Test Center: E-mail security services square off
From spam-busting to content management, we test the limits of hosted e-mail security offerings from AppRiver, MessageLabs, Microsoft, MX Logic, SECNAP, and Trend MicroFollow @infoworld
Both the admin interface (screenshot) and user interface are clean and easy to use, with drop-down boxes rather than text boxes for specific entries. The administrator can copy messages, bounce them, add an identifier to the subject line, delete, forward, allow, or hold (quarantine) spam. The service allows admins to set policies for individual users, but not the creation of groups.
The Web console used for setup and maintenance does have one annoying feature: If you leave it open, it times out after a short while. When you click on a link, you don't get a message saying the console has timed out, nor do you get a log-in box. You just get a message: "Login Failed: Username not found."
Pricing for SecureTide starts at $1.50 per mailbox per month and includes 24/7 U.S.-based support. The first month is free. Emergency E-mail Service (EMS) provides a backup e-mail server, either POP3/IMAP or Exchange Hosted Service on demand if your on-site server fails, for an extra 50 cents per user per month.
MessageLabs E-mail Anti-Spam and Anti-Virus Services
The MessageLabs service had the best performance in my testing, catching 97 percent of incoming spam with only eight false positives and zero critical false positives. It also boasts a stellar feature set, including anti-virus, control over images received, excellent administrative controls, a self-service portal, superior auditing tools, and the best LDAP synchronization software of the test. All of this comes at a price: The service runs $2.16 per user per month at 1,000 users, a little more expensive than the others in the roundup. Notably, MessageLabs was acquired by Symantec during the course of this test, though the brand will be retained and the service will remain the same.
Setting up the MessageLabs service is generally quite straightforward. The Active Directory/LDAP synchronization software works easily without requiring IT to open a hole in the firewall or export files to a comma-delimited format. However, the log-in creates a random user name, not username@domain or anything memorable. In my case, it was MED8559, and neither IE nor Firefox recognized or remembered the log-in. The unalterable password policy is also incredibly irritating: Passwords must contain capitals, lowercase, numbers, and symbols, which makes them difficult to type and nearly impossible to remember. Thus, many users will either write down log-ins and passwords on yellow stickies or call IT because they've forgotten them.
These unalterable security measures are annoying, especially in contrast to the service's policy engine, which is flexible in every way. Admins (screenshot) can, for instance, devise policies and settings by time of day, group, user, and more.
In addition to best-of-class anti-spam performance (see test results), MessageLabs offers a porn detection capability, scanning images for "excessive" bare skin, number of people, and such.