TECHNICAL SPEC.

USES DATABASES NOT FOLDERS

SECURITY  ANTI-SPAM

SECURITY  ANTI-VIRUS

SECURITY  ENCRYPTION

SECURITY  SMTP/POP3

SECURITY  GENERAL

SERVER STATUS AND SETTINGS

UTILITIES

EXTERNAL CONNECTIONS

Technical Specification Runs on Windows 2000 & XP. Runs as a service or standalone executable.  Works with all leading internet clients including MS Outlook, Eudora, Pegasus, IE, Mozilla, Xnews etc. Top

Uses Databases Not Folders SnugServer is Database Driven, not Folder Driven. Generally, Folder driven systems become slower as the number of folders increase.  This slowdown does not occur when using Databases. SnugServer uses our own Heidi Computers UDL (Universal Database Layer). Additionally, SnugServer data is stored in encrypted and compressed format. You can create an unlimited number of Domains, Local Email Accounts, Alias Accounts and External Mail Accounts. Top

SECURITY: Anti-Spamming             What is Spam? SnugServer Spam scanner is done at the Server, so that spam emails never reach the Inbox and only authentic mails are seen by the user. Most anti-spamming software works on spam at Email Client level where the spam has already reached the Inbox. SnugServer's Anti-Spam engine uses Plugin architecture, therefore you can even create your own Plugin. SnugServer uses the very latest in superior Anti-Spamming plugin techniques: Tracking Email Killer (HTML Emails): scans emails for External Image Links, <IFRAME>, HTML comments, Scripts and random characters after HTML attributes and classifies them as Spam. Bayesian Spam Filters: calculates the probability of a message being spam based on its contents. They learn from spam and from good mail, resulting in a very robust efficient anti-spam approach, that returns hardly any false positives.  This method analyses the email Header and Body. Spam IP Filtering (Internet Blacklist ORDB Filtering): checks the ORD (Open Relay Databases) for IP addresses of Known Spammers, and therefore probhibits contact with them. BW List Filtering (Friends/Enemies List Filtering): you enter email addresses or IP's into the Black list or the White list so Snug knows what to prohibit/allow. Regular Expression: you enter spam words used regularly and mark them as Spam.  This method analyses the email Header and Body. Email Attachment Filtering: You can decide what attachments are allowed travel through SnugServer and whether those attachments should be quarantined, deleted or compressed. Strips Attachments: You can configure SnugServer to strip Attachments from Emails.  This will protect you from any known attacks on MIME emails used by viruses in order to spread themselves. Strips HTML: You can configure SnugServer to strip HTML from Emails.   Hackers/virus writers can embed code to trigger commands in HTML mail. This will protect you from any known attacks on HTML emails. You can control access to your SnugServer by: Banning or Allowing certain IP Addresses Banning or Allowing certain Countries Anti-Spam Plug-in Engine WITHOUT Snug Anti-Spam Protection all spam emails go straight into the INBOX EVEN IF you have Anti-Spam software installed  on your computer Typical Anti-Spam software works on the Email Client SnugServer's Anti-Spam Engine works on the Email Server, So the User never gets to see Spam. Top SECURITY: Anti-Virus Interfaces with any VSAPI compliant Virus scanner. All emails/news articles and attachments are virus checked. On the FTP Server all files are virus checked.   Quarantine is in operation. Top SECURITY: Encryption                             What is S/MIME?           What is SSL/TLS? SSL & TLS Security SnugServer gives users the choice of using the SSL Protocol (Secure Socket Layer)/TLS (Transport Layer Security) Protocol when transmitting any data across the Internet.  This includes sending/receiving emails, news, file transfer using the Snug FTP Server and any Internet browsing using the Snug Web Browser. The type of encryption  used depends on what authentication type (SSL/TLS) the external server allows.  See Encryption explained. Digital Certificates SnugScript allows you to create your own Digital Certification Key to ensure secure communication.  It also allows you to become a Certification Authority whereby you can then authenticate your Digital Key.  What is a Digital Certificate? S/MIME SnugServer digitally encodes emails using S/MIME.  S/MIME (Secure Multi-Purpose Internet Mail Extensions) is a secure method of sending e-mail that uses the RSA encryption system. RSA (Rivest-Shamir-Adleman) is an Internet encryption and authentication system that uses an algorithm developed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. The RSA algorithm is the most commonly used encryption and authentication algorithm. S/MIME was created to solve email interception and forgery.  The objective of S/MIME is to protect sensitive data from prying eyes. The two basic features of this type of security are privacy (only the intended recipient can read the message) and authentication (the recipient can be assured of the identity of the sender).                            S/MIME Incoming S/MIME Outgoing Top SECURITY: SMTP/POP3 Authentication Login SMTP/ESMTP Authentication Login Security SnugServer uses SASL (Simple Authentication & Security Layer) which supports the following types of Authentication: Note: the type of Authentication actually used is dependent on what the Email Client actually supports. CRAM-MD5 (Challenge-Response Authentication Mechanism) The server sends a challenge to the client in the form of a string of random digits, a timestamp and server domain name.  The client responds with a string containing the user name and a keyed-MD5 digest value which consists of the users password (in encrypted format). For example: Server:  54545@645869512@aol.com Client:  cscott 49d8a54542gg8f4454546 PLAIN Login using Plain text. LOGIN cscott@abc.com POP3 Authentication Login Security SnugServer allows for the following types of authentication: CRAM-MD5 (Challenge-Response Authentication Mechanism) PLAIN Login using Plain text. LOGIN cscott@abc.com Top SECURITY: General Security General Security If you are using your ISP as a mail server, there is always the possibility that outsiders could be reading your email messages. This could prove an issue with confidential information e.g. bank/tax details, credit card information and so on. SnugServer offers you that security.  Delivery and receipt of emails is handled by your own company. Global Company Disclaimer You can add a company disclaimer at the end of each email sent. Example Disclaimer The information contained in this e-mail is confidential and may be privileged. It is intended only for the addressee(s) stated above. If you are not an addressee, any use, dissemination, distribution, publication, or copying of the information contained in this e-mail is strictly prohibited. If you have received this e-mail in error, please immediately notify us by telephone at ________ or e-mail us at ______@________ and delete the e-mail from your system. Thank you for your co-operation. Top

