PineApp US (Ashcom Solutions)
: Includes a firewall and a mail server.
: No policy management at the individual user or group level, and the management interface could be more intuitive.
: A good anti-spam appliance that also handles viruses and other dangerous content well.
PineApp's Mail-SeCure is an appliance with models ranging from home user to enterprise network. We tested the 2040, a mid-range model aimed at SMEs that comes in a slim, rack-mountable case, includes a firewall and has three Ethernet ports (internal, external, and DMZ). Their unit is configured via a web interface.
It is SMTP based, but can collect mail by POP3 from external ISP mailboxes by using a POP3 transparent proxy or by using the Mail retriever feature, and can act as a mail server to allow POP3 collection by local users, who may alternatively use a webmail interface instead of POP3. It has anti-relaying protection and also provides resistance to denial-of-service and mail bombing attacks. It provides content control for web traffic, both http and ftp.
Anti-virus is by F-Secure's virus-scanning engine, which can be updated on a regular schedule. Viruses are deleted by default, but you can quarantine them (just like spam).
The anti-spam engine uses heuristic tests on mail headers and body text, Bayesian filtering, external databases of spam signatures and realtime blackhole lists (RBLs). Content control blocks attachments by file type. Outgoing messages can be "parked" and sent when the network is less busy. Disclaimers can be added to outgoing mail automatically. Mail-SeCure can strip out html scripts, and it can scan inside archive files and block encrypted archive files.
Management and configuration may be done remotely via a web-browser interface and, although you can limit by IP address the workstations that can access the management interface, there is no time-out once you are logged on to the unit. The only way to log off is to close the browser window (due to change in the next version).
Quarantine management is easy, and adding released messages to the whitelist takes one click. Users? and groups? privileges and policies cannot be managed individually, but this, along with LDAP support and checking for inappropriate email content, is due in version 3.0.