Sendmail Inc.s Mailstream Manager 2.0, with its ability to scan for viruses and spam, provides a flexible way for companies to do broad content filtering as well as ensure basic e-mail security.
Mailstream Manager 2.0, which began shipping earlier this month, costs $7 per user. In eWEEK Labs tests, Mailstream Manager 2.0 provided a flexible way to manage e-mail security. Version 2.0 had a tough act to follow: The first version of the product, Mailstream Content Manager 1.0, topped the E-Mail Management & Security category in this years eWEEK Excellence Awards.
At its core, Mailstream Manager 2.0 functions as an MTA (mail transfer agent), but it can also work with Sendmail Switch. With an open-source Sendmail-based MTA, Mailstream Manager 2.0 can perform back-end processing for policy management.
Including anti-virus and anti-spam engines on the same system can simplify messaging management tasks and can consolidate everything in one box for smaller companies, but Mailstream Manager 2.0s real strength is as a low-cost solution for enforcing e-mail policies. With policy management, Mailstream Manager 2.0 doesnt have the exception-handling capability found in Orchestria Corp.s Active Policy Management, but Mailstream Manager 2.0 did let us build relatively complex rules to identify and process messages automatically. For example, we could build a rule that searched messages and attachments for confidential clauses and, if offending messages were destined for external recipients, blocked the messages and notified the senders of the policy violation.
Mailstream Manager 2.0s policy management interface lets administrators build out the whole policy, including creating multiple conditions and actions, on a single screen. This will accelerate the process of building rules to address real-time threats before definitions are available.
Although we could build a policy based on messages matching any or all conditions, Mailstream Manager 2.0 doesnt have a simple way to create exceptions to prevent a message from being flagged by a policy. Instead, we need to build more complex rules manually, to create exception lists. Despite this, we could build out policies based on a complex set of criteria using a broad range of preconfigured options.
Mailstream Manager 2.0 does many of the things we would expect: It scans and identifies content in archives as well as nested content in an attachment, such as a Microsoft Corp. Excel spreadsheet embedded in a Microsoft Word document.
Most business users wont be able to build out policies, however, because policies that use expressions to identify content, such as Social Security numbers, require an understanding of Perl. We found we could build out a policy with three triggers and three actions in about 15 minutes, provided we had it well documented before starting. Mailstream Manager 2.0 has good list-management tools to speed up the process of building a policy.
Administrators have a good set of options for processing messages that can automate much of the workflow around managing messages that violate policy, such as forwarding, dropping and quarantining messages. For example, we could create a set of rules that would prevent a message from being delivered while forwarding a copy to a supervisor, appending a log file and informing the sender of the policy violation.
Mailstream Manager 2.0 has quarantine folders, where administrators and auditors can view and release messages. Mailstream Manager 2.0 lacks an integrated reporting tool. Instead, companies will have to rely on third-party reporting tools to generate and distribute reports.
For more information, go to www.sendmail.com.
When considering an e-mail policy-compliance tool, look for a flexible rules engine and strong audit and reporting tools.
- What services does the vendor offer to help create policies based on existing processes and data? Knowing what standards are in place for identifying confidential data makes it much easier to build policies for document security.
- Does the product support multilevel auditing and escalation? Ensuring that front-line auditors fulfill their responsibilities and that policy violations are escalated through management are key ways to prove processes exist to fix problems.
- Where does the policy engine intercept e-mail traffic? Intercepting e-mail before it reaches the message store on the e-mail server keeps policy-violating e-mail out of the archive and prevents it from being sent, thus keeping miscreant e-mail from being swept up during discovery.
- What messaging platforms are supported? A single solution that addresses both e-mail and IM can simplify auditing and discovery. Look for systems that can also work with e-mail archives.
Source: eWEEK Reporting
Check out eWEEK.coms for more on IM and other collaboration technologies.