Secure Mail Intelligence!

This is an old site, go to the new one -> Security-Increase.com

Secure Mail Intelligence!™ represents an outstanding email server protecting technology. SMI is not a standalone mail server. Although it enables email routing as well as its storage, secreting and sending, its most important function is to protect and defend existing mail servers. It is the only program that joins firewall elements, intrusion detecting systems, anti-virus and anti-spam systems, clusters functionality and email servers.

SMI! scans & filters incoming and outgoing mail traffic. It decreases the costs of license because SMI! can combine the role of expensive mail servers with router compatibility. Moreover, it is 100% worms resistant – it protects servers from hang-ups resulting from hackers’ attack.

This solution is transparent even for the users who are not aware of the fact that apart from the existence of an e-mail server and a client, there is something more that controls mail and protects the server. Secure Mail Intelligence! works as dedicated to SMTP port Intrusion Detection System (in-line mode). All the SMTP traffic is filtered by SMI! with a quick but effective analysis. After checking a sequence of different conditions and veryfing that the movement is not an attack a mail is passed to main e-mail server or recipient. As it works on application layer, SMI! offers highly advanced methods of control which are unavailable to the systems working in the lower layers of OSI model.

The architecture of SMI! is modular and most important modules are:

Security (SMTP Guard & Firewall)
Application protects against:

• attacks on SMTP server by malformed SMTP commands;
• overloading (Denial Of Service)
• mail-bombing (automatic and intelligent blocking at configured period of time);
• relay (illegal redirection);
• sending mail to specified users and groups (like LocalMailServers in Lotus Domino);
• opening to much threads;
• establishing too many concurrent connections
• establishing too frequent connections
• establishing connections from specified IPs or hosts
• too long connections (timeouts)
• too long time between commands (idle)
• too much SMTP commands(command limit)
• sending mail from non existing mail domains (DNS checking)
• sending mail out of the corporation for specified group of people
• emulating other servers by SMTP responds for example: sendmail (identity spoofing)
• establishing connections with dangerous servers(like big@boss.com)
• fragmented network packets(many IDS software cannot detect this kind of attacks)

• Scans incoming & outgoing mails to find known and unknown viruses, vandals, worms and Trojans. It can use 7 antivirus engines, including: VirusBuster, Kaspersky, Sophos, Symantec, Norman, BitDefender and ClamAV.
• If a virus is fast growing the application sends the information to firewall so as to block the connection with a specified server or sender for a configured period of time.
• It is possible to define the sensitivity of scanning, set attachment types that should be scaned, define heuristic level of scaning, define heuristic level of scaning worms, and define if the body of the message should also be scanned.
• SMI! searches for viruses in archieved files such as ZIP, ARJ, RAR, etc. and also multiple packeges.
• You can set if the infected mail should be deleted; the attachment should be replaced by an information txt file; the mail should be moved to quarantine or if it should be left alone.
• SMI! may send mail notifications to sender, recipient and administrator.
• Found virus accidentals can be saved in a special log file.

• Detects SPAM and massive SPAM.
• It has got 3 levels of SPAM filtering: 1st layer – during a connection, 2nd layer - after receiving mail, 3rd layer - SpamAssassin with Baye's algorithm.
• It can detect SPAM by keywords (title, sender, recipient, body, attachment name, HTTP links, applets’ tags, JavaScript and any mime header) and by RBL and DNS.
• Checks if mails have got correct mime header.
• Unwanted attachments checked by: name, type (extension), size and file header (option).
• Mails qualified as SPAM can be stored, killed or sent to a specified mailbox or a recipient with SPAM flag.
• Improves the performance of servers by blocking mass-bombing, mass-spaming and permanent spammers.
• It is a server based solution so it does not need any action from the user. All the user has to do is forward mail classified as spam to a dedicated mailbox.
• It uses free and commercial black list servers (RBL).

• It enables building advanced mail server configuration, by using built-in mail routing technology. You can configure mail routing to use M2 / Secure Mail Intelligence domains, source and destination Internet domains, source and destination server IPs and also individual users. It is possible to use routing that takes the advantage of mail domain priority.
• Load balancing of mail servers.
• SMI! could be defined as a backup mail exchanger (MX).

• To every mail a special message or disclaimer based on advanced rules (mime-type, IP, sender and recipient) can be added.
• You can add disclaimers to all alternative parts of the mail.
• You can add disclaimers in every format which can be specified as mime type.

