I'm searching for alternatives to Checkpoint for email filtering and encryption that can work effectively with both Microsoft 365 and Google Workspace. I've been facing consistent issues where Checkpoint's email encryption sends messages to spam when the recipient is using a G Suite or Gmail account. The problem seems to stem from Checkpoint's forwarding model, which is failing Google's spam checks despite having DMARC records properly managed. Any recommendations would be greatly appreciated!
6 Answers
If you’re open to an on-premises solution, you might want to check out Xeams for email encryption. With Xeams, no third party is involved, and you can install it on your LAN or even a VPS in the cloud. Just make sure to configure your SPF and DKIM settings properly so the recipient's server accepts your messages. The web interface helps generate DKIM keys as well.
I use Checkpoint DLP/Email Security and haven't encountered the issues you're facing. Are you certain that you have included "include:spfa.cpmails.com" in your SPF record before the -all directive? Double-checking that might help resolve your problems.
Abnormal Cloud Email Security is a great alternative, though be aware it's pricier compared to Checkpoint. It offers similar protection with added features. Just a heads-up, you might need to budget at least $25k a year to be eligible as an Abnormal customer.
I appreciate the suggestion! I'll make sure to add it to my list for review.
Sublime Security is fantastic for filtering, but unfortunately, they don't offer encryption, so it might not meet all your needs for an all-in-one solution.
You can manage this within Microsoft's ecosystem without needing a third party for secure or encrypted emails. To improve email filtering, ensure you've locked down O365 following CIS guidelines; it generally works pretty well, though it might still let in some business email compromise (BEC) attempts. Personally, I really like using Abnormal as an additional layer to filter out those types of attacks.
Unfortunately, I'm looking for third-party solutions since I'm managing environments that mix M365 and Google Workspace.
It makes sense that you're having issues with Checkpoint since their encrypted emails send from their own infrastructure instead of your domain, which doesn't align with DMARC and triggers spam filters. For a better experience with M365 and Gmail, I recommend using Microsoft's native Office Message Encryption (OME). It's designed for cross-platform compatibility and works well since recipients can access encrypted emails through a hosted portal without needing specific clients. If you're leaning towards S/MIME encryption, both platforms support it but will need a certificate exchange between senders and recipients. I also suggest using Suped to monitor DMARC alignment, as it can help you catch these kinds of issues before they escalate.
Thanks for your suggestion! Does OME integrate well with Google Workspace environments? I’m looking for a unified solution that works for my clients who are split between M365 and Google.
Thanks for the recommendation! I'll definitely take a look at Xeams.