SecurityGateway for Email Servers
- Protection from External Threats

SecurityGateway for Email Servers performs a variety of security tests on inbound email messages, to block outside threats from gaining access to your system. Performing multiple tests on inbound messages helps ensure that spammers don't have a single point of entry which they can exploit.


Multiple testing methods allow administrators to adjust spam prevention techniques and block 99% of incoming spam.

Heuristic and Bayesian Engines

SecurityGateway for Email Servers - Heuristic and Bayesian Engines

SecurityGateway uses SpamAssassin for Heuristic rules and Bayesian classification to block over 99% of all spam.

DNS and URI Blacklists

SecurityGateway for Email Servers - DNS and URI Blocklists

Several DNS and URI Blacklist services, which maintain lists of servers known to relay spam, can be used to block mail from known spam sources.

Message Certification

SecurityGateway for Email Servers - Message Certification

Message Certification allows a third party to validate the trustworthiness of a sending server.


SecurityGateway for Email Servers - Greylisting

Greylisting delays inbound mail from unknown senders to discourage spam and can be customized using Sieve scripts.

Backscatter Protection

SecurityGateway for Email Servers - Backscatter Protection

Backscatter Protection prevents users from receiving irritating bounce-back messages in response to messages they did not send.

Message Scoring

SecurityGateway for Email Servers - Message Scoring

Message Scoring can be customized to fit each domain's needs - each domain can refuse, quarantine, or tag messages based on message scores.


SecurityGateway includes flexible antivirus configuration options. Automatic updates can be performed at regular intervals, ensuring you have the most up-to-date antivirus protection. Messages with viruses can be refused or quarantined for review by the administrator on a per-domain basis.

Multiple AV Engines

SecurityGateway for Email Servers - AntiVirus

Administrators have the flexibility to use multiple AV engines in addition to real-time virus and spam pattern analysis.

Threat Signature Updates

SecurityGateway for Email Servers - Threat Signature Updates

Because the threat landscape is constantly evolving, SecurityGateway can be configured to check for virus signature updates automatically as well as manually for immediate updates.

Zero-Hour Virus Outbreak Protection

SecurityGateway for Email Servers - Outbreak Protection

Allows SecurityGateway to recognize spam or virus outbreaks almost immediately as they are released over the Internet.

  • Real-time, antispam, zero-hour antivirus, anti-spyware, and antiphishing technology.
  • Capable of proactively protecting your email infrastructure automatically and within minutes of an outbreak.
  • Outbreak Protection requires no heuristic rules, content filtering, or signature updates.
  • Relies on Recurrent Pattern Detection (RPD) Technology.
  • Resulting analysis can detect outbreaks in "Zero-Hour" - much faster than traditional filter and signature based solutions that require detecting, defining, and disseminating new virus information.

Recurrent Pattern Detection (RPD) Technology

SecurityGateway for Email Servers - Recurrent Pattern Detection

The part of Outbreak Protection that analyzes "patterns" associated with an email transmission and compares them to similar patterns collected from billions of email messages sampled daily, in real-time, from live Internet email traffic.


Multiple techniques are used to verify a sender's address to prevent spammers from forging the origin of the message.

Reverse Lookups

SecurityGateway for Email Servers - Reverse Lookups

Reverse Lookups can be used to tag or refuse messages if the sending mail server or email address is forged.

Callback Verification

SecurityGateway for Email Servers - Callback Verify

Callback Verification allows SecurityGateway to verify that the sending email address is valid before accepting the message.

Email Authentication

Incorporates current authentication techniques used to validate and sign messages to minimize the receipt of possible spam messages.

DomainKeys Identified Mail (DKIM)

SecurityGateway for Email Servers - DomainKeys Identified Mail (DKIM)

DKIM is a security technique that uses a digital "fingerprint," to identify possible tampering of messages. When SecurityGateway receives a message that has been signed with DKIM, it validates the DKIM signature upon receipt to confirm the signer's identity and to ensure the message was not tampered with during transit over the Internet.