Server Status Server Status is the SnugServer 'heart machine'. You can browse the following: Tasks Active, Tasks queued, MEM(MB), CPU(%), SMTP/ESMTP Queued, POP Sessions, FTP Sessions, News Sessions, Web Sessions, Alerts, External Mail Account activity and POP/SMTP activity. Top Server Settings Server Settings allows you to change the following options: General, POP3, SMTP/ESMTP, SMTP/ESMTP Relay Server, FTP Server, News Server, Web Server and Miscellaneous Servers. Top

Utilities SnugScript Editor The SnugScript Editor allows you to create your own scripts to run certain tasks e.g. scan mails for particular criteria etc.  SnugScript uses the PaxScript  engine as it's basis. Defragment Memory Memory Defragmentation tool.  SnugServer has its own memory management system but after prolonged usage of ISAPI or external 3rd party products server memory may become fragmented resulting in a performance slowdown. Running Defragment will compact your machine's memory. Backup SnugServers Backup Utility is designed to allow you to do quick backups of your datafiles.  It is not a substitute for a proper offline backup system. Import/Export Import/Export Domains, Local User Accounts and External Mail Accounts from different file formats. Top

External Connections DNS Lookup Query DNS (Domain Name Server) Lookup allows you to enter a Domain Name or IP Address and find out it's Mail Exchange Server, Domain Name Server etc. Finger SnugServer allows you to carry out a Finger connection on another Server. Snug Finger operations allow you to find out obtain information on a specific user. Ping SnugServer allows you to carry out a Ping connection on another Server. You enter the domain name you wish to 'Ping' and it tells you if it can establish connectivity to that domain name. You can set the number of times you wish to Ping and the time interval between Pings. WhoIs SnugServer allows you to carry out a WhoIs connection on another Server. You enter the domain name and specify the WhoIs server you wish to use and it will retrieve the name, address, phone, fax, email etc. of that domain owner. Top