AntiVirus & AntiSpam email scanning / The Axigen-Kaspersky approach

In today’s fast-paced and competitive business environment, email communication is mission-critical. Companies of all sizes and Service Providers altogether need robust and secure messaging solutions that they can count on 24x7. Protecting the email infrastructure is not only a challenge, but also an imperative for business productivity and continuity.

To defend business email systems, it is necessary and recommended to implement scanning at one or more points within the email delivery process. While scanning at mail gateway / mail relay / firewall (application proxy) or using security solutions on end-users’ work-stations (usually desktop computers) can bring numerous benefits, implementing security applications at the mail server level proves to be the most efficient, reducing both time and costs associated with the installation, deployment, maintenance or support of the security solutions and, overall, of the email system / infrastructure.

Integrating the Axigen messaging platform with security applications

This can be achieved through:
  • The Milter protocol (Kasperky, AVG, ClamAV, Symantec) – filtering takes place at the SMTP level.
  • External filters (developed as external components of Axigen) – they communicate with the server through dedicated protocols, generally described as AFSL (Axigen Filter Scripting Language); these apply once the Spam and malicious messages have already been thinned-out by the previous SMTP level filters e.g. Amavis, AVG, SpamAssassin.
  • And, in a particular case (the integration with the Commtouch AntiSpam technology) – via the HTTP protocol.

How it works:
Security scanners receive instructions from the server through these filters and once the scan is complete, they provide the relevant results back to the server. Using the results, Axigen decides the fate of the email messages, including dropping or accepting them. These actions can be fully customized to fit the requirements of any email traffic regulations.

Benefits:
While external filters usually provide a higher performance, through the close communication with third-party scanners, Milter-based filtering presents a distinct advantage – that of enabling the scanning of the incoming SMTP connections. The ability to scan a message before receiving it opens a new perspective:
  • In regards to unwanted traffic, it enables the server to refuse a message if content filters strongly indicate that the scanned email is unwanted.
  • By not accepting the message, no further resources are allocated to this mail (for processing, storage, backup, double-checks etc).

Disadvantages:
  • While ensuring a broader compatibility with third-party scanners, Milter-based filters generally have lower performance results, due to the typically larger protocol overhead.
  • Applying for both types of filtering, there is the inability to configure and update the AntiVirus / AntiSpam engines by using Axigen’s administration services (WebAdmin and CLI).
  • And also, a potential lower reliability since they both use components developed by another party (security vendors).

The integration of Axigen with Kaspersky Lab's AntiVirus / AntiSpam technology

The latest and most innovative implementation, however, is represented by the integration of Kaspersky Lab’s award-winning malware detection engine into the Axigen mail server. The Axigen-Kaspersky partnership brings together the reliable Axigen messaging solutions with the proactive Kaspersky AntiVirus and AntiSpam, message content and attachment filtering technologies to secure the mail traffic of both companies and Service Providers.

How it works:
The Axigen mail server communicates, through a dedicated protocol, with two internal, custom-built services (Kaspersky AntiVirus Server and Kaspersky AntiSpam Server) created specifically for the Axigen platform, based on Kaspersky Lab’s AntiVirus and AntiSpam SDKs (Software Development Kits).

Integration architecture:
Axigen-Kaspersky integration architecture