Hexamail Guard

Hexamail Guard
Antispam Server Software

Features

Hexamail Guard provides the most comprehensive set of antispam, antiphishing and antivirus features of any server based email gateway software. This provides effective elimination of email threats before they penetrate your organization and allows you to decide on the techniques that are best suited to your email system.

Many SPAM blockers simply rely on central "finger print" files or lists of IP addresses to block. Often this approach fails to pervent initial outbreaks of new types of SPAM or SPAM from new sources. Hexamail employs additional powerful content inspection techniques that read the actual email, ensuring even SPAM from new IP addresses, or of an entirely new nature is blocked. You can enable Bayesian analysis, DNS based blocklists, keywords and expression matching, sender blacklisting, whitelisting, challenge-response for blocked emails, email tagging, email deletion or any combination of the techniques you wish!

		Advanced Bayesian pattern matching
		Bayesian pattern matching is used to analyze the entire content of incoming email: this prevents the mistakes made by relying on single keywords or rules whilst ensuring the filters are robust to subtle changes in language, deliberate misspellings and tricks typical in SPAM. This allows Hexamail software to provide unrivalled accuracy and reliability when detecting SPAM.

		SPF Support
		SPF (Sender Policy Framework) checking is fully supported, allowing you to add SPF checking to your existing mailserver. SPF ensures that email is only accepted if it came from the servers designated by the sending domain's policy, where available. For domains that publish SPF records this means you can verify the sender is legitimately allowed to send email from the domain. In particular this can help reduce Phishing, where senders spoof email from another domain.

		DomainKeys support
		Domain Keys checks are performed on any Domain Keys signed email. This verifies the sender is allowed to send email from the domain specified. It also verifies that the email has not been tampered with or forged. In particular this can help reduce phishing, where senders spoof email from another domain.

		SURBL Support
		SURBL is an RBL designed to be used to block or tag spam based on URIs (usually their domain names) contained within the message body. It is not a conventional RBL in that it's not intended to block the source of spam messages. Instead, SURBL can be used to block spams based on their message content. http://www.surbl.org/

		Neural network sender matching technology
		Cutting-edge neural network technology is used to identify suspicious sender addresses with high accuracy and incredible performance. Neural sender matching enables high volumes of emails to be checked in the shortest possible time.

		Automatic Whitelists
		Hexamail provides support for multiple sender and recipient white lists. The white list can be imported, manually created or automatically created and kept up to date through analysis of outgoing email traffic. Domain whitelisting is also possible.

		Challenge Response
		With Hexamail Guard you can optionally enable Challenge-Response features to allow sender verification emails to be sent out. Senders can then verify themselves to have their email accepted and whitelist their address to allow all future emails to pass through unfiltered.

		Advanced Image Analysis
		Hexamail Guard not only analyses the text of emails but also any embedded images, using the structure of the images to determine whether an email is SPAM or not. Increasingly SPAM email consists entirely of images, and so this technique is essential for effective blocking.

		Content and Header checks
		Hexamail supports multiple sophisticated header, subject and content checks with configurable rules, keyword filtering and phrase matching lists that can be maintained by the administrator.

		POP3 Account downloading and SPAM filtering
		Hexamail can download all your user's POP3 accounts, strip out the SPAM and reroute the emails to their corporate mailbox or other email address.

		Anti phishing
		Hexamail features built in anti-phishing protection by recognizing spoofed emails, web links and requests for account details.

		Optional Antivirus
		If you don't already have an anti virus gateway solution for email processing you can add an Antivirus option to Hexamail Guard, allowing automatic processing of all suspect attachments and elimination of virus, worms, scripts and other malicious content. If you have an existing email antivirus system Hexamail Guard will inter operate with it.

		3rd Party DNS Blacklists
		Hexamail supports any third party DNS based blacklists (DNS BL or real time black hole lists). These databases can be used to block all email from known SPAM sending email servers and open relays. Choose what to do with matching IP addresses, Reject, BLock, Mark or Weight.

		URL DNS checking
		URLs contained in the content of email are checked against configurable DNS based databases of known SPAM hosts. Email is blocked if it contains URLs hosted on webservers known to belong to spammers.

