The Engate MailSentinel product line is focused on the blocking of spam and/or malicious E-mail messages before they reach the MTA of the receiving network. The product is offered in four primary configurations, each with differing target audiences: The EMS 2500e appliance for Enterprises; the EMS 2500s appliance for service providers; the diskless EMS 1500 for router and firewall OEMs; and the EMS 1000 for software and appliance OEMs.

In each case, the technology leverages a proprietary DB built by the vendor which seeks to separate out legitimate vs. suspect mail senders at the sending network level; i.e., the technology interrogates the sending network infrastructure in an attempt to determine which IPs represent legitimate potential E-mail servers and which do not. With this methodology, the vendor states that they are able to block not only known illegitimate senders, as would be the case with traditional blacklist assignments; but can also block illegitimate E-mails from "zombie" machines located within the network even if those machines had never before sent an E-mail. Referred to as GlobalRules by the vendor, this reputation-like proprietary information is based on source sender data that cannot be forged, and does not depend on the use of blacklists or whitelists (though these can be used in combination with the technology, if desired by the customer).

To actually make use of the GlobalRules, MailSentinel products leverage the vendor's ConnectionManager technology; which operates as a transparent intercepting proxy between the receiving MTA and sending MTAs. ConnectionManager analyzes both the reputation of the senders as well as the protocol-level behavior of the actual sent message. When suspect SMTP behavior or messages from unreputable sources are received, the MailSentinel products can disrupt, manipulate, or redirect the SMTP session. Of course, if the message appears to be clean it is forwarded on to the receiving MTA.

Engate targets their MailSentinel technology both to Enterprises and OEMs as a complement to existing mail filters. MailSentinel scans all inbound SMTP connections and can block/reject suspect messages before they reach the MTA, and does so based on network information (no examination of the actual message content is required). As such, the product is billed as reducing the amount of message traffic that must be directly examined by downstream message filters or anti-spam/virus scanners on the MTA itself.

New to the MailSentinel feature set is "PhishFilet," which leverages the vendor's network connection profiling technology in an attempt to determine if a received message is being delivered from targeted phishing domains.

The MailSentinel product line is available now. Visit the Engate Technology Web site for further information.

product submission by EITPlanet Staff

E-Mail this page to a colleague
send info about Engate MailSentinel

Suggest a link
for the Engate MailSentinel fact sheet