Clearswift MIMEsweeper for SMTP 5 review
There’s no denying large companies need an anti-spam and email-filtering system to maintain productivity and acceptable use policies. But the big question is whether to go for software or an all-in-one appliance. The latter can be a lot swifter to implement but this generally comes with a price penalty, making Clearswift’s MIMEsweeper for SMTP (CMS) software look particularly good value.
Designed to provide full message routing, relaying and content security, CMS comprises several components that can be installed on a single system or spread over multiple systems to improve performance. The central component is the policy server, which Clearswift recommends should be located on your firewall’s DMZ port. The management, reporting, audit database and web server modules can be located on the same system or placed in the LAN on other machines.
Installation is the least impressive part of CMS. This is mainly due to the number of prerequisites, although the process is very well automated as it checks for each component and offers to install most of them. The policy editor runs as an MMC snap-in and kicks off with an initial Policy Wizard offering three predefined security levels to get you started. To filter email, CMS policies use a combination of classifications, scenarios and actions. System and exclusive classifications are applied strictly in the order they appear in the list, so at the top you may want to have virus checks followed by scans for objectionable content, attached executables and so on, although note you’ll need to supply your own anti-virus software. You can add your own classifications and move them up and down the priority list. Incoming or outgoing mail only has to fail one system or exclusive classification for it to be rejected, after which a wide range of actions can be applied.
Most enterprises will want to apply different security policies to their various departments, handled by CMS scenarios. Incoming mail, for example, is handled by the top-level scenario and then passed on down a hierarchy of scenario folders based on the route it takes to reach the recipient. This way you can apply different policies depending on the message route. As with classifications, you also have exclusive and inclusive scenarios, and priority is determined by their position in the list. Anti-spam measures are applied using an exclusive scenario that compares the email to the CMS spam database. Thresholds are used to determine spam possibilities and you can tag suspect messages, delete them or move them to quarantine or parking areas.
The web-based CMS Manager provides a wealth of information about mail-related activity. You can keep an eye on the status of CMS services and mail queues, view graphs of system health, and directly access the message parking and quarantine areas. Reporting facilities are good. You can swiftly interrogate the audit database to call up top senders and recipients, see daily, weekly and monthly averages, and detailed traffic analysis.
CMS is offering an impressive enterprise-level content-filtering solution that can be customised to suit a wide range of requirements. Although we’ve found many appliances much easier to install and configure, the P800 from Proofpoint is the only such device that comes close to competing at this low price point.