		SPAM Quarantine
		SPAM detected by Hexamail can be stored in a quarantine for later review. The quarantine allows the administrator to quickly review and send on or delete large numbers of emails with a single click. A special viewing window allows the safe viewing of any suspect email without inadvertently triggering worms, virus or pop ups.

		Mark, delete or forward SPAM
		Mark SPAM subject lines, delete SPAM over a specified match confidence or forward to user's spam folder, public folder or any other email account.

		User SPAM review
		The administrator can optionally allow some or all users to review their own quarantined SPAM via a web based interface. Users are automatically alerted to new emails arriving in their quarantine and can empty their quarantine with a single click from the alert email. Alternatively they can login to a secure web interface to selectively delete SPAM email and accept legitimate emails.

		Customizable Web Intergace
		The web based interface is fully customizable through the built in HTML template manager and editor.

		Microsoft Exchange Integration
		Hexamail Guard integrates automatically and seamlessly with all versions of Exchange providing straightforward integration and easy administration. Hexamail can integate with Exchange 5.5, 2000, 2003, or 2007 either on the same machine as Exchange or on a separate server if required.

		Supports all SMTP servers
		Lotus Notes, NTMail, SL Mail, QMail, Exim, IMail, Lotus Domino 5, LSMTP, MailSite, MDaemon, MetaInfo, Sendmail, MS IMS/IIS, Netscape Messaging Server, NTMail, and Post.Office are all supported by Hexamail. Hexamail can be used in conjunction with any SMTP compatible mail server, allowing you the freedom to choose your email server now and in future.

		Unrivalled ease of use
		Hexamail is dedicated to changing the way business software works: making it easy and productive to use. This reduces configuration mistakes and saves you time and money.

		Server based anti-spam
		For a corporate anti-spam policy to be successful it must be enforced at the server level removing the need for client-side installs and end-user training. Not only does this ensure the most straightforward maintenance but also ensures the solution is as cost-effective as possible to deploy.

		Automatic Internet updates
		SPAM and virus adapt and change every day. Any system to detect and eliminate unsolicited email and virus must be kept up to date. Hexamail's software automatically updates itself over the Internet to ensure the latest SPAM and virus can be stopped.

		Active Directory Support
		Automatically syncs users with Active Directory and allows single sign-on for the web based quarantine

		LDAP Support
		Automatically syncs users with any LDAP server

		Remote management
		The easy to use sophisticated administration interface can be used on the same machine or from a remote workstation using a secure communications protocol.

Product Versions

Module	Hexamail Guard Basic	Hexamail Guard Pro
SPAM Blocker
Legitimizer
Blocker	*
Censor	*
Alerter	*
Responder	*
POP3 Reader
Router	*	*
Reports	*	*
Antivirus	*	*
Archiver	*	*

* - Optional module

SPAM Blocking

Hexamail Guard is anti-SPAM software that eliminates the cost, time and frustration your workers spend on unsolicited E-mail (junk/SPAM) by blocking the majority of SPAM emails before they ever reach the user. Using automatic built in heuristics combined with all the best known techniques such as pattern matching, connection restrictions, ORB, real-time black hole lists and any desired additional administrator controlled rules it offers the most comprehensive toolbox for effective SPAM blocking available. The combination of best of breed SPAM blocking techniques ensure almost all SPAM is stopped in its tracks, while the automatic analysis of outgoing email traffic ensures false positives are minimal. The SPAM filtering software is entirely under your control, with no privacy, security risks and no additional latency introduced into your email system as is the case with many hosted solutions.

A multi-layered spam filtering engine ensures that all types of spam can be effectively blocked. Click anywhere on the diagram for further information about the feature.

Effective	Unrivalled automated accuracy - genuinely > 99% elimination of undesired E-mail, with automatic whitelist generation from outgoing email analysis
Reliable	Only incoming E-mail from the Internet or POP3 accounts is filtered. Customer outbound and internal E-mail is not filtered.
Safe	Suspect E-mail messages are are quarantined or forwarded to an appropriate recipient
Control	You maintain control of your own email systems without having to rely on third party servers or services
Configurable	Unrivalled easy to use configuration interface
Easy	'Drop-In' installation with no changes to DNS or MX records required
Fast	Highly optimized natively compiled code ensures the highest performance filtering and no email latency
Secure	Add security options to your existing email infrastructure to prevent open relay, dictionary harvest attacks etc.

