|
Why use both VS API and SMTP gateway modes?
GFI MailSecurity is the only email content security package to support both an SMTP gateway mode and a VS API mode. For optimum security, we recommend deploying both. This is because both operating modes have unique capabilities that enable you to ensure better security for your network and mail server:
In SMTP gateway mode, GFI MailSecurity checks all inbound and outbound mail before this reaches your mail server. For GFI MailSecurity to do this, you must install it in front of your mail server (or on the Exchange Server if you have Exchange 2000/2003). In VS API mode, GFI MailSecurity is installed on your Exchange 2000/2003 Server and checks inbound, outbound AND internal mail, using the Microsoft VS API interface.
If possible, you should deploy both versions. For administration and performance reasons, it is better to perform the more complex and time-intensive checks at the gateway level. If you were to apply those rules to internal mail, you would end up having to moderate a lot of mail. However, the VS API mode should still be deployed on the Exchange Server, in order to stop a virus outbreak spreading (that could have entered the network via floppy, CD, Web or notebook) or in order to monitor and/or stop internal users using email exploits to siphon off data. You can also use it to prevent unauthorized users from sending executable attachments, which they might use to gain information from users who have more rights on the network.
About GFI MailSecurity SMTP gateway mode
If you wish to install GFI MailSecurity at the perimeter of your network, or if you do not have Microsoft Exchange 2000/2003, you must install GFI MailSecurity in SMTP gateway mode.
In SMTP gateway mode, GFI MailSecurity checks all inbound and outbound mail before this reaches your mail server. To do this, GFI MailSecurity must be the first to receive all mails destined for your mail server and it must the last ?stop? for outbound mail, i.e., mails destined for the Internet. For this to happen, GFI MailSecurity must act as a gateway for all email. This set-up is also known as "Smart host" or "Mail relay" server. Effectively, GFI MailSecurity will act as a mail relay server.
GFI MailSecurity VS API Exchange 2000/2003 mode
If you have Microsoft Exchange 2000/2003, GFI MailSecurity can integrate with Exchange 2000/2003 via the new Microsoft Virus Scanning API (VS API).
What is VS API (Exchange Virus Scanning API ) and why use it?
Exchange 2000/2003 provides a new virus scanning API that is implemented at a very low-level in the Exchange store. This allows a virus scanning application to run with high performance and guarantees that the message will be scanned before any client can access a message or attachment. This low-level access facilitates the elimination of viruses such as the Melissa virus.
In addition, VS API reduces scalability issues that can arise when a particular server has a large number of users/mailboxes. VS API's real-time scan allows messages and attachments to be scanned once before delivery, rather than multiple times determined by the number of mailboxes the message is delivered to. This single-instance scanning also helps prevent messages from being rescanned when a message is copied.
Limitations of using the VS API Exchange 2000/2003 mode
Although VS API is a recommended way to perform content checking and anti-virus on Exchange 2000/2003, there are a number of limitations that you should be aware of as a system administrator:
1. The Virus Scanning API only scans information stores. That means that if you have installed GFI MailSecurity for Exchange 2000/2003 on a front-end server, for example, no mail will be scanned, because mail is not being stored on the front-end server. In this case, you need to use GFI MailSecurity in SMTP gateway mode.
2. You need to be more careful with applying attachment rules since these might affect internal traffic; attachment rules that are too stringent can result in too much quarantined mail. Also, MAPI applications running on Exchange might be using .vbs or .exe files.
|
