Messaging Gateway

Hi

I have a query firstly we are currently using Symantec Brightmal Message Filters version 6.1 running on Windows 2003 Server. 

1) I would like to know if this software version on top of windows operating system uses technology that blocks spammers at the initial connection level based on IP of the sender a form of IP reputation filters?

2) Secondly if I move to the appliance Symantec Brightmail Gateway version 7.7 , this deploys IP reputation for blocking spammers at the connection level?

  i) Does it use Global IP reputation and self-learning Local IP reputation database?

  ii)  or just Local IP reputation based on a self-learning database? 

3) How is SMTP traffic shaping related to this above?

4) Symantec Brightmail Gateway admin documentation mentions for SMTP traffic shapping only the use of a self-learning local database?

Sorry it is all so confusing!!

JatP

Hi JatP,

Ok, here goes.

1) 6.1 can take advantage of the new early verdict part of the SDK in which the calling MTA can be given a verdict if the sending IP address exists on a block list. This is covered in the SDK admin guide (i think).  Bear in mind that it is fully down to the MTA to call whilst the connection is open.  Typically the MTA passes a message to SBMF asking 'is this spam?'.

2)  BGW uses global and local (i.e self learning) reputation technology and protects at SMTP connection time provided your BGW instance is at the network edge.

3)  Traffic shaping (aka Quality of Service/Connection Class) is used to give transmission resource to your known 'good' senders and restrict resources for the known 'bad' senders.

4)  Not sure whay you are asking here..

Hope that helps!

--ian

Ian

I am trying to justify to my boss to give me expenditure to upgrade from the software based Brightmail Filters 6.1 on Windows 2003 to the Symantec Brightmail Gateway appliance.

He wants to know the extra features etc we will get etc

Go back to the SMTP Traffic shaping only uses a self-learning local IP database?

Hi,

Yes, the SMTP Traffic Shaping is all based on local reputation.  It'll sample every connection coming into your appliance then, one it has collected data on 50,000 connections it will begin to shape the traffic.

The reason it uses local reputation is so that the shaping is unique and applicable to YOUR environment.

Hope that helps,

--ian

Thanks Ian

Everything is crystal prefect clear now .. now to work on my boss!!

Cool!

Something you might like to consider is taking the trial version of Brightmail Gateway in VMWare and showing him through that?

You can download the virtual machine from VMWare appliance marketplace (search for Symantec) and you'll get a 30 day trial licence too.

cheers,

--ian

Thanks Ian one step ahead of you there .. control quite a few email domains and we re-directed a couple of them to the Brightmail Gateway in VMware setup as you mentioned .. this way we can have a look at the technology first hand and provide data to justify our findings etc

Again thanks for all the rapid response to my questions today was really appreciated .. keep up the good work

JatP