Automatic Whitelisting
Automatic white list generation from senders contacts and email message threads coupled with intelligent on-the-fly white list detection. This ensures legitimate senders email do not get blocked by the SPAM blocker
Challenge Response
Challenge-response features to allow senders to verify and have email automatically accepted and their address whitelisted
Grey listing
Temporarily fail connections from new IP, sender and recipient sets to effectively block spam software, and BotNets. Automatically whitelists your regular senders so that no delay is experienced for legitimate communications.
Honey Pot
Dynamic Adaptive Honeypot. The Honeypot uses spam sent to chosen honeypot addresses to automatically generate adaptive intelligent agents, known as "bees". These identify and block similar spam. This provides realtime protection against new spam types, sender IPs, and specifically image spam.
Bayesian Matching
Full Bayesian statistical pattern matching providing highly accurate (better than 99%) spam blocking with minimal false-positives (emails incorrectly marked as spam). Selectable pattern matching subcategories allowing bypass of pattern matching for specific types of spam, such as 'Money Making', 'Recruitment', 'Privacy', 'Competitions' etc. Multiple thresholds for pattern matching allowing marking, blocking or automatic deletion of identified spam. Email accepted or deleted from the quarantine is used to further the Bayesian matchign for future email.
White listing
Easy to use white list management facility allowing you to maintain lists of email addresses that you never want blocked. Users each have their own personal white lists and senders can be automatically whitelisted if a blocked email is released from the quarantine.
SPF Checks
Full SPF (Sender Policy Framework/Sender ID) support and failure blocking. Helps prevent phishing attacks
Domain Keys Checks
Full DomainKeys Identified Mail (DKIM) support and failure blocking. Helps prevent phishing attacks
URL Blocking
Full support for DNS-based URL checking of URLs within emails Built in SURBL support for DNS-based URL checking of URLs within emails
IP blocking
Block IP addressesfrom relay, sending inbound email. Whitelist IP addresses so that they are never blocked, or white list IPs for relay. Use DNS based databases to block known spam IP addresses
DNS Based Spam protection
Full support for multiple configurable DNS based spam protection databases. Dial-Up User Lists (DULs), Real time Black hole Lists (RBLs), Spamhaus SBL, XBL and Relay Spam Stoppers (RSS) are all supported! Override to allow receipt from known good sender addresses
Spam Quarantine
Spam quarantine with safe email viewer that doesn't trigger virus, worms, popups or other malicious code. The administrator can optionally allow users to review their own spam using a web-based quarantine view. Users and administrator can be automatically alerted when they have spam in the quarantine to review
Content Checks
Blocking based on strings, wildcards, word/phrase, regular expression matches in the email content or subject Configure different actions to perform for each expression matched.
Sender Blocking
Blocking based on strings, wildcards and phrase matches in the email sender address Elimination of emails with missing, undisclosed, invalid or suspect sender addresses Easy to use one-click sender blocking facility to allow direct blocks of unwanted newsletters or repeat offenders.
Country Blocking
Blocking based on country of client IP Address. This allows weighting, blocking or deletion of email originating from specified countries.
Image Analysis
Configurable automatic blocking of graphical or image-based emails. The system performs sophisticated checks on any attached or included images to identify image based spam and block it.
PDF attachment spam blocking
Hexamail automatically inspects PDF attachments for textual and image based spam and blocks if an attachment contains spam content
Automatic ZIP unpacking and content analysis
Hexamail automatically unpacks ZIP attachments, identifies malicious contained files and even reads the textual content to detect spam attachments
Header Checks
Configurable automatic blocking of emails with suspect MIME headers
NDR Spam Attack Prevention
Automatically block NDR Spam attacks by detecting NDRs from spoofed recipients, to false recipient addresses, or to nominated bad addresses.
Configurable automatic blocking of emails from suspect Mailer programs
Automatic text style and font analysis and blocking
Configurable automatic blocking of emails containing web bugs, inline framesets, popup windows etc.
Configurable automatic blocking of emails with dangerous or suspect attachments
Configurable automatic identification and blocking of emails with suspect recipient lists
Configurable automatic verification of replyto/sender
Configurable spam action options, including quarantine storage, subject line marking, forwarding, blocking and deletion

Legitimizer

Instead of having to laboriously enforce corporate signatures in every email client in your organization, Hexamail Guard allows you to configure a corporate signature once and have it automatically added to all outgoing email. This helps prevent additional network traffic from redundant signatures on internal emails and ensures you can be confident that every external email will contain the required signature.

