A new weapon designed to block spam and filter e-mail content for small- to medium-sized enterprises (SMEs) was unveiled recently by Ottawa-based Nemx Software Inc.
Built to work with Microsoft Corp.’s Exchange 5.5 and 2000 editions, the SecurExchange – SBS (small business servers) edition combines the functionality of two existing Nemx products: the SecurExchange antivirus tool and Power Tools v3.3 Internet Edition. Nemx also released new versions, v3.3 of their Power Tools products – both the Internet and Advanced Editions.
“What we’ve developed is technology that works right on the Exchange server, so there’s no reconfiguration and performance isn’t compromised because as the message comes into Exchange we get it in its raw form,” said John Young, president of Nemx. He said some companies run their e-mail through a proxy server that separates the spam from legitimate messages; with Nemx’s products that isn’t necessary.
The Advanced Edition differs from the Internal Edition in that it can scan internal mail, whereas the Internet Edition and the SecurExchange-SBS Edition cannot.
However, all three scan e-mail at the address, content and header levels to minimize spam coming into users’ inboxes. SecurExchange-SBS Edition has an antivirus component, but an antivirus engine from Norman Data Defense can be purchased for the Power Tools products as an add-on. The enhancement is called Concept Scanning.
“Concept Scanning goes to the next step [in content scanning], trying to understand what the concept of the message is about,” Young said. “For instance, the message is trying to sell you something and it’s about a prescription drug and there is a Web site and phone number to contact for additional information. Based on these concepts being found within the message, then it’s considered junk mail and some action can be invoked on that message.”
The content manager allows the IT administrator to define rules to monitor the body text component of outgoing and incoming e-mail for violations in corporate policy, security policy and privacy laws.
If the content manager is triggered, the message can be deleted, placed in a folder or forwarded to an administrator for scrutiny.
If users running Exchange 2000 select the delete option, spam can be deleted in the first couple of bytes of information transfer. Young said that by deleting messages early on in the transfer, the user could prevent bottlenecks by saving bandwidth.
The spam blocker uses header recognition and Reverse-BlackList (RBL) database look up. RBLs contain the IP address of hosts or known hosts or spammers who are sending mail. As a result, Power Tools and SecurExchange can block these IP addresses.
Henry Renz, corporate network security analyst at the Corporate Information Technology Directorate at Western Economic Diversification in Edmonton, is
a two-month-long user of Power Tools Internet Edition. He said that he does not use the RBL database option to scan for spam because it does not allow him to include users at an opt-in level.