GravityZone Business Security Enterprise IMAP mail scan

I'm testing gravityzone business security enterprise and I can't find any option for checking IMAP email on the clients (configured on Microsoft Outlook and Thunderbird). I only found options for smtp and pop3 scanning. I don't want to believe that this type of email is not checked, can you tell me how I should configure it?

Answers

  • Hello @HMSzero ,

    For the traffic scanning there is no solution at the moment for IMAP however to protect your mail server you will need an email protection solution such as GravityZone Security for Email which is available as an addon with a separate license. This solution will scan all emails before arriving on your mail server and as a complementary solution the Bitdefender Endpoint Security agent installed on your endpoints with all the Antimalware features enabled will protect in case something malicious passes through and is downloaded on the endpoint.

    The IMAP protocol is mainly used to download emails from the mail server so if the emails are already scanned by the email protection solution the risks are minimal.

    Furthermore, there is a Feature Requests opened in the works for IMAP traffic scan as well which will be implemented in a future version.

    Kind Regards,

    Andrei

  • Is the gravityzone security for email a cloud solution? I don't see any option to enable it in the console of the business security enterprise package whose demo I'm trying (on premise installation with VA). I also requested a test code for email security but adding it in Configuration -> License is not recognised.

    According to what I read in the description, the module seems designed to interface with Microsoft 365, Exchange Online and Google Workspace services, it does not refer to anything else.

  • Hello @HMSzero ,

    GravityZone Email Security is a cloud solution and is only available on top of a GravityZone cloud license. What you can do is buy a minimum amount of license for the GravityZone cloud and add the Email Security addon on top of it and then by configuring our MX records we will filter all email traffic.

    Kind Regards,

    Andrei

  • HMSzero
    edited August 23

    Thank you, email security act as "medium" before the mail provider, changing the mx record on domain provider to send mail to Email security and from this to the mail server, correct?
    If so is not applicable in my case: i'm using the integrated mail service of domain provider with no separate mail server (domain and mail provider are the same). If i change mx record i totally exclude the provider mail server (to enable MX Record editing i have to disable integrated mailserver: there are a radio button on DNS and Domain Management control panel)

    (edit: i need contact the domain provider support: maybe the imap server and the mailbox remains active and i need only to set the correct MX and A records).
    the licensing for Gravity zone Email plugin is one license for each mailbox or is one for each mail domain?

  • Yes, MX records will direct the emails to the Email Security and from there it will go to your mail server.

    However, if you are currently using the MX records for inbound emails and remove them from your current mail server you will need to find a way to integrate your current mail server with our Email Security solution. It is not 100% clear to me how your current email server does inbound and outbound so it is worth checking this guide to see if you can enable the integration with our Email security solution:

    https://www.bitdefender.com/business/support/en/77209-294785-initial-setup.html#UUID-f752a16c-dd7f-87ab-ffaf-2424b88041d3

    For the Email Security, the licensing mechanism is calculated per mailbox (excluding aliases and distribution lists).

    Kind Regards,

    Andrei

  • Hello Andrei

    I am currently testing Gravity Zone for my business. We do not do a lot of emails and the access is restricted, so we do not run our own mail server.

    We use an imap server which is hosted by an ISP (ionos or strato are 2 popular examples here) and currently use an Outlook client to access the emails.

    Our current AV has an outlook plugin and also scans IMAP and POP data stream and attaches a signature - so we can see if it was scanned.

    BD however, in the business version, does not scan IMAP or POP streams on a client/endpoint.

    Does the BD GZ Email add-on (extra license) work with an ISP hosted IMAP inbox? - If so how? I can redirect emails to the BD cloud, thats not a problem but where do they go from there? - my guess is to a private run mailserver, right?

  • Hello @bladup ,

    GravityZone Email Security add-on is intended to be positioned in front of the email sever so traffic is scanned before reaching it while the IMAP protocol is mainly used to retrieve emails from a server by the email client and these are already considered "clean" if you have a email security solution on the mail server.

    You can find here a basic email flow diagram that illustrates this flow:

    https://www.bitdefender.com/business/support/en/77209-294779-email-security.html

    For your specific case what you can do is ensure you have the security agent installed on the endpoints with all the appropriate modules enabled such as Antimalware, Advanced Thread Control, etc. which will protect you against emails that might passes through your ISP security solution.

    Kind Regards,

    Andrei