Effective	Automatically identifies all emails with missing signatures and disclaimers
Reliable	Ensure every email has the appropriate company-wide signature/disclaimer/footer text present on leaving your organization
Configurable	Configure signatures for each domain served

Automatic fuzzy-detection of existing signatures
Automatic insertion of disclaimers and signatures if missing, for HTML and text emails
Optional individual signatures for each domain or sub-domain served
Use HTML or plain text disclaimers
Support for images in signature HTML

Blocker

In some instances it is desirable to prevent emails to or from certain sources or destination companies. For example, perhaps you wish to ensure that no emails from recruitment agencies or ex-employees reach your staff, or prevent all outgoing emails to a competitor. In other situations it is the contents of the email that requires blocking. This can often be outgoing or incoming offensive material, such as pornography, swearing, or other undesirable material. Blocking works in concert with alerting to ensure that emails can be systematically blocked, stored and a nominated party alerted to the incidence of the blocked email.

Protect	Protect your company's reputation from unauthorized emails going out to important customers
Secure	Secure your company from malicious emails from ex-employees
Alert	Alert your company to unauthorized distribution of information to external parties
Block	Block dangerous or forbidden attachments
Cleanse	Remove dangerous or forbidden attachments

Alert Admin when blocking emails
Alert admin if blocked email store reaches a configurable size
Allow return to sender of blocked emails
Configurable response to sender with optional blocking reason
Forward blocked emails to nominated account
Override block if containing specific content phrases or wildcards
Block if containing specific content phrases or wildcards
Block if missing specific content phrases, allowing a form of send password in the content
Configurable sender address white lists
Configurable sender address block lists
Configurable sender name block lists
Configurable recipient block lists
Block if too many recipients
Block undisclosed sender emails
Block undisclosed recipient emails
Block by white list of allowed IP
Block by disallowed IP
Block based on email size
Store blocked email for later inspection/archiving or resending
Blocked email store maintenance interface and send on options
Block if contains phrases or wildcards in the content
Block if contains phrases or wildcards in the subject line
Block if missing specific subject phrases, allowing a form of send password in the subject line
Block emails with attachments of specific types
Remove specific attachment types, e.g. worms, virus and other malicious types

Censoring

Loose talk costs money. A poor choice of words in an outgoing email with or without appropriate disclaimers can be a costly business today. Hexamail Guard allows the censoring or offensive or inappropriate words from all outgoing (and optionally incoming) emails, ensuring that your corporate voice is as clean and virtuous as your reputation.

Safe	Ensure all outgoing emails don't offend your customers and partners
Configurable	You control the obscenity lists
Flexible	Optionally turn off censoring for specific white listed users

Hiding of obscene/forbidden phrases/words/wildcards in the content
Hiding of obscene/forbidden phrases/words/wildcards in the subject line
Configurable hide string, e.g. ****** or !CENSORED!
Configurable white list of users address matches to bypass the censoring
Support for emails attached to emails
Configurable mark string to optionally alert recipient the email has been censored
Option to block obscene emails
Option to forward obscene emails to nominated address or the administrator
Censored emails stored for later archiving/forwarding/sending or removal
Automatic alert when censored store reaches configurable size

Alerter

Do you know what kind of information is leaving your company by email? While many organizations have strict physical security and diligent gatekeepers guarding against physical theft or unauthorized removal of materials, their electronic gatehouse is nonexistent. The alerter allows you to alert specified users to various types of email passing through the guard layer.

Standard rule types for common usage: Offensive Material, Potential Virus, Lengthy Discussion, etc. Entirely configurable rules engine allowing administrator controlled rules to trap almost any type of email. Virtually unlimited number of rules, and alert recipients. High-performance rules engine ensures low-latency filtering of email traffic both incoming and outgoing.

Responder

The responder allows automatic out-of-office responders to be set up for nominated email accounts. These responders include automatic scheduling to allow the responder to be set up in advance and engage/ disengage automatically on the required dates or schedule.

