Antispam gateways

Associate
Joined
14 Dec 2011
Posts
374
Our current provider is no longer fit for purpose, so I was wonder what other people are using and whether they are happy (including their clients). Any recommendations as I was looking at the Comodo offering?
 
Soldato
Joined
12 Jan 2006
Posts
5,610
Location
UK
Currently using MS and seems to be working ok, but it still lets the odd phishing email past. But then it's down to user education.

Currently going to give the Sophos appliance on top to add another layer.


As a side note is anyone finding a massive increase in spam this past month? At the moment we are stopping around 280 malware hits a week. We do have a lot of email addresses advertised on various websites but there's nothing we can do about that.
 
Caporegime
Joined
18 Oct 2002
Posts
26,053
I think you're on a losing battle if you're looking to filtering to dump phishing attempts. It takes very little effort for somebody to register a domain and a cheap VPS, get SPF and DKIM all sorted so the emails are delivered reliably, and then hit you with a generic "hey log in here to reset your account details" message. The filtering on G Suite (Google Apps) is incredibly good - that advantage no doubt comes from being able to analyse the email and spam reporting from 1 billion+ Gmail users, but it's a real pain to try and use that as a separate service (RIP Postini).

We get complaints from people when emails from "Name of Manager" <[email protected]> asking for bank transfers to be made to certain accounts get through the spam filter - it's very difficult to explain that that's not really a spam message. The only way to deal with it is either to have content policies that bin anything with a bank account number in, at which point you cripple the ability of your accounts team to get work done, or you have a rule that marks all external email in an obnoxious way. User education is probably the best way to tackle this stuff.

I wouldn't recommend chaining filtering solutions together as it tends to do really weird things for the ones that aren't being hit by the junk mail.
 
Soldato
Joined
12 Jan 2006
Posts
5,610
Location
UK
Ach yeah I know it's hard to 100% stop phishing so if one does slip into the system most users do know to bin it, but there's always one.

Yeah we had a good few of them about 6 months ago, even went as far as reporting a few to the police who said they can't do a thing until money is transferred. Some of the accounts the spammers wanted the money sent to were banks in England so I shocked they didn't look into it.
 
Associate
Joined
25 Jul 2012
Posts
1,272
We use Mimecast, which is brilliant. The impersonation protection alone is worth it (we receive a lot of emails to directories with "send me payment" etc).
 
Soldato
Joined
24 Sep 2015
Posts
3,657
We use Mimecast too. We jumped ship from MessageLabs about 6 years ago and ended up with a better service at less cost and escaped the horrors of Symantec.

I'd recommend Mimecast but will admit that their support is not great and they've been known to take their eye off the ball on the more basic anti spam by focussing on new shiny stuff.
 
Caporegime
Joined
18 Oct 2002
Posts
26,053
Mimecast's support has gone down the toilet in the last 3-ish years. Fortunately the documentation is alright.
 
Soldato
Joined
24 Sep 2015
Posts
3,657
It has never been what I would class as good but it has really down down hill in the last 18 months. Looking back in the minutes of account review meetings with them I've mentioned support issues pretty much every time. I was with them a few weeks ago and they were really pleased about Mimecaster Central, their user community. Great, so you're not going to fix your support issues, you're going to get your customer base to do it for you?

Support aside I'm a Mimecast fan.
 
Associate
Joined
13 Oct 2009
Posts
238
Location
Cumbria
I was going to try Messagelabs, but it would have been 4 times the price of my next option. That option was AppRiver SecureTide and it's worked well for what I needed to block at the time (backscatter). It lets through the odd bit of spam, but the support has been good when I've needed it.

I also use Trend Micro Hosted Email Security for the simpler requirements as it's free with the anti-virus license (if you have Worry Free Advanced, i.e. on-premise Exchange protection). It's better than their on-premise software, but the support is very, very bad. Their support were repeating previous questions just to reset the SLA clock and you only ever get to contact 1st line. I had to move away from them in one instance.
 
Last edited:
Soldato
Joined
13 Mar 2007
Posts
13,444
Location
South Yorkshire
Webroot have started to push their antispam hard the last few month. Looked good from the demo we had but the pricing didn't work for us (small firm who look after small clients)
 
Soldato
Joined
26 Sep 2007
Posts
4,137
Location
Newcastle
2nd vote for ProofPoint. They're constantly adding new features and detection/spam prevention methods which is nice. Support is quite on the ball too, UK support is via a reseller and then if they need to they can escalate to the US team.
 
Soldato
Joined
18 Oct 2002
Posts
12,645
I was going to try Messagelabs, but it would have been 4 times the price of my next option.

I'm going to say this as someone who's been a customer of theirs for years (and years) in various organisations, but to a reasonable extent you pay your money and take your chances.

With Messagelabs you're getting a product backed by a huge multinational based out of the US. Call me old fashioned but I don't like using some of the 'wow this looks great and its so cheap' providers as they have potentially questionable backgrounds.

I'm not calling the US or their multinationals perfect, and I know they have support tiers and supply chains globally, but I think it's probably a lesser of many evils.
 
Soldato
Joined
24 Sep 2015
Posts
3,657
Symantec ruin everything they touch so I wouldn't be rushing to move to anything they offer to be honest

Agreed. We actively move away when Symantec acquire a company. Brightmail, Netbackup and MessageLabs are the names that immediately spring to mind.

We had been MessageLabs customers pretty much since day 1 when it was started by Star. There's some history between my company and Star which meant that Mimecast saw getting oru business as quite a coup.
 
Associate
Joined
3 Jan 2003
Posts
341
Location
Gibraltar
We moved away from Symantec Mail Security & Barracuda to FortiMail. So far it's worked very well, but perhaps not the most polished interface.

Had good experiences with Proofpoint and Cisco IronPort.
 
Soldato
Joined
9 Dec 2007
Posts
10,492
Location
Hants
We get complaints from people when emails from "Name of Manager" <[email protected]> asking for bank transfers to be made to certain accounts get through the spam filter - it's very difficult to explain that that's not really a spam message. The only way to deal with it is either to have content policies that bin anything with a bank account number in, at which point you cripple the ability of your accounts team to get work done, or you have a rule that marks all external email in an obnoxious way. User education is probably the best way to tackle this stuff.

More and more are turning on DLP options and refusing to accept account and payment details over email. Most see it as a step forward rather than hampering.
 
Back
Top Bottom