|
|
|
|
|
|
|
Xeams
Xeams - A Comprehensive Solution
Xeams is a secure and powerful mail server for Windows, Linux, Solaris, Mac OS X and other flavors of UNIX, and supports SMTP, POP3, and IMAP. Xeams includes a powerful spam filtering engine that eliminates up to 99% of junk email right out of the box. The software offers a flexible approach to email, making it a very user friendly server.
Full SMTP and/or Proxy Server
Xeams is equipped with a full SMTP server that accepts emails and queues them for delivery, as well as a Proxy Server that can be used for inbound filtering.
Office 365 Integration
Use Xeams in front of your Office 365 infrastructure to gain additional filtering, reporting and archiving capabilities that you don't get with Office 365 alone.
99% Spam Protection
Xeams can block 99% percent of all junk messages right out of the box. The filtering rules are fully customizable and get better as Xeams adapts to your email environment.
Built-in POP3 and IMAP Servers
IMAP and POP3 servers built right into the system to easily fetch emails from an email repository to a client's machine.
Extensive Reporting
Out of the box, Xeams provides several reports that accurately report the usage and load trends on your server. The Live Monitoring feature in Xeams provides a summary of emails as they arrive in your system.
Message Archiving
Xeams automatically archives every message that goes through it - both inbound and outbound. This makes Xeams a perfect companion to servers like Microsoft Exchange when it comes to message archiving.
Xeams can work in 3 modes:
More than just an email server
Xeams offers much more than a typical email server. Here is a partial list of its features.
A comprehensive solution
A complete email server supporting POP3, IMAP and SMTP protocols. Users can use any client such as MS Outlook, Mozilla Thunderbird or any other email client to send and receive emails. It has a builtin web server and a relational database. All this reduces configuration time and you can be up and running in minutes.
Multi-platform support
Xeams works on a large variety of operating systems this includes: Microsoft Windows, Linux, UNIX, Mac OS X, BSD. Xeams is written in 100% Java and therefore it supports every operating environment for which a Java virtual machine is available.
Sophisticated spam filter
A built in spam filter provides protection against junk emails, virus and phishing attacks. It blocks 99% of junk messages right out of the box. A higher rate of accuracy can be achieved by taming the rules engine that comes with the product.
Xeams offers a 100% in-house solution, minimizing privacy risks associated with outsourced solutions.
Comparing In-House vs Cloud
With the growth of cloud-based services, many companies are debating how to maximize their return on investment while still maintaining privacy for their email infrastructure. This page discusses 3 different models of deploying email systems.
Deployment Models
The following section discusses pros and cons of every approach.
100% Outsourced
Pros
Cons
100% In-House
Pros
Cons
Hybrid
Many companies offer a Virtual Private Server (VPS) at very cost effective rates allowing you to run entire machine somewhere in the cloud.
Pros
Cons
3 different modes of operation:
Stand Alone Mode
Xeams runs as a full email server in this mode, supporting SMTP, IMAP and POP3 protocols. Every user has their own Inbox. Incoming emails are checked against spam filters and then are forwarded to appropriate inboxes.
Users can use any email client, such as Xeams web client, MS Outlook, Thunderbird or any other client that supports POP3 or IMAP protocols to fetch new emails.
No other email server is required if you use Xeams in this mode. This is the default mode of operation.
Spam Firewall
In this mode Xeams acts like a firewall that sits in front of your corporate email server. Every in-bound email is checked by Xeams before it is forwarding the message to the actual email server. Similarly, every outbound message is checked before delivering it to its final destination.
Xeams works with any email server that supports the SMTP protocol, including Microsoft Exchange, Sendmail, Novel Groupwise, Lotus Notes and others.
Xeams provides two types of SMTP servers when operating in this mode:
Hybrid Mode
This is a combination of mode 1 and 2. User's inboxes are created on two locations: Xeams and your corporate email server. Users have a choice of using either one of them.
Although, every email gets copied at two locations, it provides redundancy for your corporate email infrastructure.
Blocks 99% of junk messages right from reaching your inbox. Reduces traffic to your primary email server and prevents harmful attachments from getting into your network.
Junk Mail Filtering
Upon installation, Xeams provides an excellent junk mail filtering solution. Upon arrival, every email gets:
By default, all quarantined emails are saved on the server for 15 days. All quarantined messages are stored in a different folder, which are easily accessible by either the web interface or any IMAP client such as MS Outlook and Mozilla Thunderbird.
