• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1596
  • Last Modified:

Barracuda versus Symantec Mail Security for Exhange

Our Barracuda Firewall gets over 90,000 emails a day and blocks over 80,000.  A lot of the blocked spam has .jpgs attached.  Barracuda does not have a way to whitelist a sender with a .jpg attached so even ligitimate mail with a .jpg is being blocked.  This is a real pain and takes a lot of admin time during the day to unblock these legitimate emails.

I am thinking about letting all .jpgs through the Barracuda firewall and letting Symantec Mail Security catch them.  I can setup an allow list of legitimate senders in Symantec.

My concerns are:

1.  Will this be a security risk to allow all .jpgs through the Barracuda firewall and let Symantec filter them?
2.  Will this degrade performance on my Exchange boxes since they will be doing the processing instead of the Barracuda
3.  Will this take up more storage on my Exchange boxes and how fast?

I will greatly appreciate your answers to the above questions.


  • 2
1 Solution
Hi Joele111,

This seems a retorical question to me.
1. Yes.
2. Yes.
3. Yes. Depends on the percentage of the 80.000 are jpg's and how Symantec is configured do you want to store the failed jpg's for one day, week, month? You can do the math on that.

I think you are on a good path and I'm sure you knew the answers I gave you.


Alternately, instead of using Symantec Mail Security on your Exchange box, you could use the the Symantec Mail Security for SMTP Gateways on a another box to act as a SMPT gateway for your Exchange box (the advantage being that you won't have to install Symantec Mail Security on your Exchange box).

So the mail flow would look something like this:

Internet ----> Baracuda ----> Symantec SMTP Gateway  ---->  Exchange

The Symantec SMTP Gateway ought to be able to catch most of the SPAM among the messages with JPG attachments.
Joele111Author Commented:
Thanks.  I will definitely look into that.

I really wish there were a way I could configure the Barracuda to let me whitelist mail with a .jpg from users I specify but still block all other mail with a .jpg from users that are not specified on the whitelist.

The Barracuda does a great job except for this one lacking feature.  I feel like I am punching a hole in the dike by allowing all .jpgs to pass through the firewall.

You're not compromising security by letting the .jpgs through the baracuda... as long as you've got something that will filter them before they reach the exchange server.  It sucks, but sometimes, due to product limitations, you have not choice but to go with a layered secure/anti-spam model.

At least the Symantec SMPT Gateway will can the .JPGs for virus and is a reasonably decent SPAM filter (if you purchase the optional Premium Antispam license, it's actually really solid... which is something I rarely say of any Symantec product).
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now