Just a little bragging about our email service...
The National Vulnerability Database (NVD), a U.S. government-regulated repository of standards based vulnerability management data, provides alarming information about well-known WindowsTM mail servers including MailEnable, Merak, IMail, and Atmail. With nearly 100 combined security threats since 2004-93% of them of medium and high severity-MailEnable, Merak, IMail and Atmail may pose significant risks to users. In contrast, the NVD reports only five total security vulnerabilities for SmarterMail, finding zero vulnerabilities in 2005, 2006, and 2007. These results are summarized below1:
|
|
2004
|
2005
|
2006
|
2007
|
Total
|
|
MailEnable
|
2
|
17
|
14
|
6
|
40
|
|
Merak
|
10
|
14
|
2
|
0
|
26
|
|
IMail
|
5
|
11
|
3
|
5
|
24
|
|
Atmail
|
2
|
0
|
4
|
3
|
9
|
|
SmarterMail
|
5
|
0
|
0
|
0
|
5
|
Similar to the U.S.-based NVD, the French Security Incident Response Team (FrSIRT) is a leading research organization that delivers real-time vulnerability and threat alerts. Designed to eliminate risks before they occur, FrSIRT continually monitors, reviews, and analyzes potential software vulnerabilities. Since 2005, they have alerted users to over forty combined risks (as shown below) in MailEnable, Merak, IMail, and Atmail. These risks open the doors to hackers, viruses, and other malicious exploits that can wipe out an entire system, possibly exposing confidential user information to the public. SmarterMail, however, is reported to have zero vulnerabilities since FrSIRT's founding in 2003-a nearly unheard of feat. These statistics are summarized below2 :
|
|
Low Risk
|
Moderate Risk
|
High Risk
|
Critical
|
Total
|
|
MailEnable
|
2
|
16
|
1
|
4
|
23
|
|
Merak
|
0
|
0
|
2
|
0
|
2
|
|
IMail
|
3
|
7
|
0
|
5
|
15
|
|
Atmail
|
3
|
1
|
0
|
0
|
4
|
|
SmarterMail
|
0
|
0
|
0
|
0
|
0
|
Providing our clients with a mail server solution that protects our customers is a top priority; which is why we chose the cutting-edge email and collaboration server, SmarterMail, to offer numerous security and attack prevention features such as ClamAV, SpamAssassin, and Greylisting ensure that our customers receive the most up-to-date and effective protections. We run our mail server on the .NET Framework for added stability, and include Intrusion Detection System (IDS) features that help prevent dictionary, spoofing, spamming, and denial of service attacks.
1Figures retrieved from National Vulnerability Database, http://nvd.nist.gov/, 8-2-2007.
2Figures retrieved from French Security Incident Response Team, http://www.frsirt.com, 8-6-2007.
