GFI MailSecurity uses multiple virus scanners to scan inbound mail. Using multiple scanners drastically reduces the average time to obtain virus signatures which combat the latest threats, and therefore greatly reduces the chances of an infection. The reason for this is that a single anti-virus company can never ALWAYS be the quickest to respond. For each outbreak, virus companies have varying response times to a virus, depending on where the virus was discovered, etc. By using multiple virus engines, you have a much better chance of having at least one of your virus engines up-to-date and able to protect against the latest virus. In addition, since each engine has its own heuristics and methods, one virus engine is likely to be better at detecting a particular virus and its variants, while another virus engine would be stronger at detecting a different virus. Overall, more virus engines means better protection.

Note: Independent research showed that brand names are no guarantee for faster response times; in fact some of the big brand names were found to be among the slowest.

Trojan and executable analyzer
The GFI MailSecurity Trojan & Executable Scanner detects unknown malicious executables (for example, Trojans) by analyzing what an executable does. Trojans are dangerous as they can enter a victim’s computer undetected, granting an attacker unrestricted access to the data stored on that computer. Anti-virus software will NOT catch unknown Trojans because it is signature-based. The Trojan & Executable Scanner takes a different approach by using built-in intelligence to rate an executable's risk level. It does this by disassembling the executable, detecting in real time what it might do, and comparing its actions to a database of malicious actions. The scanner then quarantines any executables that perform suspicious activities, such as accessing a modem, making network connections or accessing the address book.

Norman Virus Control & BitDefender virus engines are included
GFI MailSecurity is bundled with Norman Virus Control and BitDefender. Norman Virus Control is an industrial strength virus engine that has received the 100% Virus Bulletin award 16 times running. It also has ICSA and Checkmark certification. BitDefender is a very fast and flexible virus engine that excels in the number of formats it can recognize and scan. BitDefender is ICSA certified and has won the 100% Virus Bulletin award and the European Information Technologies Prize 2002. GFI MailSecurity automatically checks and updates the Norman Virus Control and BitDefender definition files as they become available. The GFI MailSecurity price includes updates for one year. View screenshot

Kaspersky and McAfee virus engines optional
To achieve even greater security, users can add the Kaspersky and/or McAfee anti-virus engines as a third or fourth anti-virus engine or as a replacement to one of the other engines. Kaspersky Anti-Virus is ICSA-certified and is well known for the unsurpassed depth of its object scanning, the high rate at which new virus signatures are released, and its unique heuristic technology that effectively neutralizes unknown viruses. The McAfee virus engine is particularly strong at detecting non-virus attacks such as rogue ActiveX controls.

Automatic removal of HTML scripts
The advent of HTML email has made it possible for hackers/virus writers to trigger commands by embedding them in HTML mail. GFI MailSecurity checks for script code in the email message body and disables these commands before sending the "cleaned" HTML mail to the recipient. GFI MailSecurity is the only product to protect you from potentially malicious HTML email using a GFI patented process, safeguarding you from HTML viruses and attacks launched via HTML email.

Email exploit detection engine
The email exploit detection engine builds on GFI's leading research on email exploits, and safeguards you from future email viruses and attacks that use known application or operating system exploits. For example, GFI MailSecurity would have protected you against the Nimda and Klez viruses when they first emerged without needing any updates, because these viruses use known exploits. GFI SecurityLabs regularly finds new email exploits, and these are automatically downloaded by GFI MailSecurity. GFI MailSecurity is the only email security product to detect email exploits. View screenshot

Spyware detection
GFI MailSecurity's Trojan & Executable Scanner can recognize malicious files including spyware and adware. GFI MailSecurity can also detect spyware transmitted by email via the Kaspersky virus engine (optional) which incorporates a dedicated spyware and adware definition file that has an extensive database of known spyware, Trojans and adware.

Attachment checking
GFI MailSecurity's attachment checking rules enable administrators to quarantine attachments based on user and file type. For example, all executable attachments can be quarantined for administrator review before they are distributed to the user. GFI MailSecurity can also scan for information leaks, for example, an employee emailing a database. You can also choose to delete attachments like .mp3 or .mpg files. View screenshot

Email content checking/filtering
Using GFI MailSecurity's powerful content checking rules engine, you can configure rule sets based on user and keywords that allow you to quarantine potentially dangerous content for administrator approval. In this way, GFI MailSecurity can also scan for offensive content.

Custom quarantine filters (v. 9)
GFI MailSecurity enables you to configure a series of search folders (similar to MS Outlook Search Folders) within the ‘Quarantine Store’, permitting you to manage quarantined emails better and faster. For example, you can set up a folder for emails that were quarantined by virus checking and another for emails quarantined by attachment checking for a particular user, allowing you to prioritize which folders you check first: It may be more important to examine the attachment checking folder first as it is more likely to contain emails that need to be approved and forwarded to users.

Web-based configuration – enables remote management from any location (v. 9)
The product’s web-based configuration allows you to configure and monitor the product and manage quarantined emails remotely from any computer that is equipped with a browser. This means that you can monitor and manage GFI MailSecurity from anywhere in the world.

Approve/reject quarantined mail using the moderator client, email client or web-based moderator
GFI MailSecurity provides several options for moderating quarantined mail. The moderator client gives you a familiar Windows interface for approving/rejecting email. The web-based moderator allows you to approve/reject emails from anywhere on your network. Alternatively, GFI MailSecurity can also forward quarantined mails to an email address, enabling you to use a public folder to distribute the quarantined items to multiple administrators. View screenshot

Searching within quarantined emails (v. 9)
GFI MailSecurity provides the facility to conduct searches within all emails that it quarantines. Such searches can be performed among inbound or outbound emails to or from a particular user, for instance. Searches can also be carried out based on sender, recipient and also quarantine reason, freeing the administrator from the need to go through all quarantined emails one by one.

Full threat reporting for quarantined emails (v.9)
When an email is quarantined, GFI MailSecurity gives a full threat report , detailing all threats identified per mail.

Server-based anti-spam
GFI MailSecurity's companion product, GFI MailEssentials for Exchange/SMTP offers spam protection at server level and eliminates the need to install and update anti-spam software on each desktop. GFI MailEssentials includes a number of effective methods to virtually eliminate spam from your network. It also provides disclaimers, Internet mail reporting, server-based auto replies and POP3 downloading. GFI MailEssentials integrates seamlessly with GFI MailSecurity and both are available as a bundle. Click here for more information!

Checkmark & ICSA certified
GFI MailSecurity holds Checkmark certification from West Coast Labs and ICSA certification from TruSecure.

Great value
GFI MailSecurity is the most cost-effective content checking and anti-virus product available. The standard license includes a full year of anti-virus updates, as well as three months of free, unlimited support. The cost of anti-virus updates in the second year is minimal as well, approx. 15% of the purchase price, depending on the amount of users you have.

Other features:

• Automatic quarantining of Microsoft Office documents with macros
• Detects attachment extension hiding & renaming
• User-based, flexible rules configuration
• Scans embedded mails
• Lexical analysis.

You're in good company...
Many leading companies have chosen GFI MailSecurity for Exchange/SMTP. Here are just a few: NASA, European Central Bank, MG Rover Group, Caterpillar, PerotSystems, Port Of Tilbury London Ltd, Mexx International BV (Netherlands) and many more.