March 23, 2004
$1,190 (25 user, one-year license)
- Ease of Use:
- Value for Money:
- Overall Rating:
: The Daily Report feature allows delegation of false positive processing to users.
: Would like to see wider support for third-party anti-virus scanners and automatic updating of them.
: An excellent content management product with some unique features, such as automated white list building and Daily Reports.
The OrangeBox Mail software is designed to provide a complete email filtering system implemented as an SMTP relay at the gateway to the Internet. It runs on Windows 2000 or XP Professional and requires Microsoft Office to be installed for the analysis of Office documents. Remote management is also supported.
Content analysis is comprehensive, with keyword search, porn detection, file type identification, source code detection, context analysis, spam identification and virus detection. These features can also be configured to detect proprietary of company confidential data.
Anti-virus is provided by an optional plug in that supports the following third-party scanners: McAfee VirusScan, Symantec CarrierScan, Sophos and Computer Associates InoculateIT. McAfee is the only one that is supported for automatic updates via OrangeBox Mail itself.
Spam detection is based on the product's OrangeFilter database system as well as Real-time Blackhole Lists (RBLs) – turned off by default, internal white and black lists, lexical analysis (which categorises messages as spam, porn, criminal, etc), image analysis (for porn), and heuristics. The product can also check URL categorisation within an email. Any number of third-party RBLs may be used.
A nice feature is what is effectively an automated white list. OrangeBox keeps a database of all messages handled. If a suspiciously spam-like message is received from someone who has sent many non-spam emails before, the email will not be categorised as spam. This automatically reduces false positives and ensures that an important message from a regular contact does not get blocked accidentally.
Action taken is also very flexible, offering a choice of blocking, deletion, delay, reply, report, store, modify, and remove attachment. Delay can be used to prioritise mail without totally blocking it, for example, for large or personal emails. Modify can be used to add disclaimer text or even attachments. Reply can send an auto-reply based on content detected to warn the original sender that his message has not been delivered and why, for example. Store allows selected messages to be archived away for later analysis, for example, in a quarantine area. Reporting allows administrators to be informed if certain message types are detected.
Daily Reports can be configured to inform users of blocked emails. Depending on the reason they were blocked, and this is configurable, users may be allowed to release them using the Daily Reports to execute this task. This can relieve the administrator of the burden of checking for false positives in the spam quarantine area.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- The information security implications of M&A deals
- Cyber-security must reflect risk not just regulation
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success