Feature details
Xeams uses a sophisticated score based mechanism to decide if an email should be considered junk. Every incoming and out-going email is assigned a score. Based on this score, Xeams assigns one of three categories to the email:
Besides Junk and Good, Xeams utilizes a third category called Possible Junk. Occasionally, if an email to too close to being good or junk, it is assigned this category, providing the users to manually decide if they want to mark them as junk or good. By default if an email gets a score less than 60, it is considered good. A score of 100 or higher is considered junk. Score between 60 and 100 is considered Possible Junk.
Scoring criteria
Scoring is done based on several built-in rules. Every rule in the system can take the score either in the positive or negative direction. The final score decides the category of the email. Rules in Xeams can be further divided into two categories:
Several user-defined rules are bundled with Xeams at the time of installation. All of these rules has a default score and are fully user configurable.
Self-learning rules adapt to the environment of your users. For example, it learns from the past history of emails to assign a score to future emails. One such rule is called Bayesian Analysis. Another example of self-learning rule is when a local user sends a message to someone outside the network. Xeams remembers who the recipient is and gives credit to that user if he/she sends a reply back.
Score reasoning
Many spam filtering solutions block messages without giving an adequate reason of why it was selected as junk. Xeams, on the other hand, gives a detail description of why a particular email is considered junk. This description is very useful for administrators who want to fine tune the filtering rules.
Protect sensitive data by encrypting email that cannot be viewed by anyone but the intended recipient(s).
How to encrypt emails
Emails are inherently insecure. Consider a scenario where you are receiving the results of a blood test from your doctor via email. There is no guarantee that the email was not viewed by anyone else before it reached your inbox unless it was encrypted. This page demonstrates a very simple way of encrypting emails ensuring no one but the actual recipient will be able to see the message.
Design Goals
Before discussing how to encrypt emails, let's talk about a few design goals for such a system.
|
Privacy |
No one but the intended recipient should be able to open the message. Not even administrators or a junk filtering email system. |
|
No Plugins |
No plugin should be required to open the original message. It uses software that is commonly available on every computer or mobile device. |
|
Off-line Access |
Recipients should not have to rely on external websites in order to view the message. They should be able to view the message even if Internet access is not available. |
|
Mobile Access |
Recipients should be able to open the message on their mobile devices, running on iOS, Android or Windows. |
|
No Expiration |
A previously sent message should never expire. |
SSL/TLS
A misconception
Many individuals incorrectly think they can achieve end-to-end encryption when using SSL/TLS. SSL can only encrypt in-transit data.
Consider the image below as an example:
Since SSL/TLS only encrypts in-transit data (represented by red lines in the diagram), it is potentially stored in clear once the message gets to the next SMTP server. Therefore, both humans and software can look into the message, defeating the purpose of having an end-to-end encryption system.
Using Xeams to the Rescue
Starting from v6.6 of Xeams, local users can send encrypted emails to recipients on the Internet without using any special software on the client's machine.
Steps to Encrypt
The following steps demonstrate how to encrypt emails in Xeams.
Composing Emails
Users can compose emails using their normal email composing tool such as MS Outlook, Mozilla Thunderbird or any other web-based email client. Modify the subject line with a pre-configured suffix word. This word by default is encpass. Here is an example of a subject line:
Before
Your tax returns for 2018
After
Your tax returns for 2018 encpass(magicWords2018)
Sensitive Keywords
As a company policy, you can define certain words/pattern as sensitive. For example, if an email contains a social security number or a credit card number, you may want to force your users to encrypt that message. Using the following steps you can force your users to use encryption:
Specifying Predefined Passwords
Users can predefine encryption passwords for common recipients. For example, a doctor's office can specify individual passwords for every patient before sending a blood report.
Background Processing
Xeams takes the following steps when users indicate they need to encrypt the message:
Archive historic messages with lightning fast searching capability. Quickly find out attachments sent in and out of your company in the past.
Xeams automatically archives every message that goes through both inbound and outbound. This allows administrators and other company principals to search and retrieve messages received in the past.
How it works?
Every message that passes through Xeams is indexed and saved on the disk. The indexes make searches lightning fast. Users can search either recipient's name/email, sender's name/email, or within the message contents.
A date range can be specified to restrict the results so you only see relevant records.
