GFI MailEssentials 12

July 21, 2008 · 20 comments

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

We first became aware of GFI back in the summer of 2003 when it was at version 8 and 9 was in beta-2 release. We eventually went production on version 9. Our environment uses Microsoft Exchange Front-End servers pointing to the Internet and back-end servers behind our firewall. In this “gateway mode”, the GFI product sits on the front-end servers and keeps SPAM away from our back-end servers which the users connect to. The product is highly configurable and allowed us to prioritize the different modules in execution rank. It is extremely easy to use and configure.

Upgrade Process

All version upgrades were very quick and painless. We went from versions 8 through 12 and kept the product updated with every released build. During the upgrades, the product actually uninstalls the older version (except for your configuration data) and then installs the new version. Unfortunately, it does not remember the answers to your previous installation questions and therefore asks them again. If you make a mistake (for example, on Active Directory integration), it can throw the entire install into trouble and you will most likely have to clear out all of the directories, registry values and start again. This is very frustrating, because the product does not warn you about any inconsistencies, but you will see parts of the UI change after installation that gives you a clue.

Accuracy

From the beginning, we were very impressed with GFI and our accurracy was well beyone 99.99% with respect to false positives and less than 2% of SPAM made it to our users. Our incoming mail went from about 30,000 messages/day to over 400,000/day and we did not degrade in those numbers until we hit version 12.

Pages: 1 2 3 4

Article by Steve Van Domelen

Steve has written 47 awesome articles.

2 Pingbacks/Trackbacks

  • david

    Makes you wonder how they could win any awards… Of course, we all know that these evaluations rarely envolve real production, upgrades and real support cases.

    GFI MailEssentials wins Editor’s Choice Award 2008 – GFI MailEssentials has won the Editor’s Choice Award 2008 from Communications Week magazine. The magazine (pg 32 of the 18 February 2008 issue) said that the product “is the perfect way for a company to manage spam with detection and quarantine capabilities that is rock solid”.
    – Communications Week, February 2008

    GFI MailEssentials wins Global Product Excellence Award – GFI has been awarded the Global Product Excellence Award for GFI MailEssentials in the anti-spam category. The awards, organized by Infosecurity Products Guide, recognize and honor excellence in all areas of information security. GFI beat off stiff competition from McAfee, PineApp Corp., St. Bernard Software and Engate Technology Group.
    – Infosecurity Products Guide, January 2008

  • Pingback: Just A Word (or two) From Steve » Ninja Blade()

  • Hi,

    I wanted to start of by saying that I work for GFI as a senior technical support supervisor for the EMEA region. I was reading your interesting blog on GFI MailEssentials and thought of posting some comments which would help clarify some of the points that you mentioned.

    I was struck by the fact that you did not consider using the Auto-Whitelist. This is the best way to identify legitimate emails. We normally recommend the use of the autowhitelist, which would allow the configuration of the other modules to be stricter. You should also check your emails with an email-anti-virus solution such as GFI MailSecurity.

    On a similar topic, you opted not to use the Keyword whitelist. Our recommendation is to insert keywords which are used only within your business or within your company. For example, you may want to insert the names of your products in the keyword whitelist. Spammers will never send emails which make use of such keywords.

    As you may have noticed, I did give a lot of importance to the whitelist functionality. This is because most of the times you would rather receive a spam email every now and then rather than having your anti-spam solution block or delay that email with the deal of the month.

    I would also like to comment on the use of the blacklists. As explained in http://www.spamhaus.org/zen/index.lasso, zen.spamhaus.org includes all the the Spamhaus DNS Blacklists. Therefore, there is no need to use sbl-xbl.spamhaus.org in your case.

    As regards the Bayesian problem, the Bayesian filter needs to be trained using both HAM and SPAM emails. Could it be that HAM emails were used to teach the bayesian filters about SPAM emails? This will cause legitimate emails to be blocked. There are various knowledgebase articles on the GFI knowledgebase (http://kbase.gfi.com) which explains how to tweak the Bayesian filter which I am sure my colleagues have already forwarded on.

    Here at GFI, each member of the tech support has his own test environment which he uses to test simple queries. Having said that, not all issues which are reported are reproduced on the test environment, and when this occurs, we would need to request more information in order to troubleshoot further the problem. The troubleshooting files allows us to gather as much information on the system without needing us to ask many questions.

    I would also like to mention that when techs are on vacation the cases they are dealing with get re-assigned to other techs. We try to answer all queries received on the phone, however this may not always be possible especially when the issue needs to be escalated.

    I have left my email address in my comment and would be more than happy to continue the discussion offline.

    Nicholas Sciberras
    Senior Technical Support Supervisor – GFI Software – http://www.gfi.com
    Messaging, Content Security & Network Security Software

  • steve

    Nicholas,

    Thank your for the comments and contributing to the discussion. You raise some good points about the product and another product that I did not mention in our environment.

    First, we do use GFI MailSecurity 10 along side GFI MailEssentials 12 in our environment. The two products work very well together. I have not yet written about that product, but I will soon as it plays a role in our security infrastructure.

    We did consider auto-whitelist as I mentioned in the original post, but our issue is not with the product, but with users. They will respond to SPAM, if they get it, and say, “no thanks” or “take me off your list”. BAM! That address is whitelisted now and everyone pays a price. It also takes processing time and it must be culled and maintained. Relying on users to do the right thing is not practical in my opinion. We have to protect them — even from themselves.

    I see your point about the keyword whitelist, and it is possible that it can be used effectively to assist in some environments. Our many samplings of SPAM and false-positive messages did not show that this would be effective in our environment. Now, we see a lot of “directed” SPAM where the senders use technical terms and business-savvy words to get users to open up the SPAM. I don’t want to give them an open-door opportunity. I feel the same way about keyword blocking being too generic.

    I appreciate the info on the DNS blacklists. Keeping these to a minimum will improve mail throughput performance and I will implement your recommendations as the product is still in production at our company.

    As far as Bayesian is concerned, I will leave that for an offline discussion since it has a long history and detailed case notes within GFI technical support.

  • Ребят, так все-таки это действенный метод или нет?

  • I found more here if anyone’s interested

  • I found more here if anyone’s interested

  • Прикольно

  • steve

    anabarmaliese – Sorry for the late response — I just now got around to translating your question. In my opinion, this product is not a valid or acceptable product to be used in a corporate or ISP environment any more. There are better products for enterprises (see my article on Symantec 8300) and personal products for small groups or organizations.

  • Интересно 🙂

  • Интересно

  • Прикольно

  • Интересная статья

  • Интересно

  • Хороший сайт

  • Мне понравилось

  • Интересно, есть над чем подумать.

  • Довольно интересно, спасибо.

  • Интересная статья

  • Pingback: Anonymous()

Next post: