Information Security

Defending the digital infrastructure


Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

E-mail Security

Tumbleweed's MailGate 5500

MailGate 5500

Price: Starts at $4,600


Tumbleweed's MailGate

Tumbleweed's MailGate provides good e-mail security, although some organizations may want more control over antispam policies. Cumbersome installation is balanced by a strong dashboard and robust diagnostics.

The Tumbleweed MailGate 5500 appliance is a solid e-mail security solution and a hardened Linux platform designed for easy integration into large infrastructures. For the most part, it works as advertised, but there are some unresolved issues and trade-offs in control that enterprises will have to accept.

Enterprise IT departments will find that MailGate is a good value proposition for the price. The appliance includes a comprehensive package of e-mail security tools: antispam, antivirus, attack defenses and server-to-server encryption.

The antispam capability is serviceable, but is something of a black box; there is virtually no information on its operation, no way to tune the filters or even see the purported 500 filter updates per hour provided by the Tumbleweed Message Protection Lab program. Several competing appliances offer finer user controls, but Tumbleweed chooses to offload the antispam fine-tuning, leaving users to rely on Tumbleweed's internal filtering, which, the company says, scans more than 400 million messages daily.

MailGate's antivirus engine is supplied by either McAfee or Kaspersky Labs; users can choose which they'd prefer before purchase.

The embedded Edge Defense module protects against directory harvest and DoS attacks, and provides traffic-shaping capabilities and recipient verification.

Encryption may be configured as a push for outbound e-mail or a pull to encrypt stored inbound mail until it is retrieved. Tumbleweed has recently added OpenPGP support to its standard SSL, S/MIME and TLS encryption mechanisms, giving enterprises a wider range of choices. (For granular content filtering and control over policy-based encryption, MailGate can route messages through another Tumbleweed product, MailGate Secure Messenger.) Other e-mail security vendors, such as IronPort and CipherTrust, provide policy-based encryption capabilities in a single high-end appliance.

MailGate also has a number of minor security concerns. Individually, they are not really a problem, but they give the overall impression of sloppiness. There were several minor Web server-based holes that Tumbleweed said would be fixed by time this article is published. The largest of these was in its image-rendering engine, while the more minor ones were contained in default configuration errors.

When you consider that both http and https access to the appliance is permitted, you get the feeling that security was an afterthought. We see no good reason to allow unprotected http access.

Exec Summary
up Choice of antivirus
up Excellent dashboard
up Great start guide
up Lack of antispam policy controls
up Security issues
up Cumbersome installation

Installation and initial configuration was more of a chore than we would have liked. The initial network addressing is performed by the front LCD and arrow buttons instead of the DOS-like screen employed by most vendors, making initial IP configuration a little tedious.

There is no console installation process. The bright point was the great Quick Start Guide, which is well laid out and easy to read.

Moreover, the administrative interface starts with one of the best executive dashboards we've seen--very clean and informative. It's easy to navigate and has a solid help system. And MailGate has one of the nicest diagnostics systems we've seen in a long time. It checks the health of all major subsystems in a well-designed interface and gives a concise report of conditions, which makes ongoing maintenance a lot easier.


More information from

Learn tactics and strategies for securing your e-mail systems in our E-mail Security School, led by guest instructor Joel Snyder, senior partner of consultancy Opus One.

Our All-in-One Guide takes you through the process of buying e-mail security tools and managing technologies.

Despite its issues, if you're prepared--or prefer--to trade antispam policy control for ease of management, MailGate is, on balance, a capable e-mail security appliance at a good price.


Article 6 of 14

Dig Deeper on Email and Messaging Threats-Information Security Threats

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

Get More Information Security

Access to all of our back issues View All