Test Center: E-mail security services square off
From spam-busting to content management, we test the limits of hosted e-mail security offerings from AppRiver, MessageLabs, Microsoft, MX Logic, SECNAP, and Trend MicroFollow @infoworld
Second, some odd default rules in the anti-spam policies can produce false positives. For example, RFC standards forbid using eight-bit subject lines in headers. Thus, if a message's subject line contains even a single eight-bit figure, such as foreign symbols, the registered character, or the trademark character, the message ends up in quarantine -- even if there's nothing else odd about it. This can be defeated, but only if you know what to look for -- and there's no obvious reason to change a setting called "header checks disabled."
Third, there were some disparities between the "apparently from" domain and the actual sender. For example, a message may appear to be from firstname.lastname@example.org, but the actual sender is email@example.com. (This is common practice for bulk e-mailers.) However, there's no way for the user to see or whitelist the actual sender, and whitelisting the "apparently from" sender doesn't let messages through.
Finally, when the high number of false positives continued to be an issue, I disabled Sender Policy Framework checking (SPF is a standard intended to help identify illegitimate e-mail). Not only were a lot of legitimate marketing messages still being stopped, but there were a number of critical false positives afterwards as well.
To SECNAP's credit, admins are provided with a high degree of granularity. You can assign limited rights to a lower-level admin to look up, release and query e-mail records, set default domain policies, and whitelist and blacklist messages. You can also permit users to log on and look at their e-mail logs, reports (screenshot), and quarantine (if enabled), set their own policies, and whitelist and blacklist messages.
The service also offers multidomain support. You can create different administrator accounts and policies for different domains (company1.com, company2.com, etc.) Additionally, companies can set up virtual domains ending with ".net," ".info," ."corp," and the like, even if their "real" domain is ".com." Thus, messages sent to firstname.lastname@example.org or email@example.com will still go to the intended recipient at firstname.lastname@example.org. All policies would be created on the real domain.
Pricing for SECNAP is very reasonable at $1 per user per month for 1,000 users. However, despite the service's reasonable cost, as well as its nice multidomain support and good administrative features, the ongoing problems I experienced with false positives make it difficult to recommend SECNAP to organizations where users need to be able to receive much bulk e-mail.