SecurityGateway for Email Servers

MDaemon Technologies has incorporated many years of mail server technology expertise into developing an email security firewall for users of any SMTP email server. SecurityGateway for Email Servers incorporates multiple defense layers that deliver comprehensive protection at the edge of your network to prevent spam, phishing, viruses, and other threats to your email communications. Built upon the industry standard SIEVE mail filtering language, SecurityGateway for Email Servers email security firewall offers performance and flexibility in managing inbound and outbound email traffic.

The SecurityGateway email security firewall offers many advantages:

Accurate DetectionWith multiple analysis tools for separating threats from legitimate email, SecurityGateway leverages the best proven anti-spam, anti-virus, anti-spoofing, and anti-abuse technologies to produce a 99% spam blocking rate and achieve nearly zero false positive results.

Simple AdministrationAn intuitive, task-oriented interface provides a Landing Page for each of SecurityGateway's main sections. These landing pages contain lists of common tasks and provide links to the pages where each task can be performed. This approach allows administrators to perform common actions with minimal effort. Further, administrative responsibilities may be delegated to a Domain Administrator, allowing that administrator to manage one or more domains assigned by a Global Administrator. Additionally, end users are empowered to determine the fate of a message without the need to contact the administrator.

Data Loss PreventionIn addition to inbound email traffic filtering, SecurityGateway also filters outbound email. An easy-to-use interface allows policies to be created which detect and prevent the unauthorized transmission of sensitive information outside of your network.

Powerful Filtering EngineSecurityGateway's powerful filtering engine is based upon the SIEVE mail filtering language. Further, using the included Message Content Filter and SIEVE Scripts Editor, administrators may extend the functionality of SecurityGateway by creating their own SIEVE scripts.

Comprehensive ReportingIdentify email traffic patterns and potential problems with SecurityGateway's comprehensive reporting. All reports support point-and-click drill-down targeting allowing further analysis to be performed.

Flexible Defense Layers—Administrators who wish to adjust the order of operation in SecurityGateway's multiple layers of defense, have the flexibility to prioritize the security rules for their unique email patterns.

Features Overview

SecurityGateway's navigation menu in the left pane contains six menus, with each menu corresponding to a section of SecurityGateway's features. The following is a brief overview of these six main sections:

The Dashboard

The first page that you see when you log in to SecurityGateway for Email Servers is the Dashboard. The Dashboard landing page gives you a quick overview of SecurityGateway's current status and several summary reports of its activity for the last 24 hours.

At the top of the Dashboard is the Server Status section. This section tells you whether or not the SMTP service is running, and it gives you a link to start or stop it. Further, the Dashboard lists your registration key size, provides a link to manage your registration and activation, and lists how many domains and users currently exist. It also provides a link to the Domain List to manage your domains and users. When a software update is available, this section will also provide a link to details about the update.

Below the Server Status section is the Server Statistics section. This section displays six of SecurityGateway's graphical reports: Inbound vs. Outbound Messages, Total Bandwidth Used by Email, Good vs. Junk Messages, Junk Email Breakdown, Top Email Recipients, and Top Spam Domains. Each report displays the statistics for the last 24 hours.

In the Dashboard menu in the left pane there is a link to the Dashboard landing page, and there are links to your My Account options, which allow you to manage your own account settings, quarantine, and message log.

Domain Administrators will only see statistics and options for the domains over which they have administrative access.


The Setup/Users menu has seven subsections containing links to SecurityGateway's core configuration options. You will use the options in these sections to setup your domains and user accounts, mail delivery options, quarantine settings, backup and database preferences, and other configuration options. The Setup/Users menu has these subsections:

Accounts—The Accounts section under the Setup/Users menu contains options related to your SecurityGateway user accounts and domains. There are five account-related links under this section that include options for creating domains and user accounts, designating User Verification Sources, setting the default values for a number of user options, and more.

