Thursday, January 30, 2014

Another Spam Filtering Service - GFI MaxMail

In my quest for a postini spam filtering replacement I also tried GFI's MaxMail product.  Like the others, it is a cloud based solution that is slightly (pennies) less expensive than Spambrella.  You change your MX records to point to their server, which then filters the email and sends it on to your email server.

I really liked the user interface and the granularity of the spam filtering.    Everything seemed to be going well and I used the service for 2 months.  Billing was monthly vs Spambrella's yearly billing and that was kind of nice.

Every time you log in there's a graph display of the last week showing percentage of spam, percentage of virus and percentage or normal mail.   I was constantly seeing quite a lot of virus activity noted there.
When I used postini and using spmabrella there are occasional virus emails received (cleaned and reported) but this was a LOT of activity.  That seemed strange to me.  Their console had the ability to detail these messages but the messages themselves were discarded.  But my experience was that it their system would never show me any details at all even though properly configured to do so.  (They tell me that this has since been corrected).

Then I had a customer email me a visual studio project - and it never arrived.    So I had them email it to my gmail account - and I received it fine.  So I asked GFI about it.  They said it must have contained a virus - could I email it to them?  So I did and they never received it.  I finally had to setup my own smtp server and a packet sniffer so I could prove that the email was making it to their servers and report the Email id that they assign so that they could trace it through their system.

A lot of time went by and they said that I needed to FTP the email to their site because it was coming up as a virus attachment.

So I did that - and they said I was correct there is no virus in the email.  However, sending it through their system always flags it as a virus.  So weeks went by as they had their development staff working on this.

Why was this one email so important?    Well because I had OTHER people telling me that email to me wasn't being answered.  Email I never received.  I was beginning to suspect that all the virus activity reported wasn't REALLY virus activity after all but rather email I wasn't receiving that was erroneously marked as a virus.

In addition to this, some of my users were telling me that spam was getting through.  Not a lot.  But a lot more than when we evaluated Spambrella and a lot more than when using postini.

Finally their development staff said that the problem was resolved.  I tested it.   It would still not deliver the email.  So I reported that, and another few weeks went by.

I finally had enough and switched back to Spambrella.

To their credit, GFI has continued to keep me updated on the progress of resolving the problem.  The have updated their system to be able to track the virus reported emails now, but this particular email still won't make it through their system.

In the end I'm happy with Spambrella.  The ONLY issue I have with Spambrella is that new 419 scam emails do make it through for a short time before they recognize them and stop them.