Product Details
Product Rating
Blackspider MailControl
Corpex Armourplate
EPA
Frontbridge
INSL SpheriQ
intY MailDefender
NetIntelligence MailFilter
With its flexibility, filtering efficiency and great set of features, our Best Buy goes to Frontbridge. Blackspider's Mail Control, with its excellent management, fully deserves its Recommended award, while we also recommend INSL's SpheriQ for its useful combination of filtering features and good reporting.
Email services (2005)
Fed up with the likes of spam and viruses disrupting your email? Jon Tullett delves into the world of email managed services to help relieve this headache
Email managed services are a tempting way to deal with email threats. Viruses, spam and content policies can be put beyond the perimeter, off-loading the bandwidth consumption and server overhead to a third party.
As a term, "managed service" is in fact a bit misleading. Very few of the services really provide a fully managed product. They offer excellent filtering tools and off-load the email hosting load, but it is usually assumed that customers will tweak the service to their liking – configuring users, building up whitelists and blacklists, handling the quarantine, and so on.
In fact, it was quite a surprise when one service (EPA) did not allow for much configuration at all, and we felt strangely cramped until it sank in that this is what a managed service should be all about. And EPA had the highest out-of-the-box detection rate of any on test, so there was little we would have changed even if we could.
To test the services, we registered a test domain and created a small network with incoming and outgoing mail servers running Linux (Fedore Core 3), and a Linux workstation hosting incoming user accounts from where we also tested the administration interfaces. We used a combination of a static mailspool with a mix of spam, valid mail and malformed messages, as well as a honey-pot feed of live spam.
To test each service, we simply updated our DNS MX (mail exchange) for the domain to point incoming email to the service provider and let the spam run through. We checked for filter success primarily against the live spam, since many services use signatures to detect spam attacks, and anything older than a couple of days will reduce the effectiveness. The bulk mail spool was used to check filter rules, scoring, reporting and performance.
In most cases, provisioning was extremely simple. We gave the vendors basic data about our network, and most had us up and running within a day. This is one of the key advantages of using a managed service: you can go live extremely fast, and if you choose a service with a "test mode", it is easy to roll out and check what the impact would be, without running any risk of false positives or lost mail.
The ease of deployment also means that it is very easy to move from one provider to another, and while most want an annual service contract, this is unlike some managed IT services where customers can find de-tangling themselves from a failed project very difficult.
In the administration interfaces, we were looking for a few important elements. First was presentation: administrators need to be able to configure the basics with a minimum of fuss, and reporting data must be readily available. More complex options should be available, but should not overwhelm the interface. The ability to handle multiple domains and handle users in logical groups which may need different policies was also important.
On the whole, we were pleased with the results. All the services we had seen before demonstrated improvements in their mail handling and flexibility. False-positives were less of a problem than with previous tests, although we like the idea of using the managed service as a first line of defense, keeping the "chunks" out of the network, and then performing more fine-grained junk-mail filtering on local servers or even user desktops.
Some problems were common across most of the services. Loading remote HTML components in email is a bad idea at a time when we have seen critical threats from iframe exploits and limited threats from images. Most services' quarantines happily displayed remote elements: we would much prefer them to be disabled or replaced with placeholders, with perhaps a link to view the original format. For this reason (and as our test did include HTML malware), we did not use Internet Explorer to test management interfaces, but used the more secure Firefox browser.
All things considered, we like managed email services a lot. Whether for a large company looking to off-load filtering overhead, or a small company needing a cost- effective way to tackle email threats without upfront investment, we think most organizations could stand to gain from using one.