Mail Configuration—The Mail Configuration section provides links to five pages governing various mail-related functions. For example, you will use the options under this section to designate the servers on which your users' email accounts reside, set your quarantine options, configure various email delivery options, and manage other technical settings.

Disclaimers (Headers/Footers)—Message Disclaimers are portions of text that the server can add above or below the body of inbound, outbound or local email messages. Use this page to create and manage you disclaimers.

System—The System section under the Setup/Users menu contains links to various system functions, such as encryption settings, HTTP interface options, directory locations, disk space management options, and more.

Database Maintenance—The options reached from this section deal with the type and amount of data that is saved by SecurityGateway, automatic backup features, and options for restoring the server from backup files.

Registration—The Registration page lists your product registration information, including the name of the person or company to whom the product is registered, the registration key, and the status of your registration.

For more information, see the section overviews or the individual pages under each section.


The Security menu has eight sections with various tools to help you protect your domains and users from spam, viruses, email abuse, and other security risks. Below is a brief overview of each security section. For more information, see the individual sections.

Anti-Spam—The Anti-Spam section under the Security menu contains options to help you prevent spam, or unsolicited junk email. There are eight anti-spam features listed under this section, including options for identifying and preventing spam by using heuristics, Bayesian analysis, DNS and URI blacklists, greylisting, and more.

Anti-VirusThe Anti-Virus section under the Security menu contains options to help you identify virus infected messages and prevent them from reaching your users. To offer an extensive level of virus protection, SecurityGateway includes two anti-virus engines: Clam AntiVirus (ClamAV™) and CYREN Anti-Virus. ClamAV is an open source (GPL) anti-virus toolkit designed especially for mail gateways. CYREN AV offers reliable protection from malicious and potentially hostile programs. It combines traditional anti-virus methods with the latest proactive technologies. SecurityGateway also includes Outbreak Protection from CYREN, which offers an additional layer of protection against virus outbreaks.

Anti-Spoofing—The Anti-Spoofing section has tools to help you identify messages sent from forged, or "spoofed" addresses. There are six anti-spoofing features listed under this section, such as DKIM Verification, Sender ID, Callback Verification, and more.

Anti-Abuse—The Anti-Abuse section contains tools that help you prevent others from abusing or improperly using your email system to relay spam messages, use large amounts of bandwidth, connect to your server too frequently, and the like. There are six tools under the Anti-Abuse section.

FilteringThe Filtering section contains two features: Message Content Filtering and Attachment Filtering. The Message Content Filtering page can be used to create filter rules to perform a number of actions. You can create rules to cause messages that match certain criteria to be refused, copied or redirected to a different address, quarantined, and more. The options on the Attachment Filtering page can be used to designate specific types of files that will cause a message to be either blocked or quarantined when one of those files is attached. You can define the filtering restrictions both globally and per domain.

BlacklistsBlacklists are lists of email addresses, hosts, and IP addresses whose messages you wish to block or quarantine. By default those messages will be refused during the SMTP session, but on the Blacklist Action page you can change this setting so that they will be quarantined instead. The action that will be taken can be set globally and for specific domains, and the blacklists themselves can also be set as global or domain specific.

WhitelistsWhitelists are lists of email addresses, hosts, and IP addresses whose messages you wish to exempt from a number of security restrictions. Heuristics and Bayesian, DNSBL, DKIM Verification, and almost every other Security feature in SecurityGateway has the option to exempt senders, hosts, messages, and so on if they appear on the appropriate whitelist. Each whitelist can be set as global or domain specific.

Sieve ScriptsSecurityGateway uses the Sieve email filtering language to perform many of its functions, and the Sieve Scripts page lets you see in what order those functions are performed. It also provides a Sieve Script Editor that you can use to create your own custom scripts.


