Should I use MailMarshal SMTP and/or MailMarshal Exchange?


This article applies to:

  • Trustwave MailMarshal (SEG)
  • Trustwave ECM/MailMarshal Exchange

Question:

  • Should I use MailMarshal SMTP and/or MailMarshal Exchange?
  • Why would I choose MailMarshal SMTP?
  • Why would I choose MailMarshal Exchange?
  • Why would I implement both MailMarshal SMTP and MailMarshal Exchange?
  • What features are provided by MailMarshal SMTP, but not by MailMarshal Exchange?
  • Technical Comparison of MailMarshal SMTP and MailMarshal Exchange

Information:

The questions and answers below should assist you in selecting the appropriate MailMarshal product for your environment.

Note:
This information refers to the latest versions of the products: MailMarshal SMTP (Secure Email Gateway, or SEG) 6.X or above, and MailMarshal Exchange (Email Content Manager, or ECM) 7.X.

  • Trustwave ECM/MailMarshal Exchange 7.X includes significant enhancements from version 5.X.

Why would I choose MailMarshal SMTP?

  • I want to implement some or all of my e-mail business policy within my DMZ.
  • I want to control spam, malicious code, and virus-infected data before it gets to my organization's primary e-mail environment.
  • I want to use DNS Blocklists (Reputation Services) to help with blocking of known spamming sources.
  • I want a single point of control over e-mail messages entering and leaving my organization.
  • I want my end users to be able to manage their own suspected spam.
  • I want to block large messages based on who they are sent to, before the body of the message is received, to save bandwidth.
  • I need to implement a secure e-mail relay at the gateway, as my primary e-mail server does not do this.
  • I need to perform domain name masquerading or other e-mail header re-writing functions.
  • I need to implement encryption and signing of messages for some or all of my users (using MailMarshal Secure Email Server)
  • I want to use TLS for additional security in message transmission.
  • I want to implement protection against email Directory Harvesting and Denial of Service attacks.

Why would I choose MailMarshal Exchange?

  • I need to control what my employees are sending to each other within my Microsoft Exchange environment.
  • I want to reduce e-mail bandwidth over my WAN between Microsoft Exchange servers.
  • I am downstream from a remote SMTP gateway and want to implement content policy on my Microsoft Exchange server locally.
  • I need to control messages originating from gateways other than SMTP, such as X.400.

Why would I implement both MailMarshal SMTP and MailMarshal Exchange?

  • I want to implement different policies on my internal Exchange e-mail messages from those messages originating from the Internet.
  • I want to ensure that spam, malicious code, and virus-infected data are blocked in my DMZ before they get to my primary e-mail system.
  • I need a combination of the unique features of both products.

Feature Comparison

The following points provide a basic comparison of the MailMarshal SMTP and MailMarshal Exchange products. For more details, please refer to the technical documentation for a specific product version.

What features are provided by MailMarshal SMTP, but not by MailMarshal Exchange?

  • Spam detection and management:
    • Automatic updating of SpamCensor, SpamBotCensor, and SpamProfiler
    • Available Blended Threats Service to check malicious URLs in messages
    • End-user maintenance of Allow and Deny lists (Safe Senders and Blocked Senders)
    • End-user Management for Spam
    • Spam Digest notifications provide a summary of spam blocked for each user, each day.
  • Receiver rules: the ability to block messages by sender, recipient, size or IP address before they are received. Important for bandwidth savings.
  • DNS Blocklist/Reputation Service usage.
  • Blocked hosts: the ability to block mail from specific mail servers, IP addresses and IP ranges. Useful to deny all connections from a spamming or abusive mail source.
  • Reverse DNS Lookup: Useful for confirming that the sending server is genuine and not spoofing its identity.
  • Anti-spoofing rule: block users sending mail to a local address with a forged local 'from' address.
  • Rule based message routing.
  • Trustwave MailMarshal (SEG) prevents unwanted Internet e-mail from reaching the Exchange server. Useful because many sites wish to keep all threats away from the Exchange server completely. This can help reduce risks from viruses, and also reduce the load on the Exchange server.
  • Trustwave MailMarshal (SEG) is intended as a gateway server, although it can be installed on the same computer as the internal email server if desired. MailMarshal Exchange tightly integrates with Exchange Server and must be installed on the Exchange server itself (Exchange 2000 through 2010).

What features are the same in both products?

  • Scalable array architecture with centralized management.
  • Intranet web functionality:
    • End User Management tools
    • Administration Console
    • Marshal Reporting Console to generate usage and threat reports
  • Digest notifications of quarantined messages.
  • Automatic updating of Known Threats signatures.
  • Most content unpacking and scanning functions and available actions are common to both products.
  • Both products can scan content for viruses, unwanted file types, offensive language, unwelcome scripts and other threats.
  • Both products can scan the content of e-mail coming from and going to the Internet.
    • However, MailMarshal SMTP includes a number of extra functions specifically tailored to this type of traffic, notably the anti-spam functions and layers. MailMarshal Exchange is explicitly not an anti-spam product. 

What features are provided by MailMarshal Exchange, but not MailMarshal SMTP?

  • Internal scanning of Exchange email

This article was previously published as:
NETIQKB37650

 

 

 

Last Modified 3/1/2020.
https://support.trustwave.com/kb/KnowledgebaseArticle10722.aspx