LOG IN |  Register | 0 item(s) in your shopping cart, USD
Download and try the latest WinGate 9 free for 30 days.

Features

Attachment blocking

WinGate parses all received emails for content, and allows you to specify file extensions which will be blocked by the system. This is useful to stop certain types of files which are commonly associated with email-borne viruses. Email attachment blocking
When an email has been received by the SMTP server in WinGate, before the WinGate SMTP server indicates that it will accept responsibility for delivery of the message, it scans it for unacceptable content. Should WinGate find any file attachments in the message that are denied, commonly executable files, then WinGate refuses to accept responsibility for the message.

The administrator can define any number of file extensions that will be denied, and apply this restriction to incoming and/or outbound mail.

Rejecting the message in this way reduces the workload on the server, and can filter out many attachments that are normally associated with viruses, such as executables and script files.
Back to top

POP3, SMTP, and IMAP4 servers

WinGate allows you to specify additional restrictions on a per-email address basis, including message limits, attachment blocking, and copying of messages. Per-address email restrictions
The Email Queue Management pane in GateKeeper allows you to view currently pending email deliveries on a per-domain basis. From this panel, you can force a retry of selected domain delivery jobs, preview, bounce or delete individual messages, and a variety of other email queue management tasks. Email queue management
WinGate has a number of available options for SMTP message reception. These include various limits, as well as extra checks made for mail received from untrusted sources (i.e. unauthenticated, or received on an untrusted interface). The Open Relay Detection uses ORBS-style DNS RBL requests to verify sending servers. Spoofed-address blocking uses a DNS-based mechanism to determine whether the sending server is legitimately entitled to be delivering mail from the domain it claims to be. This allows for a great reduction in the amount of received unsolicited email (SPAM). Email reception options
Services in WinGate can now be bound to any number of ports and interfaces, and support SSL connections, and TLS (where supported by the protocol). This allows the administrator to easily configure secure networks with encrypted connections. Additionally since the binding is based on policy, it reacts to changes in the network. The administrator no longer needs to change service configuration when their IP address changes (e.g. ADSL DHCP lease renewal), or when interfaces become available and unavailable (i.e. wireless networks). Service bindings
WinGate has a comprehensive POP3, SMTP and IMAP4 (version 6.1 or later) server built in. These servers support advanced authentication options, and secure connections for both delivery and reception of mail, allowing you to set up a secure email network accessible over untrusted networks such as the Internet.

Simple yet highly flexible domain and user-based delivery rules allow you to set up a comprehensive variety of scenarios, including:

  • Catch-all mailboxes, where all mail for a domain goes to a specific mailbox
  • Split domains, where mailboxes for a domain are hosted on more than one different server
  • Forwarding domains
The SMTP servers also supports a number of anti-spam measures to reduce inbound spam, and additionally mail received or retrieved can be scanned for viruses using the optional Kaspersky AntiVirus for WinGate component.

Flexible delivery options allow you to specify delivery requirements (such as authentication or secure connection requirements, or different port numbers) on a server by server basis where required.

Per-user restrictions are available, including maximum message sizes, redirecting mail, blocking file attachments per user, or copying mail to multiple recipients.
Back to top

Support for Antivirus data scanning

Kaspersky AntiVirus for WinGate allows the user to scan incoming and outgoing Web, POP3, and SMTP traffic for known viruses. The plugin also integrates with WinGate's scheduler service to obtain regular virus signature updates. AntiVirus settings
several WinGate services support WinGate plugins (including Kaspersky AntiVirus for WinGate, or PureSight for WinGate). These services are: SMTP server, POP3 Proxy, WWW Proxy. Service support for plugins
WinGate includes support for several plug-in components which are available separately. These data scanning components allow you to scan content passing through WinGate proxies. One component is an AntiVirus plugin, called Kaspersky AntiVirus for WinGate (KAVWG). The AntiVirus technology in this plugin is licensed from the well-respected Kaspersky Labs.

Several proxies and services in WinGate support scanning content for viruses using this plugin, these are:

  • The SMTP server. This scans all received mail, and mail retrieved using POP3 collection
  • The WWW proxy. This scans files as they are downloaded to your browser, and can detect not only files containing viruses (i.e. infected EXEs or ZIP files), but also iFrame exploits, and common attacks against web browsers.
  • The POP3 Proxy. If you collect your email from a POP3 server on the Internet through WinGate's POP3 Proxy, you can also scan the email as it is being retrieved for viruses.
  • The FTP proxy. Files being downloaded or uploaded can be scanned for viruses.
If a file fails scanning because it contains a virus, it is placed in WinGate's quarantine, where it may be released by the system administrator.
Back to top

POP3 mailbox collection

WinGate can periodically poll any number of POP3 accounts and download any mail on them, sort it, and deliver it locally or remotely. The POP3 client supports a number of authentication mechanisms, and TLS connections. POP3 email collection
WinGate can retrieve mail from POP3 mailboxes on other servers, and import them into the WinGate mail system for local or remote delivery.