• SMI! updates virus descriptors files, spam keywords files, dangerous servers & domains files and SMI! software updates via FTP, HTTP protocols or via local network, CD, HDD, FDD and specified folder.
• Its updates are scheduled or on manual request.
• It can backup any level of descriptor files.
• It can restore every backup file.
• It is able to central update for the entire organization.

• Enables the use of Polish National Security Classification (by using hardware solutions as CompCrypt Delta 3).
• Encrypts emails between M2 /™ Secure Mail Intelligence servers.
• Confidentiality, integration and authenticity of emails.
• It can cooperate with devices made from CompCrypt: Delta 3, SSL certificate infrastructure.
• It uses symmetric crypto algorithms: blowfish by Bruce Schneier.
• It uses asymmetric crypto algorithms: RSA.
• It can use certificates: x509, x509 v 3.
• It has a built-in crypto key generator.
• It allows building secure connections between locations, by using public network or VPNs.

• Analyses outgoing data (body and header) in relation to the protecting rules. It can block sending mails, store the mails or inform the management about dangerous accidents.
• It helps to discover the acts of internal sabotage and the level of professional using mail system.

• Registers all the information about connections, traffic, headers, errors, attack tries and their types.
• It is able to prepare advanced and expanded reports about mail traffic.
• It can send & store information on file system, in dedicated SQL database (delivered with SMI!), remote SQL server (all supported SQL 92 standard) or in Lotus Database.

• Based on defined rules it can store mail as files, push it to SQL server or to Lotus Domino server
• The rules can refer to all mime fields (header), subject, sender, recipient, IP address, body, type of attachments and HTML tags.
• Conditions can be defined as plain text or regular expressions.

• It uses advanced binary analysis algorithm with the ability to find similar images.
• It blocks unwanted images based on black list or enables receiving or sending images based on white list.
• Protects the intellectual value of a company by blocking mail which includes graphics, scans or photos.
• It uses build-in advanced filters to protect against pornography, cartoons, and elements form web pages (banners, menu, and inline mime elements).

• IBM Lotus Domino, Microsoft Exchange, Novell GroupWise, 602Pro LAN SUITE, iMailServer, OpenMail, Sendmail, qmail, Postfix, Exim, Smap. Microsoft SMTP Service, Microsoft SMTP MAIL, MailSite and others.

• SMI! uses graphical management console via HTTP (WWW) protocol.
• It enables safe and encrypted connections via SSL with different access profiles.
• Does not need any software installation on admin machine.
• It allows local or remote administration.
• All parameters are stored in text files, so it is possible to modify them by any text editor.
• The application uses flexible, semi-language for configuration, which enables building your own, even very complicated rules or you can use graphical interface which will guide you.
• It enables to using predefined configuration templates,saving them and moving to a different machine.
• On one console you can administrate all the instances of SMI! installed on the same machine.
• Registers all information about connections, traffic, headers, errors, attack tries and their types.

• SMI! can works on lots of operating platforms like: Microsoft Windows 98/NT/2k/XP/2003 in Professional and Server releases, on Linux (i586 Intel or 100% compatible), OpenBSD, FreeBSD and Solaris 9 (x86 and SPARC).
• Cooperates with all SMTP servers.
• Needs 200 MB free space on hard drive + app. 800 MB for temporary files
• Requires Pentium III 800 MHz or faster processor.
• Requires 128 MB RAM (256 MB recommended) for each SMI! instance.
• Requires proper configured TCP/IP protocol.
• Can be installed on the same machine as the protected mail server.

• SMI! receives mail five times faster than Lotus Domino 6.01 and fifteen times faster than 602Pro LAN SUITE!
• After blocking dangerous servers, SMI! does not reconnect them, so the mail server and SMI! do not need to scan & filter unwanted traffic again. Similarly, after finding a virus sent several times from one person on one server, SMI! blocks the connection for all or for a specified (configurable) time.
• Every module is working as a separate thread; this improves the performance and provides a very good use of multiprocessor architecture.
• It controls the amount of simulative connections, so that the server cannot be overloaded. It blocks mass-bombing and mass-mailing.
• It allows changing the configuration without a necessity to restart SMI! or an operating system.
• On the same machine you can install up to 8 instances of SMI!