The Messages/Queues menu selection gives you access to two sections:

Message Log—The Message Log contains an entry for every message that your users send or receive. It lists the date and time the message was processed, the sender and recipient, and the subject of the message. It also lists the result of the delivery attempt, such as whether or not it was delivered, quarantined, or refused, and if it wasn't delivered it gives you a reason, such as the sender was blacklisted, the message contained a restricted attachment, or the like. Each entry in the log also lists the size of the message and its Message Score. From the Message Log you can view the details of each message, including the transcript of its delivery and the message's content and source (when available). You can also mark messages as spam or non-spam to help refine SecurityGateway's Bayesian Learning features and more accurately categorize messages.

Message Queues—This section provides links to four different message queues: User Quarantine, Administrative Quarantine, messages Queued for Delivery, and Bad Messages. The User Quarantine is a designated holding queue for incoming messages that do not pass certain security features. Users can log in to SecurityGateway and view the contents of their quarantine folder, and from there choose to view the messages, delete them, or release them from quarantine to be delivered normally. The Administrative Quarantine is similar to the User Quarantine, but it is for outbound messages and messages containing viruses. Only Administrators have access to the Administrative Quarantine. Queued for Delivery is a queue for all messages waiting to be delivered, including those that were undeliverable and are currently in the retry system. From this page you can view any message in the queue, bounce a message back its sender, stop a message's delivery, or immediately retry delivery of a selected message or all messages in the queue. The Bad Messages queue is for messages that could not be delivered due to some fatal processing error, such as a message caught in a recursive loop, causing it to reach the Maximum message hop count. From the Bad Message queue you can view any message in the queue, try to bounce a message back its sender, delete a message, or immediately retry delivery of a selected message or all messages in the queue.


The Logging menu gives you access to three sections:

Message Log—This is an additional link the Message Log discussed under the Messages/Queues section above. It is provided in both places simply for the administrator's convenience.

Log FilesYou can use the Log Files section to view SecurityGateway's various log files stored in your Logs folder. Unlike the Message Log, the log files are not stored in the database, and therefore do not provide sortable lists and separate entries for each event. Instead, they are plain text files containing transcripts of the various SMTP connections and other functions that SecurityGateway performs. The All Log Files page under the Log Files section lists all of the log files contained in your logs folder, including the current log files and roll-over log files. From that page you can view any of the files listed. The other pages in the Log Files section provide shortcuts to view SecurityGateway's current log files, such as the system log, inbound and outbound logs, virus update logs, and more.

Configuration—The Configuration section provides a link to the Logging Configuration page, which is used to configure your logging preferences and options. On that page you can designate how extensive you want the level of detail to be for the data written to the Inbound, Outbound, and HTTP logs. You can also choose the type of log files to create: a standard set, a new set each day with the date incorporated into the filenames, or a new set each day with the day of the week incorporated into the filenames. Finally, you can choose various log file maintenance settings, such as how large a file can be before it will be saved and a new file started, how many of these "roll-over" files can be created, how long a file can exist before it will be archived, and more.


The Reports section provides interactive, detailed graphical reports of SecurityGateway's activity. You can generate reports showing the number of inbound versus outbound messages, reports showing a breakdown of the types of junk email received, bandwidth reports, top senders by cumulative message size, virus reports, and more. Further, each report provides options that allow you to designate the parameters of the report. For example, a report can include data for a specific domain or all domains; delineate data by hour, day, or month; and encompass fixed time periods such as a day, week, or month, or use a specific range of dates. Additionally, below each report there is a tabular breakdown of the report's content, providing links to the Message Log, which will filter the log to display only the data related to that entry in the report. For example, it can provide links to display all inbound messages received at a specific hour listed on a report, all message's that contained a virus received on a certain day, all of the messages received by the top recipient for a domain, and so on.

System Requirements

For the latest SecurityGateway system requirements and recommendations, see: SecurityGateway for Email Servers - System Requirements at

Getting Help

Visit for SecurityGateway's latest technical support and help options, including: telephone support, email support, a Knowledge Base, Frequently Asked Questions, community forums, and more.


SecurityGateway 6.5.0 - November 2019