The XWallBox - Concept & Components


The XWallBox based on x86 processors uses XP Professional or MS server 2003 as operating system. However as an appliance it is self-contained and will start operating by just powering it up. There is no need for any monitor or keyboard. The XWallBox is typically employed as SMTP Firewall and placed outside you network. The XWallBox represents proven technology and brings state of the art email control to your operation.

 

  • The control system software contains 3 services. The XWall spam control system. The F-prot virus scanner, the ESATInformer spam reporting tools and the ESATStatus Email monitoring tool..

  • These software products are all available for years. XWall installations block millions of spam messages every single day. You can download and test drive the software the links above.

  • The XWallBox offers a proven email control system as turnkey hardware solution. Ideal for the network admin of a school, a government agency or a business who is not looking forward to maintain yet another process.

  • The XWallBox can be integrated in to your operation just about any way you like. It can be outside your network filtering the mail and pass it on to your mail server in or outside your firewall. The XWallBox can be delivered with multiple NICs offering SMTP firewall services. In smaller setting the XWallBox is often situated inside the network and port 25 is forwarded to the XWallBox by the NAT router. We can assist you in finding the best solution for you.

  • The XWallBox can be configured to be your complete mail solution. By adding our SMTP Mail server you have everything in the box you need to bring your Email operation under control and in-house.

 

Software components

  • XWall is the heart of the operation separating spam from good email. Offering a multitude of filters XWall can adapt to any scenario filtering out spam and unwanted email. Frequent updates keep your appliance on the cutting edge of anti spam technology.



RBL for Exchange server SLS (Spam Listing Service) RBL
 XWall supports several Relay Black Lists (RBL) services right out of the box (ORDB, Spamcop, Spamhaus). To insure minimal false positives, you may enable group testing. A group contains 2 or more spam services. The e-mail is only considered spam if it fails all members of the group. If a message is considered spam, XWall lets you choose several different actions. These actions are independent of other filters.



SURBL for Exchange Server SURBL hurts the spammers pocket book
 The SURBL has evolved from the SLS services. Unlike testing the SMTP ports for open relays the SURBL service lists the spam supported web sites. XWall searches the e-mail for links to web sites. When it finds a link it checks with SURBL if that site is listed. This filter is very effective stopping pharmacy spam



Greylisting filter in XWall Greylisting stops millions...
 The Greylisting Filter is simple and effective by nature. The filter stops any message from an unknown source and issues a "temporary mail handling problem". The typical RFC compatible SMTP server will retry delivery and XWall will let the message pass. Most spammer however will or cannot re-send the message. For more information check this link

http://projects.puremagic.com/Greylisting/

Xwall Heuristic Fiilter HEURISTIC FILTER: a.k.a. Spamassassin™
 The Heuristic filter is calculating the possibility of the message being spam by considering a number of factors like words, subject, headers and more. Unlike the Bayes filter, it does not need to learn and can be implemented right out of the box. For best protection, we recommend to use both the Heuristic and the Bayes learning filter.

XWall Bayesian Filter The Bayesian filter (Bayes)
 This filter is a major step forward. To fully understand this filter, we recommend reading Paul Graham's White Paper. In addition, XWall also contains an exclude table. It allows you to let a user or a domain send mail through the filter even if they are on a black list or have criteria which filters would catch. As with the other two filters, the Bayesian filter offers an exclude table as well as an independent action table.

XWall Central Checksum Service The XWall Central Checksum Service
 Now there is a new way of handling unknown virus treads and the pesky stock quote spam attacks. The new CENTRAL CHECKSUM SERVICE filter in XWall is just the tool you have been waiting for. We've seen many viruses literally outrun the virus scanner. At best, one of the Norton's & Co. would claim to be the fastest to stop the virus, but that was after the virus did billions in damage. The XWall Central Checksum Service is very different and much faster.

Sender Permitted Filtering The Sender Permitted Filtering (SPF)
 Once Microsoft endorsed SPF Sender Permitted Filtering it is rapidly gaining acceptance. The filter checks a text record in the DNS record. This text record tells the filters which domains are permitted to send email from that server. The more admins add the record to their own domains the better the filter will work. For more information check http://www.openspf.org

The Phishing Filter The Phishing Filter
 Phishing the new buzzword. You dud hear about it the news. Basically it's Spam with a criminal element added. These email seem to come from your bank, Ebay and so on. XWall examines each email for signs of phishing. lt detects false links where the displayed link is different from the real one. It also detects sender that do not send from the correct servers.