Additionally, predicates like "AND" and "OR" can be applied when searching for contents. For example, if you are looking for an email containing "Law Suite" and "Simpson", searching for "law AND suite AND simpson" will return your desired messages.
HIPAA Compliance
The HIPAA Act of 1996, require every healthcare organization to maintain a record of correspondence between patients and their healthcare providers. Message archiving features in Xeams help tremendously in retrieving any electronic communication between doctors and their patients.
Build a highly available email infrastructure with built-in clustering capabilities.
Consider a scenario where you have more than one Xeams installed to filter junk messages. This scenario is depicted in the image below.
Example
Consider the following scenario:
Since there are 3 instances of Xeams, it becomes a lot easier from an administrative perspective to change a rule on MASTER instance and let it automatically propagate to the SLAVES.
Prerequisites
Steps to enable clustering
Enabling clustering is a two-step process:
Step 1 - Designate the highest priority Xeams as MASTER.
Step 2 - Authorizing a MASTER.
What is synchronized
The following information is synchronized between MASTER and SLAVES.
What is NOT synchronized
Most global parameters are NOT synchronized. Below are some examples:
Message Repository and Reports
Message repository is automatically synchronized between MASTER and SLAVES. Therefore, when you search messages or display a list of all messages, the MASTER will pull necessary information from the SLAVES and display one consolidated result.
Additionally, different colors are used in the message repository when a message is pulled from a SLAVE. See image below for a screenshot.
Same goes with user reports that are sent on daily basis. Reports will only be sent out from the MASTER and will contain records from the SLAVES. Therefore, user will only get one report that will pull data from every instance of Xeams.
Sending Outbound Emails through Slaves
Xeams can automatically route outbound emails through multiple slaves if the first attempt from MASTER fails. Two things happen when a message gets routed through a slave:
Use the following steps to enable/disable delivery through slaves:
Licensing
A license is inherited from MASTER to SLAVE. Therefore, do not explicitly apply the serial number in SLAVE(s).
Troubleshooting common problems
The communication between the MASTER and SLAVE server occurs over HTTP(S). Assuming the URL for a slave is http://mx2.yourcompany.com:5272, you will have to open firewall ports allowing the MASTER server to reach the slave on port 5272.
Checking the slave's status from Server
Checking the MASTER's status from slave
Frequently asked questions
Can I change filtering rules on SLAVES?
No. Rules you modified on SLAVES will get overwritten by MASTER. Therefore, avoid modifying any filtering rules on SLAVES.
Do I have to purchase a separate license for the SLAVE?
No. The license gets inherited from MASTER to SLAVE(s).
Do I have to search every instance for an email?
No. Messages searches are integrated. Therefore, try searching email only on MASTER. It will display emails that were received by the SLAVES.
Will SLAVES send quarantined report?
No. Only MASTER will send a consolidated report displaying quarantined emails not only from its own instance but emails that were received and quarantined by SLAVES.
Stay compliant with many government regulations. For example, HIPAA, GLBA, CFPB, FERPA, Sarbanes-Oxley, Safe Harbor, etc.
Email is one of the most common methods for communication. Companies rely on emails for sending sensitive data to their business partners. Emails are inherently insecure therefore; many regulations exist that govern sharing sensitive data through email messages.
Prevent intellectual property leakage by monitoring sensitive information being sent out via email. This includes message content as well as attached files.
Preventing Intellectual Property Leakage
Intellectual Property (IP) is the lifeblood for every organization and as such, must be protected against leakage. One common and occasionally overlooked channel is email. This page talks about how Xeams can be used to prevent IP leakage.
In addition to IP leakage, companies need to ensure other sensitive data or information is protected, such as personal identifiable information, vendor cost/pricing, employee/client health records, customer pricing, contracts, financial data, etc.
Repercussions
IP leakage can potentially have long-term consequences on your business. Consider the following examples:
How Can Xeams Help?
Several features in Xeams help companies protect their sensitive data as well as IP.
|
Policy Violation Alerts |
Automatic alerts can be triggered when certain sensitive data is found either in inbound or outbound emails. Administrators can configure triggers to search following components of an email.
|
|
Attachment Reports |
Historic reports can easily help investigators find who sent or received certain attachments. |
|
Message Catalog |
Summarized message catalog help investigators get a summary of emails sent and received from interesting parties. For example, it is very easy to find what emails were sent by an employee before the left the company. |
Xeams uses many technologies that are considered best practices in the industry such as STARTTLS, SPF, DKIM, DMARC and others.
