Sendmail Raises Bar on Integrated Mail Security

Sendmail Inc. is offering mail admins one-stop help in their never-ending battle to secure their mail systems from ever-broadening, complex attacks. Mailstream Manager sports an integrated console for anti-virus, anti-spam, anti-phishing, all controllable from a central console using a highly configurable XML-like scripting language to set security and filtering policies.

Tags: Manager, Mailstream Manager, Policy, Security, Open Source Sendmail, Policies, Message Processing,

Sendmail Inc. is offering mail admins one-stop help in their never-ending battle to make secure their mail systems from ever-broadening, complex attacks.

Mailstream Manager sports an integrated console for anti-virus, anti-spam, anti-phishing, all controllable from a central console using a highly configurable XML-like scripting language to set security and filtering policies.

Sendmail's Mailstream Manager is released as The Butler Group, a UK research firm, finds email attacks rising in scary numbers - in both volume and scope

  • More than 70% of all e-mail messages sent across the Internet can be classified as being spam, up from 30% a year earlier.

  • E-mail borne viruses are on the increase too, with 1 in 16 messages infected in 2004, compared to 1 in 33 during 2003.
  • Not surprisingly, for many email managers using Open Source sendmail, the prerogative is to improve their security and policy management options for sendmail - or move to a commercial alternative.

    Sendmail's Mailstream Manager Fortifies
    Security, Policy Email Management

    Dan Ellis, a network administrator for Fry Communications, turned to Sendmail, Inc. to secure his Open Source sendmail environment. Fry is a business printing services company in Mechanicsburg, Penn. Sendmail's Mailstream Manager aims to give Ellis and thousands of other Open Source sendmail MTA users a suite of technologies to help thwart mail attacks

    In specific, Mailstream Manager provides policy-based e-mail management framework for Open Source sendmail sports an integrated console for anti-virus, anti-spam, anti-phishing and other security features in an easy-to-customize console driven by Sendmail's XML-like scripting langauge, called XXL (eXtended eXpression Language), specially developed for message processing.

    In deployment, Mailstream Manager's rules framework/engine provides the Open Source sendmail MTA a needed "buffer zone" at a corporate email gateway.

    [A document that looks at Sendmail's Mailstream Manager features and architecture for Open Source sendmail MTA is available for free download here]

    Mailstream Manager's easy-to-configure browser-based GUI allows email admins to set, monitor and manage a wide array of external and internal email security policies, including:

  • Message Policy - used to filter messages based on very specific criteria
  • Message Copier Policy - used to send copies of messages to recipients other than the original addressee based on a set of pre-defined conditions.
  • Attachment Policy - used to process e-mail messages that contain attachments.
  • Recipient Policy - used to process messages based on the messages' recipients; and
  • Virus Policy - used to scan messages for viruses.
  • Spam Policy - used to scan messages for spam.

    While Mailstream Manager is a commercial product from Sendmail, Inc., the offering adopts many of the Open Source sendmail MTA principals by sporting an open, standards-based architecture that offers content management filters, Open API access functions, and even software libraries to enable SSL encryption, SASL authentication, LDAP directory lookups and SQL queries.

    Sendmail Mailstream Manager In-Use:
    Easy-to-Configure Mail Security

    The Butler Group's report also found that email admins said they need two types of solution for improving email security -- a full suite of security/governance protections and, just as importantly, as ease-of-configuration.

    "While IT departments and e-mail administrators are wrestling with spam and viruses coming into the organization through e-mail, corporate compliance officers and information security managers are grappling to control the content of e-mail leaving the organization," the Butler Group report said.

    "[So], tactical point-solutions for e-mail management are fast losing their appeal. Companies and organizations now require a new breed of e-mail management solution…that goes well beyond addressing existing security concerns to tackle a growing range of compliance and information security requirements," the report added.

    Fry's Ellis agreed, noting that Sendmail's Mailstream Manager combination of (a) a full suite of security offerings; and (b) an easy-to-customize UI was key to getting his attention.

    "Because Sendmail has engineered the front end to give me very deep access to all my users and policies, Mailstream Manager lets me create all sorts of complex policies - even based on an individual user or a specific time of day -- from a simple HTML interface," Fry's Ellis said "It's pretty amazing. There are so many options for creating policies that having all that information in pull down menus would be overwhelming. But they've used dynamic HTML is a very creative and effective way to hide all that complexity."

    In other words, because Mailstream Manager supports multiple levels of rules based on any combination of e-mail message characteristics, admins can define and enforce enterprise-wide rules and policies and even map message handling policies to specific business units - and individual users,

    As an example, Ellis points to the number of complex, customized email security policies his company has.

    "We don't allow password protected or encrypted documents to pass through the gateway because they can't be scanned for viruses. However, upper management has certain documents that want to pass through encrypted, so that could have been a challenge," Ellis told IDN.

    "But with [Mailstream Manager's] interface, it was very simple for me to add exceptions based on the envelope's recipients or sender without adding extra rules. I just added one little exception to the existing rules. When I was able to deploy this [solution] transparently using our existing knowledge and implement all our business rules without fork-lift upgrades or long periods of downtime management was pleased," he said.

    Mailstream Manager's XXL XML-styled scripting language for message processing was also a big plus for Ellis, he added.

    Sendmail's XXL is a framework for message processing in much the same way that SQL is an abstracted framework for databases. XXL supports the regular expressions of Perl to identify strings that match the pattern of a credit card, account number, social security number, or other sensitive data that needs to be filtered. "I was just thrilled that their regular expressions were in Perl 5. Because we have several people inside that already know Perl, it meant we had more staff that could work with Mailstream Manager."

    Bottom line, Ellis said the package of security solutions and GUI have helped him and his staff meet corporate requirements with Open Source sendmail - and avoid a long-pressed push to move to use 100% commercial email throughout the company.

    In Sendmail's Mailstream Manager, all policies are either "message acceptance" or "message processing" policies. To admins there can be a big difference in flexibility: Message Acceptance policies are applied before messages are accepted for processing by Mailstream Manager. Message Processing Policies are applied to messages after they are accepted by Mailstream Manager for processing.

    Notably, these Mailstream Manager security elements are controlled from a highly-configurable rules-based browser interface, which lets managers scan, filter, and process messages to meet virtually any business policy requirement. Adding a policy is straightforward: the administrator defines the policy stage (Message Acceptance or Message Processing), then selects the policy type, and finally fills out the form that contains the settings for the new policy. More than 20 different conditions are provided to build a policy, each of which can be tested in a variety of ways.

    Sendmail Mailstream Manager 2.0 is available now, and starts at $9,000.