Router

Incoming emails can place a huge burden on the nominated recipient. Often several email addresses are provided publicly for information, questions and other telemarketing activities. More often than not emails arrive to all addresses about a diversity of subjects, with little relationship between the email address and the subject matter. For example, a company-wide email address such as mail@yourcompany.com will receive speculative employment queries, requests for information, invitations to tender, unsolicited junk mail, technical support questions etc. etc.

Having a single nominated recipient quickly results in the recipient becoming over-burdened with email. Studies show that having multiple recipients results in no one giving the incoming message stream the required attention.

The solution? Intelligently route each incoming mail based on the nature of the subject, content, and any attachment to the most suitable respondent recipient.

Routing uses rules concerning the subject line, contents, and previous message chain to ensure that the correct recipient is initially identified and then continues the correspondence when required.

Incoming emails are checked against a configurable routing list. Matching emails are then passed through a Bayesian language detection algorithm to determine the language the email is written with close to 100% accuracy. The email is then rerouted to a different address depending on the language it is written in.

Expedite	Ensure incoming emails go to the right person immediately
Automate	Automatically detect the language of incoming emails and reroute
Schedule	Schedule routes depending on the day of week or date

Bounce email by rules/phrases
Redirect email to another address
Automatic language detection and rerouting for each language
Support for Czech, Danish, Dutch, English, Finnish, French, German, Hungarian, Icelandic, Italian, Norwegian, Polish, Portuguese, Spanish, Swedish, and Turkish
Route email by rules
Route email by phrases and rules
Redirect group email
Route based on date
Route based on day and time of day

POP3 Reader

The POP3 reader module automatically downloads emails from any configured POP3 accounts on external servers, and reroutes the emails to any internal mailbox or other external email account.

Unify	Unify your users email into their corporate mailbox
Time-saving	SPAM filter all user's POP3 accounts, saving them time checking all of their email *(when used in conjunction with SPAM Blocker module)
Secure	Process all email for SPAM and Virus whether from external POP3 accounts or to internal mailboxes

Highly efficient multiplexing communications used to download from many POP3 accounts simultaneously
Individually configurable POP3 download schedules
Supports SSL POP3 servers
Download schedules as short as 1 minute permitted
Downloads only new emails for each user
Catch-all and individual accounts supported
Multi-domain catch-all accounts supported
Rerouting and readdressing options
Emails are routed through all processing modules, allowing for antivirus scanning, SPAM blocking, routing, alerting, responders and all other Hexamail features!
Retrieves messages from mailboxes located on any number of Internet Service Providers (ISP).
Check and download new messages as often as you require, with schedule interval resolution of 60 seconds.
Automatically delete, expire or retain the emails on your POP3 server
SSL POP3 fully supported, allowed secure retrieval of emails from SSL compliant POP3 servers.
Support secure logon with APOP (Authenticated Post Office Protocol).
Retrieves messages from more than one mailbox at the same time. This ensures that mailboxes with large volumes of email do not hold up processing of other mailboxes.
Allows forwarding of POP3 emails to any other address, mailbox or corporate email server.

Reports

The reports module provides fully-automatic scheduled reporting of any statistics.

The reporting engine employs sophisticated statistical gathering techniques to provide high-performance real-time information about your system. Publishing is into standard HTML format. Archived reports are stored compressed to save space and allow longer term archives to be retained.

Each report can be fully configured to your requirements
Scheduling allows report publication on any time period
Archiving of reports uses compression to minimize disk usage and allow for longer term archives
Standard HTML publication allows easy viewing and printing
Reports can be exported into standard HTML
Full-color graphs are used in the reports to ensure the clarity of vital information

Antivirus

The antivirus module automatically scans all incoming email attachments for virus, worms and trojans. If identified, the email can be marked so that the end user is aware of the infected content, blocked completely so that the end user cannot inadvertently execute a virus or a script, or the infected attachment can be removed and a comment added to the email to inform the user of the action taken. All processed emails can be optionally stored in a quarantine for later review, resend or deletion.