The POP3 retrieval system allows you to parse retrieved emails, and deliver accordingly, or deliver all mail for a mailbox to a specific address.

If you have Kaspersky AntiVirus for WinGate installed and activated on your WinGate email, then retrieved emails will also be scanned for viruses.

Multiple security and authentication options
A range of security options are also available, including secure connection support using STLS, and various authentication methods including:

  • plain USER/PASS
  • NTLM (used for secure authentication to MS Exchange servers)
  • CRAM-MD5
  • APOP
By default WinGate will choose the most secure method available on the POP3 server that it is connecting to.
Back to top

Anti-spam measures

WinGate has a number of available options for SMTP message reception. These include various limits, as well as extra checks made for mail received from untrusted sources (i.e. unauthenticated, or received on an untrusted interface). The Open Relay Detection uses ORBS-style DNS RBL requests to verify sending servers. Spoofed-address blocking uses a DNS-based mechanism to determine whether the sending server is legitimately entitled to be delivering mail from the domain it claims to be. This allows for a great reduction in the amount of received unsolicited email (SPAM). Email reception options
WinGate's SMTP server gives the user a number of options to help prevent unsolicited email from being accepted by WinGate.

To start with, WinGate can use Open Relay Databases (ORDB) which are available on the internet based around a DNS lookup to check whether a computer connecting to WinGate is a known open relay or spammer.

WinGate will also optionally block invalid sender domains (i.e. domains that do not exist, or have specific properties - e.g. the MX record resolves to "localhost" or other disallowed records).

Finally, WinGate uses an SPF-style check if you enable "block spoofed sender addresses". The key difference between this check and SPF, is that SPF requires domains to specify valid senders by publishing an SPF DNS record. Most sites do not have one of these, so SPF is still not widespread enough to be used to verify most domains. WinGate's method - by using a combination of assumptions - can gain a high level of certainty about sites and domains that do not have published SPF records. Inevitably there will be some sites that do not pass WinGate's anti-spoofing checking, so there is a comprehensive white-list option to allow these through.
Back to top

POP3 and SMTP proxies

In addition to the comprehensive POP3 and SMTP servers in WinGate, WinGate includes a POP3 proxy and an SMTP proxy.

The proxies differ from the servers in that they are intended to be connected through rather than connected to. E.g. if you connect to a POP3 server on the Internet, you may choose to connect through the POP3 proxy, and have it scan your email for viruses at the same time.

The SMTP proxy however we do not recommend you use unless you specifically do not wish to use the SMTP server in WinGate, or your license does not give you access to it (version 4.x license or earlier).

The POP3 proxy however is often used, since it is common to need to access a POP3 server on the Internet.
Back to top

Remote Email Queue Management

The Email Queue Management pane in GateKeeper allows you to view currently pending email deliveries on a per-domain basis. From this panel, you can force a retry of selected domain delivery jobs, preview, bounce or delete individual messages, and a variety of other email queue management tasks. Email queue management
With the email tab in GateKeeper you can easily manage several aspects your server mail queues. Functions include:
  • Aborting delivery of mail to a domain (domain job)
  • Retrying all delivery
  • resetting the delivery try count on a domain job
  • Deleting or bouncing specific messages from a particular domain job
  • previewing messages in the queue

Back to top

Multiple authentication options

WinGate's SMTP delivery mechanism allows you to override default delivery settings on a server-by-server basis. This allows you to specify authentication requirements for delivery to specific servers. Delivery per-server configuration
Email in WinGate supports a number of authentication options, depending on which user database you are using, or which email clients.

For SMTP reception and delivery to remote SMTP servers WinGate supports:

  • SASL PLAIN method
  • SASL CRAM-MD5 method
  • NTLM method
WinGate's POP3 collection and POP3 server supports:
  • USER/PASS method
  • APOP method
  • SASL PLAIN method
  • SASL CRAM-MD5 method
  • NTLM method
In addition, the methods for the SMTP server (reception) and POP3 server can be restricted to whether the connection has been secured by STLS or STARTTLS (equivalent for SMTP) or not, thereby removing the vulnerability of insecure authentication methods, by requiring that the connection be encrypted before an insecure method becomes available.
Back to top

MS Outlook secure authentication

MicroSoft® Outlook only supports one type of secure authentication, which is via NTLM, against an NT database. With WinGate's built in ability to synchronise with such a database, Outlook users can authenticate with WinGate's SMTP and POP3 servers, sending their username and password to WinGate in an encrypted format rather than plain text.
Back to top

User quotas and restrictions

If you choose to let WinGate host your users' mailboxes, you can specify individual requirements on the users mailboxes, and email addresses.

You can specify the maximum amount of disk space that a user's mailbox may use.

Furthermore, for any email addresses whether associated with a local mailbox or destined to be forwarded to another server, you can specify additional restrictions, such as blocking attachments, setting a maximum message size, or copying the mail to other local or remote addresses.
Back to top