Best Email Gateway for Excahnge server 2010 or 2013

Posted on 2013-11-13
Medium Priority
Last Modified: 2014-05-11
Hi EEs,
I have to host exchange server2013 in my company,
Currently I have Fortigate 100 D as a firewall, & as a antivirus we are using Symantec end-point protection 12.1,

Now Can any one pls advise me …either I can use Fortigate 100D or Symantec End-Point 12.1 as an email Gateway for protecting my Exchange server from Email Viruses & spams etc.

Also advice does Hardware based Email gateway(appliance) is good V/S Software base Email gateway (Trend Micro Interscan Messaging suit-IMSS).

Many thanks in advance…
Question by:dxbdxb2009
  • 3
  • 2
  • 2
  • +5

Expert Comment

by:I Qasmi
ID: 39645037
Both the softwares are good
Also hardware based  is good as compared to software based.
Those with less expenses can deploy a software alternate solution
that are also good these days
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 600 total points
ID: 39645056
No such thing as "best". What works for me may not work for you.
As a rule I avoid products from the AV vendors, as I find they largely suck and are expensive. Get something that supports multiple AV engines.

You could look at something like GFI Mail Essentials, and then install it on a regular Windows machine with IIS SMTP installed. That can act as a very good gateway machine for SMTP traffic.
Another product that can do similar is Vamsoft ORF.

Another option would be to look at an appliance, even a virtual one. Lots of those around, again using multiple AV engines.

If you have Symantec on your clients, then that would immediately rule it out as the gateway because they will use the same definition files. You want a different vendor so you get multiple attempts to block the traffic.

Final advice - do NOT purchase based on reviews/recommendations alone. Always evaluate. If the vendor doesn't allow evaluations, walk away. If it is a "money back" guarantee then I am not interested because there is no guarantee they will still exist to give you the money back.

LVL 62

Expert Comment

ID: 39645186
Exim is most popular mailserver on the internet
Postfix comes second
Both support ldap to active directory and numorous antiviruses.
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

LVL 45

Expert Comment

ID: 39645243
To protect Exchange from Viruses and Spams, You need multiple level of scanning and preferred to have one web based and one on premises. This gives maximum control.

Like i am using Message Labs web based solution and Mail Marshal on premises.
LVL 15

Accepted Solution

Giovanni Heward earned 1000 total points
ID: 39645450
While the term "best" is relative, there are solutions which are more effective than others.  I strongly suggest you consider a FireEye EX series appliance.

The FireEye® EX series secures against spear-phishing emails that bypass anti-spam and email reputation-based technologies. As part of the FireEye Threat Prevention Platform,
the FireEye EX uses signature-less technology to analyze every email attachment and successfully quarantine the spear-phishing emails used in advanced targeted attacks.

Real-time quarantine of malicious emails
To block spear-phishing emails, the FireEye EX series analyzes every attachment using the purpose-built FireEye Multi-Vector Virtual Execution™ (MVX) engine that accurately identifies today’s advanced attacks. The FireEye MVX engine detonates email attachments against a cross-matrix of operating systems and applications, including multiple Web browsers and plug-ins like Adobe Reader and Flash. If an attack is confirmed, the EX platform quarantines the malicious emails for further analysis or deletion.


Installs in under 60 minutes – Deploys as an MTA, SPAN device, or BCC destination, in-line (block/monitor-mode) or out-of-band (monitor-only)
Real-time quarantine of zero-day email attacks – Using the FireEye MVX engine, identifies and blocks advanced targeted attacks using malicious images, PDFs, Flash, or ZIP/RAR/TNEF archives
Integrates with the NX to stop blended attacks – Quarantines emails with malicious URLs and traces Web-based attacks back to the original spear-phishing email
Enhances existing email control infrastructure – Layers dynamic malware and attachment analysis behind the static signature-based detections of anti-spam and anti-virus gateways
Dynamically generates threat intelligence – Captures details such as callback coordinates and communication characteristics to protect locally and share globally through the DTI cloud
Supports YARA-based rules – Enables information security analysts to specify byte-level rules and quickly analyze email objects for threats specific to the organization
Supports AV-Suite integration – Malicious objects identified by anti-virus software can be linked to the deeper forensic information provided by the EX for more efficient incident response prioritization

I also strongly suggest the use of OpenDNS to further mitigate against malicious links, malware "phone home" requests (including Cryptolocker), and other threats.  Your firewall should be configured to block all public DNS servers except OpenDNS.

Expert Comment

ID: 39645969
I've had decent luck with a combo of "not the entry level" Barracuda devices, coupled with Sophos Computer Security.

Assisted Solution

myramu earned 400 total points
ID: 39646904

As you already using FortiGate, I recommend to start use the FortiGate for AntiSpam scanning along with third party DNSBL scanning. This should avoid most of the spam mails. But you don't get dedicated AS scanning appliances features like per user configuration, AD integration for AS scanning and user quarantine.

If you are not happy with the FortiGate AS catch rate, you can try Iron Port or FortiMail for in-depth AS scanning.  

Always do POC and get the product that fulfill your needs.

Author Comment

ID: 39647135
Dear All,

Lets go step by step to clear if off...

Can use Fortigate 100D or FortiMail 200D for mail Email Server Security?

Pls advice...
LVL 62

Expert Comment

ID: 39647175
First try to use what you have. If that proves insufficient you are expert on the subject for purchasing decisions. Fortimail is for high volume

Author Comment

ID: 39647313
any core advantages for having FortiMail-200D which insist us to buy FortiMail200D

pls advice some core benefits..

thanks in advance..

Assisted Solution

myramu earned 400 total points
ID: 39666536
Still I would suggest you to try FortiGate AS feature, if not satisfied with spam catch rate then try FortiMail.
Core advantages of FortiMail:
1) Transparent mode implementation.
2) Sender reputation based on sender behavior
3) Per user/system quarantine and email archiving
4) Other anti-spam techniques(Grey list, heuristic, deep header) to catch more spams
5) Session level spam catching.

Good Luck!

Author Comment

ID: 40053260
@ Admin: pls close this question; as this is being shown at my dashboard saying 'Your question has been inactive''

thanks in advance...

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here is a method which can be used to help resolve a "Content Index Failed" error on a Microsoft Exchange Server.
This article explains how to move an Exchange 2013/2016 mailbox database and logs to a different drive.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…

588 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question