Sender Policy Framework (SPF)

SecurityGateway for Email Servers - Sender Policy Framework (SPF)

Sender Policy Framework uses the DNS system to verify that messages claiming to come from a particular domain were sent from mail hosts that are authorized to send on the domain's behalf.

Domain-Based Message Authentication, Reporting and Conformance (DMARC)

SecurityGateway for Email Servers - DMARC

DMARC enables domain owners to direct the actions to take when handling messages purporting to be from their domain but were not actually sent by them. SPF and DKIM lookups are performed on the purported sender's domain, and if a PASS result is not received for at least one of these queries, the sender's DMARC record provides instructions on how to handle these messages, such as whether to quarantine or reject the message.


Multiple techniques to allow legitimate mail in while preventing unauthorized access - all configurable on a per-domain basis.

Relay Control

SecurityGateway for Email Servers - Relay Control

Prohibits messages from being accepted or delivered if they are not to or from a local domain.

SMTP Authentication

SecurityGateway for Email Servers - SMTP Authentication

SMTP authentication can be required - to ensure that the identity of message senders is known.

IP Shielding

SecurityGateway for Email Servers - IP Shielding

Allows SecurityGateway to only accept mail from a domain if it matches a pre-defined domain/IP pair.

Dynamic Screening and DDoS

SecurityGateway for Email Servers - Dynamic Screening

Bans senders based on their suspicious activity and prevents Distributed Denial of Service (DDoS) attacks. Dynamic Screening for failed SMTP authentication attempts work across sessions over time. The failed authentication count for an IP is reset at midnight, or when it is blocked and added to the Dynamic Screening list.

Location Screening

SecurityGateway for Email Servers - Location Screening

SecurityGateway's Location Screening feature allows administrators to block incoming SMTP and remote administration connections from unauthorized countries. Exceptions can be made for connections from whitelisted IP addresses.


SecurityGateway for Email Servers - Tarpitting

Deliberately slows down sessions after a specified number of RCPT commands, to prevent abuse from a suspected spammer or bot.


Minimize incoming and outgoing threats by blocking or quarantining messages based on content or types of file attachments.

Multiple Search Strings

SecurityGateway for Email Servers - Multiple Search Strings

May be defined for a single condition in which a user can specify if the condition must match any or all of the defined strings - useful for searching a message header or body against a list of keywords.

Message Content Filter

SecurityGateway for Email Servers - Message Content Filter

Allows the administrator to look for content within a message and take action based on the results.

Preset File Types

SecurityGateway for Email Servers - Block Preset File Types

Allows the administrator to tell SecurityGateway to block all attached video files, images, or executable files with one click.

Attachment Filtering

SecurityGateway for Email Servers - Attachment Filtering

Allows content filter rules and custom sieve scripts to perform actions based upon the content of an attachment. You can also exclude whitelisted senders, authenticated sessions, and domain mail servers from Attachment Filtering.


Blacklists allow you to block threats from known email abusers.

Blacklist Addresses

SecurityGateway for Email Servers - Blacklist Addresses

Match addresses by domain or email address.

Blacklist Hosts

SecurityGateway for Email Servers - Blacklist Hosts

Match by the host name given during the SMTP session.

Blacklist IPs

SecurityGateway for Email Servers - Blacklist IP

Match by connecting IP address.

Blacklist Actions

SecurityGateway for Email Servers - Blacklist Actions

Allow the administrator to refuse or quarantine if a blacklist match occurs.


Speed up message processing through the identification of friendly senders.

Whitelist Addresses

SecurityGateway for Email Servers - Whitelist Addresses

Exempt email from addresses by domain or email address.

Whitelist Hosts

SecurityGateway for Email Servers - Whitelist Hosts

Exempt email by the host name given during the email session.

Whitelist IPs

SecurityGateway for Email Servers - Whitelist IP

Exempt email by connecting IP address.