Email spam and malware are serious problems in the business world. IT management of anti-spam systems—not to mention the productivity lost by inadvertently blocking an important message—comes with a significant price tag.
Given the cost and irritation surrounding spam and malware, the market is seeing an ever-growing number of options for dealing with the problem, ranging from hosted solutions in the cloud to software on the mail server. Sendio’s E-mail Security Platform (ESP) falls somewhere between those options: It's an appliance that sits on your network in front of your mail servers, protecting them from both spam and malware. The Sendio ESP 360 works on the premise of creating a trusted community of recognized mail contacts. The result, according to Sendio, is zero false positives.
The system doesn’t scan content but rather verifies senders. It scans outbound mail for malware and captures details of the receiver, constantly adding those trusted people to the senders' personal mail community. The theory is that you no longer have to maintain complex filters because processing is based on the sender's identity. The system sends unknown senders a challenge query, and—if they respond correctly—adds them to the trusted community.
Setup
The system is reasonably easy to install and configure, and the supplied documentation is excellent. You simply slot the unit into a 1U rack space, attach a monitor and keyboard, and power it up. Initial configuration is keyboard-based, from a clunky Linux GUI on the device console. You must set IP addresses, check for updates, set zone/time sync, and verify that services are running correctly and that the various available communication methods are possible.
After setting up the basics, you open the web-based interface to set up directory sync, which is flexible and worked flawlessly in my test Active Directory (AD) environment. You then jump back to the Linux interface for a few more tasks, and finally finish off the setup process in the browser interface. Both interfaces are fairly unattractive, and I'm not sure why so much configuration has to be performed from the Linux box's keyboard.
You need to ensure that you import a list of contacts into the device; administrators can import these as global contacts from a Customer Relationship Management (CRM) system, and end users can use their Microsoft Outlook contacts. If you fail to do this, all your trusted partners and clients will get challenged the first time they send you mail! This process could be challenging for many users who aren't accustomed to importing and exporting from Outlook. Another challenge would simply be gathering a full contacts list. Mine, for example. doesn't contain half the people I mail to. Outlook 2010 has a useful Suggested Contacts feature that assembles a massive list of people that you've mailed to. However Outlook 2010 is only in beta right now, so users whose mail clients don’t have a similar feature will find this step difficult.
Summary |
I tested the Sendio ESP 360 for two weeks, and it successfully ridded my system of all spam. However, it also captured a lot of non-spam mail. There is a significant period required to train the system about the mail you want (e.g., newletters and notifications) which you do by releasing them from your quarentine queue.
The GUI leaves a lot to be desired. It allows no scrolling through its long quarantine list, and certain actions require an inordinate number of clicks. For example, when I double-clicked to review a message and found it to be legitimate, I wanted to be able to simply click Accept. However, I had to go back to the main list, select a check box, then navigate a drop-down list before I could accept that message. Another GUI irritation is that there's no immediately discernable way to search the bodies of messages in the quarantine area—only the subject and sender.
A final key criticism: It seems to be impossible to change the challenge message that the product sends to un-trusted senders without calling Sendio support. And the message is natively available only in English and Spanish.
Willing and Able
If you're willing to put in the effort of collating and then importing global and personal contacts, Sendio ESP will absolutely make your Inbox cleaner. Equally, you'll need to keep a close eye on the notification messages about your quarantine queue and spend a long time in the web GUI at least for the first few weeks. At that point, after the system builds up a good concept of your contacts and the bulk mail you want, it really does stop spam. Overall, if you’re happy challenging un-trusted senders, and your users can put up with the interface (which is clearly due for an upgrade), the Sendio ESP is a great way of stopping spam.