SPF
SPF prevents forgery by designating a handful of IP addresses where emails can originate for your domain. SPF check will fail if a spammer sends a forged message from their own IP, allowing Xeams and other servers to treat that as spam.
It is very easy to forge a sender's email address but is very difficult to forge an IP address. This makes SPF very effective in combating email forgeries.
DKIM
DKIM ensures the message was actually composed by someone belonging to the domain they claim to be part of. Additionally, it ensures the message is not modified in transit. Technically, the message is digitally signed by the email server before leaving and this signature is verified by the receiving end, allowing the receiving end to verify the authenticity of the message.
Xeams can assign a score to any incoming message where DKIM signature does not match.
DMARC
DMARC builds on top of SPF and DKIM. This not only helps prevent forgery but also provides a sophisticated reporting mechanism allowing the senders to fine tune their SPF and DKIM rules.
Xeams adds a score if DMARC alignment fails. Additionally, it can also process incoming reports and send outbound reports to other email servers on the Internet.
Implementing for your domain
All three mechanisms require a TXT record in your DNS server. In addition to the TXT record, DKIM also requires creating a public/private key pair for DKIM signature. Xeams can automatically create these signatures for you without using any other third-party tool, saving you precious time and effort.
Simply double click setup.exe or run Install.sh on Linux and Xeams will be up and running in seconds. No need to install any other software/database.
Everything you do in Xeams is through an intuitive web interface allowing you to connect from any computer.
Xeams can be installed on any operating system including Microsoft Windows, Linux, BSD, Unix and Mac OS X
Seamless integration with Active Directory allow administrators to integrate user accounts with Xeams.
Delegate administrative tasks to domain owners so they can manage filtering rules for their domain without affecting others.
You decide how many days’ worth of emails you need to hold, which applies not only to good messages but also junk/spam messages.
Watch new emails as they arrive in the server. This is one of the most loved feature and is exclusive only to Xeams.
Watch contents of the log files as they appear. This is another exclusive feature and helps tremendously for administrative troubleshooting.
Several reports show you how many emails you are received in a day, week, month and year. It also shows a ratio of junk and good messages.
Xeams keeps a complete history of every email ever received. You decide how many days you need to retain messages.
Although Xeams provide a complete email solution, you can enable/disable any feature you like.
Rules are software updates are automatically downloaded and all administrators have to do is restart Xeams.
Xeams supports unlimited domains and there is no limit on the number of emails sent in or out.
Every common email protocol and specifications are support. Such as Smtp, Pop3, Imap, DKIM, DMARC, SPF, etc.
Built in support for mailing lists exists in Xeams. Using the Administration console you can easily build new mailing lists and modify existing ones.
Customized signatures can be attached to every outbound email conforming to your company's standard policies.
Xeams allows you to enforce your company policies. Alert emails are sent to managers whenever a policy violation occurs.
Every message that comes in gets indexed by a built in search engine. This allows users to search older messages within seconds whether they are one day or one hundred days old.
Quarantine reports can be sent to users allowing them to restore emails and also manage their own white/black list.
Users can set and manage their own out-of-office notifications letting others know they won't be able to respond to their emails while away on vacation.
When combined with SynaMan, users can attach large files to your emails. There is no upper limit on the size.
Why Choose Xeams?
Comprehensive Protection as One Integrated Solution
Xeams is a single platform that enables you to protect, analyze, manage, and report on email traffic flowing in and out of your organization. It is based on an enterprise-class, component-based architecture that includes a state-of-the-art SMTP relay and a powerful policy engine. By monitoring messaging at the Internet gateway with a complete set of email security capabilities, Xeams provides the most effective method to make your inbound and outbound email streams secure and reliable.
To ensure compliance with government and industry regulations like HIPAA, GLBA, Sarbanes-Oxley and Safe Harbor (EU), Xeams provides sophisticated filtering, monitoring, encryption and reporting capabilities. And, using state-of-the-art technology, authentication, tracking and intelligent routing capabilities, Xeams makes it simple for administrators and management in your company to monitor any message coming in and going out of your network.
With Xeams, organizations can:
Benefits of using Xeams
What makes Xeams different?
© Copyright 2000-2023 COGITO SOFTWARE CO.,LTD. All rights reserved