The XWall virus scanner The Virus scanner in XWall
 Virus scans for Exchange are expensive. A standard scanner typically will not work to scan email at the server. The problem is the mime encoded message hides the virus from the scanner. XWall assembles the message and an inexpensive command line scanner can now find the virus. Not only do you save money if you don't like one scanner simply use another one. Or look at the scanner scripts you can use with Xwall and take email virus scannng to the next level.

tar pitting The Tar Pitting Filter
 Tar pitting is used to prevent address harvesting attacks. It's done by adding delays in certain SMTP functions making it too time consuming for the attacker to find valid addresses

XWall Blocking Filters The Blocking Filters
 The Blocking filters are the manual filter components in XWall. These filters include blocks by:

  • mail from spec. e-mail addresses
  • Domain blocks
  • host blocks
  • IP blocks
  • Text or subject strings and words
  • Dangerous attachment blocks (your list0
  • Exploits - double ext., CLSID ext., Password protected zips, ect.
  • Character sets (Common Russia, China, Korea, etc.
  • IP addresses by Country
  • Header
  • HTML
  • Recipient
  • Unknown user

.Each of the blocks has it's own action filter and exclude table. It allows you to customize XWall to your needs.

Sender Permitted Filtering What if XWall finds spam?
 SPAM ROUTING: If XWall finds spam or junk mail content XWall offers a variety of options to handle the undesirable mail:

  • Discard Message
  • Stop message and keep a copy for xx days for retrieval
  • Send a none delivery report to the sender
  • Mark subject
  • Mark subject and move to junk mail folder
  • Forward to the Postmaster
  • Encapsulate and forward to the Postmaster
  • Encapsulate and send the the recipient
  • Encapsulate and send the the recipient withot attachment
  • Forward to recipient

These options are individually selectable for each filter

SMTP Relay Control Complete SMTP Relay Control
 Worried about ending up on a open relay list yourself? XWall does offer SMTP relay to your in-house and external users. The SMTP relay in XWall can be protected in many ways. It will start by disabling the relay all together if you don't need to relay, or you can authenticate all users through NTML (NT/ Win2000 domain users). Also, you may set a general user name and password, and you can restrict access to certain IP address ranges.

Sender Permitted Filtering Automatic Sender Permission
 Automatic whitelisting is a great feature available in XWall. It automatically adds the e-mail address of every outgoing message to the exclude list. The reasoning behind this idea is that if you send e-mail to someone, it's likely that you want that person to be able to reply. It's a very welcome feature if you implement more aggressive RBLs™ The Auto white list can be kept company wide or for individual users.

DNS Whitelist DNS whitelist & Bonded Sender™ Programs
 Bonded Sender works like a SLS/RBL blacklist, except in reverse. XWall supports Bonded Sender and many other DNS and Domain based whitelist services.

email disclaimer E-Mail disclaimer notice
 Do you need to make sure all outgoing email has your legal disclaimer. XWall will attach such a disclaimer to all outbound mail. You can have different email disclaimers for different users. It can be plain text or HTML.

Se-mail encryption E-mail encryption & signing
 Want to S/MIME sign outgoing mail. XWall can do it for you. But instead tracking down every Outlook you only need to install the certificate in XWall. How about encrypted email? is true for encrypted email? Yes - XWall is able to encrypt your email at the server level.

admin reports and charts Daily performace reports
 Using the ESATInformer optional add-on gives you an inside look at your spam situation. You see where spam comes from and where is goes. You see how effective your filter settings are and you see what messages your users retrieve.

spam reports User spam reports
ESATInformer prevents false positives in a dramatic way. All or selected users receive a spam report every day. The report is clearly formatted and shows all the message senders and subjects. The user than can retrieve any message he needs.

False Positive retrieval Automatic blocked message retrieval
 ESATInformer allows the user to automatically retrieve messages blocked by XWall unless the message contained a virus or dangerous attachment. The process utilizes ESAT's web interface or Pop3 mail box.

False Positive retrieval Increase mail server efficiency
 Spam free server is not a buzzword. Unlike many other spam solutions the XWall / ESAT combination keeps the detected spam out of your Exchange or mail server and automatically deletes it after a set number of days. Just imagine how your Exchange performs with 80% less mail load. ... and how about the backup? It will take a fraction of the current time and tape.

  • F-Prot virus scan finds the viruses hidden in incoming our outgoing email. Email cannot be scanned for viruses in it's native format. The message has to be assembled first , then scanned. Since XWall does assemble the messages in order to check for spam it's just another step to scan it with the F-Prot virus scanner. Due to the XWall mail processing email virus scanning is simple and integrated in the XWallBox.

  • ESATInformer brings light to the Spam filtering process. Nobody like to be left in the dark. Why should you guess at the effectiveness of your Spam appliance. The XWallbox features the ESATInformer package. It complies reports about the spam XWall stops. The admin report for you and the users get their reports listing the spam the XWallBox stopped. If the users wants to see any of the blocked messages it maybe requested by the simple click of a button.

  • ESATStatus is the remote monitor for the XWallBox. It can display the status anywhere you wish.

  • All the building blocks in the XWallBox are supported by Ceratec Inc.

 

  • SMTP Mail Server The S module adds a mail server for situations without an existing exchange or SMTP server. It offers SMTP, POP3 and Webmail support and represents a complete state of the art email system.

 




 Contact us for more info