Mirapoint’s Message Director MD450 exemplifies what administrators should expect in an appliance: a drop-in approach to installation, great ease of use, and performance comparable to the best in the field. Most organisations should find installing the MD450 completely painless, as it comes with installation support.
Running on a customised, hardened version of BSD, the MD450 provides anti-spam filtering based on the open source SpamAssassin engine, with additional extensions and added filtering capabilities. It also provides: incoming and outgoing policy enforcement, spam filtering and virus protection, an HTTP proxy, directory-harvest protection, password-attack protection, integrated LDAP routing, POP and Internet Mail Access Protocol (IMAP) servers, Web and SSL access to email, and intrusion detection.
Mirapoint provides onsite installation support as part of the price, so I allowed the company to send a support engineer to assist with installation. The engineer wasn’t really necessary, though, as I had the appliance running in about five minutes with no help that couldn’t have come from the manual. Many companies may find the onsite support useful, however, when it comes to configuring the optional features and customising the filtering settings for their needs.
The appliance itself is a custom dual-Xeon 2.8GHz system with 2GB of RAM, mirrored SCSI 10k drives with a hot spare, Gigabit Ethernet and 10/100 interfaces, and a 320U SCSI interface for back-ups. The hardware includes redundant hot-swap fans and power supplies. The MD450 performed excellently, and according to Mirapoint, it can handle more than 10,000 users.
The IP address and other network information can be set from the front panel; no serial terminal connection is required. Once the IP network information is set, the rest of the usual configuration can be done via a browser.
Configuration of anti-spam filtering was generally straightforward, although there were some subtleties that made me glad there was an engineer on hand. For example, a configuration option necessary to support different spam settings for each user proved complex.
Creating new filters, adding to the whitelist or blacklist, scheduling updates to the anti-spam filtering rules and antivirus rules, adding content checking and antivirus checking are all easily accomplished. The MD450 can also reject all mail from specific domains or IP address ranges, and can use Realtime Blackhole Lists (RBLs) that are maintained by volunteers who identify domains that either send spam or allow unidentified senders to relay mail through their systems.
Administrators can define anti-spam settings for a single domain or multiple domains, or allow users to modify their own settings. Multiple domains or sub-domains can be configured, though this is a separately priced feature. Each domain or sub-domain can have different administrators with different rights.
Mail can be quarantined, forwarded with text added to the subject line, discarded, or stripped of dangerous attachments.
Users can access quarantined mail via a browser, where they can view, delete, open, reply to, or forward it. They can also confirm whether a message is junk mail, which will add it to the blacklist or whitelist.
Content checking includes some powerful features. Wire taps can monitor all mail coming to or from a specified address, and messages containing specific words can be blocked or quarantined, as can messages with specified attachments.
Two word lists — an objectionable words list and a corporate words list — should simplify the process of collecting and maintaining words to be checked for possible sharing of corporate secrets or other business issues as well as sanitising porn and offensive language.
The MD450 provides denial of service protection by monitoring how quickly SMTP requests are issued from a single IP address, and it blocks requests or imposes a limit on the bandwidth allowed to that address. It also detects large numbers of outgoing mail to identify possible virus infections, worms, or open relays.
Reporting through the GUI is limited to a few days’ worth of daily reports, but the information available is all anyone could want and is presented in a variety of formats. For a weekly report, you use the command line interface to create a batch script to email the administrator a comma-delimited file that can be opened in Excel or similar applications.
Performance monitoring is also available for a wide variety of functions, although again, gathering historical data over a period greater than a day requires command line programming.
The documentation is complete, including explanations of all the options that can only be used on the command line. Administrators considering the Mirapoint appliance should have a good idea of what kinds of reports or other features beyond the basic they’ll want before the installation so they can take advantage of the installation engineer’s expertise.
The Mirapoint MD450 is a good example of what can be achieved using the SpamAssassin engine with additional software. As with SpamAssassin, however, it has a number of features that the less-sophisticated user may have trouble accessing without help.
If you have all your ducks in a row and are sure of what you want when the system is installed, you should get an easy-to-use, high-performance, drop-in solution that comes at a very low price compared to most of the other products I’ve tested. n
Mirapoint’s Message Director MD450 is distributed in Australia by PCTime Australia.
RRP: Pricing upon application.
PCTime Australia: (02) 9808 5659.