulated environment to analyze the behavior of suspicious files in cases where signature-based analysis falls short. Additionally, for those also using the optional AVG antivirus, GFI MailSecurity uses the AVG LinkScanner to analyze hyperlinks in email bodies to determine whether they point to malicious content. The AVG LinkScanner can also be configured to scan the links’ destination pages.

Automatic removal of HTML scripts

The advent of HTML email has made it possible for hackers and virus attackers to trigger commands by embedding them in the HTML.

GFI MailSecurity checks for script code in the body of an email message disabling these commands before sending the cleaned email on. GFI MailSecurity protects you from malicious HTML email using our patented process, safeguarding you from HTML viruses and attacks launched via HTML email.

Email exploit detection engine Exploit engine blocks  emails containing OS application exploits

GFI's Email Exploit Engine builds on our cutting-edge research into email exploits, safeguarding you from any email virus or attack that uses known application or operating system exploits.

For example, GFI MailSecurity would have protected you against the Nimda and Klez viruses when they first emerged, without requiring an antivirus update, because they used known exploits.

Spyware detection

GFI MailSecurity's Trojan and Executable Scanner can recognize malicious files including spyware and adware.

GFI MailSecurity can also detect spyware transmitted by email with the Kaspersky antivirus engine (optional) which incorporates a dedicated spyware and adware definition file that has an extensive database of known spyware, trojans and adware.

Attachment checking

GFI MailSecurity's attachment checking rules enable administrators to quarantine attachments based on user and file type.

For example, all executable attachments can be quarantined for administrator review before they are distributed to the user. GFI MailSecurity will scan for information leaks such as an employee emailing a database. You can also choose to delete attachments like .mp3 or .mpg files. The administrator can configure GFI MailSecurity to block certain attachments only if they exceed a specific size and to strip suspicious attachments from the email before sending it to the user.


GFI MailSecurity has a dashboard that gives access to various counters and important logs, giving the administrator total control of the email scanning system, resulting in improved product manageability.

Multiply the value of GFI MailSecurity with powerful reporting User interface

The GFI MailSecurity ReportPack™ is a rich-featured reporting companion to GFI MailSecurity.

From trend reports for management (ROI) to daily drill-down reports for technical staff, the GFI MailSecurity ReportPack provides you with a comprehensive and easy-to-view understanding of your security patterns. Full automation and custom scheduling provide install-it-and-forget-it-functionality. The GFI MailSecurity ReportPack offers several default and customizable reports that can be prepared on an hourly, daily, weekly or monthly basis including:

  • Viruses blocked
  • Inbound email traffic
  • Outbound email traffic
  • Total inbound and outbound email traffic
  • Processed emails
  • Blocked emails
  • And more
Granular user-based email content policy enforcement

Using GFI MailSecurity's powerful content policy rules engine, you can configure for policy rules based on user and keywords.

We not only help you to quarantine potentially dangerous material for administrator approval, but also help you to scan for offensive content.

Custom quarantine filters

GFI MailSecurity enables you to configure a series of search folders (similar to MS Outlook) within the ‘Quarantine Store’, permitting you to manage quarantined emails better and faster.

For example, you can set up a folder for emails that were quarantined by virus checking and another for emails quarantined by attachment checking for a particular user, thus allowing you to prioritize. For example, it may be more important in your environment to examine the attachment checking folder first, allowing you to quickly approve and forward those emails that are appropriate.

Easy quarantine folder monitoring through RSS feeds

GFI MailSecurity takes advantage of the power of RSS (Really Simple Syndication) feeds to simplify your work as an administrator in keeping an eye on your email quarantine store.

Through RSS feeds, you will be informed of all new quarantined objects, eliminating the need to log onto the quarantine store to check for new updates manually.

Web-based configuration for remote management

Our web-based configuration allows you to configure and monitor the product as well as to manage quarantined emails remotely from any computer with a browser. That means that you can monitor and manage GFI MailSecurity from anywhere in the world.

Dispatch quarantined email using powerful moderator interface

GFI MailSecurity provides several options for moderating quarantined email.

The web-based moderator allows you to approve and reject emails from anywhere on your network. We will also forward quarantined emails to an email address of your choosing, enabling you to use a public folder to distribute the work of accepting and rejecting email to multiple administrators.

Search inside of quarantined emails

GFI MailSecurity lets you conduct searches within quarantined email in a number of useful ways.

For example, you can search among in or outbound email to or from a particular user. Searches can be carried out based on sender, recipient, the reason for quarantine and more, freeing the administrator from the tedious task of sifting through a folder full of email, one-by-one.

Full threat reporting for quarantined emails

When an email is quarantined, GFI MailSecurity gives a full report detailing all threats identified per email.

Server-based anti-spam

GFI MailSecurity's companion product, GFI MailEssentials for Exchange/SMTP offers spam protection at server level, eliminating the need to install and update anti-spam software on each desktop.

GFI MailEssentials includes a number of effective tools to virtually eliminate spam from your network. It also provides disclaimers, Internet email reporting, server-based auto replies and POP3 downloading. GFI MailEssentials integrates seamlessly with GFI MailSecurity and both can be purchased separately or as a bundle in the GFI MailDefense Suite.

Support for virtual environments

Organizations that are currently using or plan to use virtualization on their network can still install and use a range of GFI products with confidence.

GFI MailSecurity supports and runs on the most common virtualization technologies in use, namely VMware, Microsoft Virtual Server and Microsoft Hyper-V.


Other features:
  • Full scanning of internal emails
  • Automatic quarantining of Microsoft Office documents with macros
  • Detects attachment extension hiding and renaming
  • User-based, flexible rules configuration
  • Scans embedded emails
  • Lexical analysis


PDF File
Download the GFI MailSecurity Data Sheet (PDF).