Protect	You can expect 100% detection of In-the-Wild viruses and Trojan horses.
Up to date	The Antivirus engine automatically updates itself at regular intervals
Alert	Alert your administrator or senders to virus in emails
Block	Block infected, dangerous, or forbidden attachments
Cleanse	Remove infected, dangerous, or forbidden attachments
Safe	Quarantine infected emails for later resend or deletion

The antivirus engine features outstanding detection abilities together with high performance. You can expect 100% detection of In-the-Wild viruses and Trojan horses. The kernel is certified by ICSA; it frequently takes part in the tests of Virus Bulletin magazine, often yielding the VB100 award.
Automatic updates are another key point in virus protection, both the virus database and the program itself can be updated automatically. The updates are incremental, and only new data is downloaded, thus ensuring updates are timely and efficient.
Allow alerts to senders of infected emails
Configurable response to sender with optional blocking reason

Archiver

Hexamail Archiver module provides is a centralized automatic email archiving solution. Highly efficient full-text indexing and compression algorithms ensure that the most scalable and high performance email archive is generated entirely automatically from all of your email. Hexamail's email archive software leverages state of the art indexing and compression technology to create the most compact and high performance index of email data. Inferior solutions often simply push emails to relational databases or worse, file systems. Such systems suffer from poor scalability, lengthy query/discovery times and extremely high storage requirements: often requiring more space for the archive than the original emails!

Compliance	Store 100% of your email in full original MIME format
Discovery	Use the live search facilities to allow users to access their old email
Scalable	Store many years of email in a single server
Compressed	Unique MIME compression algorithms ensure most compact storage
Full Text	Full text weighted queries provide relevant retrieval
Secure	Enable SSL archive web interface for maximum security

High speed archiving
Native high-performance C++ archiving code ensures that emails are archived and indexed in realtime. The unsurpassed performance allows the archive to be used live by end-users to retrieve old, deleted, or difficult to find emails from a web-interface.
Massively Scalable
Archiving of 100s of millions of emails in a single archiver is possible, allowing many years of emails to be archived on a single server or drive.
Low Storage Requirements
All email content (MIME) is retained compressed, allowing accurate records to be retained while minimizing storage. Emails are automatically deduplicated. Save costs of storages devices, upgrading servers and backup time and facilities.
Fulltext search
Full-text Bayesian weighted indexing automatically takes place on archiving. This allows your valuable resource of archived emails to be leveraged for knowledge management, auditing and discovery within your organization. Bayesian analysis leads to highly relevant results to searches.
Genuine Archiving
Some inferior archiving solutions simply push email content into a relational database. This can be costly in database licenses, slow to retrieve email and extremely demanding of disk space and other machine resources. Be sure to check the licensing implications and costs of such systems before purchase. Hexamail is a complete solution requiring no third party database licenses.
Secure
Archiving takes place on your servers, within your network. Sensitive emails need never leave your organization, eliminating trust, hacking, or security breach concerns typical of third party service based archive solutions providers.
Active Directory Integration
Active Directory integration allows automatic import of your users and restriction of their access to only their emails
SSL
Full secure SSL access to web based knowledge management, discovery and search interfaces.
Long term retention
Content can be retained for periods matching typical regulatory requirements such as Sarbanes Oxley, European Union ISP Communications Data retention, SEC Rules, NASD, HIPAA and Graham-Leach-Bliley Act.
Regulatory Adherence
Full MIME storage ensures your chosen email archive solution adheres to all regulations now and in future. Regulations such as Sarbanes-Oxley can be costly to implement, Hexamail Vault eliminates the cost for archiving email in a compliant way.
Backup
A unique index design allows email content to be backed up and removed from the live server to secure/offsite backup facilities. The fulltext index remembers which emails were in which backup files and allows fulltext search even over email removed from the server.
Automated Export
Automated export features allow all email matching specific complex criteria to be exported to directories or zip files for litigation or auditing purposes.
Fulltext Search
Full-text indexing automatically takes place on archiving. This allows your valuable resource of archived emails to be leveraged for knowledge management, auditing and discovery within your organization.
Live Access
Live-access allows your end-users to access the archive through a web-interface and retrieve email they may have deleted or lost in their inbox. This simultaneously ensure valuable knowledge is never lost from your organization, can be quickly retrieved, and users reduces user inbox storage requirements.
Historical Redelivery
Redelivery or historical email to selected recipients allows verbatim copies of emails to be retrieved and redelivered in a single click.
Report and Audit Generation
Users can run their own audit and generate folders or zip files of vital emails for meetings, storage offsite or presentation to management.
Configurable Access
Administrators can restrict access to discovery features to specific users or areas of discovery

intelligent email solutions