As technical marketing specialist, I am responsible for maintaining the company's Twitter and Spiceworks (social networking for the IT community) presence. Responsible for delivering a complete software training solution to partners and customers.
Projects include design, creation, implementation and oversight of complete, interactive eLearning courses for MDaemon and SecurityGateway using Camtasia and Atrixware, and creation of all quick-start guides and training videos, providing live, web-based training for partners and distributors, and assisting others in the Marketing department with requests for technical guidance and idea generation on marketing-related website content and print deliverables. Provided on-premise training to approximately 60 colleagues at parent company (Research in Motion) headquarters in Waterloo, Canada, and gave live presentations at other company events, including BlackBerry World in Orlando, Florida.
It’s that time again. Our friends at MailStore have released their latest & greatest version of the MailStore archive server – version 11.2, with support for Microsoft Exchange Server 2019, plus continued support for all other email platforms, including MDaemon.
“But do I really NEED an archiving solution?”
In short, YES! With most businesses relying on email to send sensitive information to customers, partners, and suppliers, you need a backup solution for a variety of reasons, including protection against ransomware, accidental deletion, disaster recovery, e-discovery, and compliance to regulations such as HIPAA and GDPR.
While it may be tempting to hold off on upgrading to a new release, keep in mind that the threat landscape is constantly evolving, and security is more important than ever before. Upgrading to the latest version will help you stay protected against the latest threats.
Before the invention of email, mail that arrived in your physical mailbox often contained pamphlets, sales brochures, credit card offers, and product catalogs. Much of this waste was thrown away and ended up in a landfill somewhere. Today, the equivalent and often more annoying nuisance is spam. Spam comes in many forms, and has evolved from dubious product claims, miracle supplements, conspiracy theories, and offers of easy money to more malicious threats such as ransomware attacks and targeted spear-phishing.
While the amount of spam as a percentage of total email traffic has gone down recently, the severity of email-borne threats has increased.
So how can users protect themselves from becoming the next victim to these malicious threats? There are numerous spam fighting tools in MDaemon and other mail servers, but server-side tools are only half of the spam-fighting equation. The other half is user education. With this in mind, here are 10 things users can do to reduce the amount of spam they receive.
Unsubscribe – How often have you been asked by a store clerk for your email address or placed an order online? In either of these situations, chances are you may have ended up on a company’s mailing list. When you receive email from these companies, take the time to open the message and click on the Unsubscribe link. But first, make sure the email is in fact coming from a reputable company (Here’s how). If you’re not completely sure where the email came from, then report the message as spam instead of unsubscribing.
Create a secondary email account – While we’re on the topic of retailers having your email address, you might also consider having a second email address that’s used solely for the purpose of store records or placing orders. This allows you to keep solicitations from these vendors out of your primary inbox.
Keep your email address private – If your email address is visible on social networking sites like Facebook or Twitter, then it’s also visible to spammers. Spammers have tools that can easily detect visible email addresses and add them to their mailing lists. This is why it’s often recommended that, if you MUST use your email address on one of these sites, you mask it by changing its format. For example, type out “at” instead of using the “@” symbol. With the prevalence of Business Email Compromise (BEC) attacks, it’s even more important for executives to be mindful of posting their email address or other personal information, as scammers will use this information to send out well-crafted spear-phishing emails.
Don’t reply to ANY spam or unsolicited marketing messages – Most spam messages use forged sender (return-path) addresses, so replying to a spam message will almost never result in the spammer getting your message. Replying to legitimate marketing messages tells the sender that your email address is valid, and thus, they may continue to send you spam.
Never click on links – Often, when you click on a link in a spam email, it specifically identifies you to the spammer as having received the message. Not only can clicking links in spam messages identify you to the spammer; you can also end up getting infected with malware.
Block Images – Even if you don’t click any links, an image opening in your email can alert spammers to a valid address. Spammers often try to be stealthy by inserting images that are only one pixel wide. If your mail client is configured to automatically open images, spammers can be alerted that your email address is valid. We recommend configuring your email client to automatically block images to reduce spam. You can always choose to view images in specific emails if you are sure the sender and content are legitimate.
Make your email address unique – Spammers often use common names to try to guess email addresses. If your email address is unique, it makes it harder for spammers to guess your email address.
Don’t fall for scams – If you receive an anonymous email from someone who appears to be in dire need, who promises you large sums of money for your small up-front investment, you may be witnessing the familiar Nigerian email scam, or one of many other variants. What are the odds that someone you’ve never met, who’s in a desperate situation, would contact you for help? Don’t fall for this scam.
Never forward email from someone you don’t know – I often see email messages with some type of public service announcement, petition, or other bit of advice, and often, there’s a request to forward the message to your friends. Don’t fall for this, as it’s a prime opportunity for spammers to harvest email addresses.
Blocking junk email is not just the job of the mail server administrator. A well-informed email user can mean the difference between spam that is manageable and spam that is out of control. These ten tips will help you reduce spam, and help prevent you from becoming a victim to phishing or malware.
As hurricane Florence threatens the east coast with high winds, heavy rainfall and flooding, businesses could potentially lose access to critical communication services. When Hurricane Harvey hit Texas and Louisiana last year, we offered free temporary assistance for those without email services. For those affected by Florence, we are again here to help. We’re offering affected businesses free temporary email hosting using your existing domain or temporary email accounts on our hosted webmail platform.
Nature dictates that we human beings are prone to make mistakes from time to time. For example, if you attached a picture from your toddler’s birthday party in an email to your customer when you meant to attach your customer’s invoice, if you noticed an embarrassing typo after a message was sent, or if you got a little overzealous with your personal information that, after giving it a second thought, might be damaging to your career. Most of us have found ourselves in one or more of these situations at one time or another. That’s why it’s important that your email solution have a Message Recall feature. Message Recall gives you a “second chance” to correct an error or avoid a situation that could be embarrassing or damaging to your career.
MDaemon users have three ways to recall a message.
Using the Recall button in MDaemon Webmail.
Attaching a copy of the sent message to an email addressed to the MDaemon System account with RECALL as the message subject.
Sending a message to the MDaemon System account with RECALL plus the Message-ID as the message subject.
This quick video shows all three methods for recalling an email message in MDaemon Webmail
Let’s face it. We all make mistakes. At one time or another, most of us have gotten a little hasty with the Send button when composing an email, and sent it to the wrong Frank Thomas, accidentally CC’d the customer in an inter-office communication, or realized the email was probably not such a good idea in the first place. These examples can be quite embarrassing, but other mistakes can result in legal trouble for you or your company. For example, healthcare providers can violate HIPAA regulations by sending an email containing protected health information (PHI) to the wrong person. Penalties for these HIPAA violations can be steep, ranging from $50,000 to $1.5 million.
To avoid these situations, your email solution should have a feature that lets you delay delivery of a message. With MDaemon Webmail, message scheduling options are just a mouse click away.
“This is all great, but why would I want to delay delivery of an important email message?”
There are many reasons why one might want to defer delivery of an email message.
Delaying message delivery for an hour or even a few minutes gives you time to take a break from it and review it with a refreshed perspective – providing another opportunity to catch errors you might have missed before.
Some email conversations go back and forth too quickly, so you might respond before you have all the information or ask questions that are already answered in the next message. Deferred delivery allows you to slow the process down so you’re not having to play email tag.
Deferred delivery can help prevent you from sending an angry email response during heated discussions. Allowing yourself a little extra time to re-think your message or to cancel the message altogether can help prevent a great deal of workplace conflict.
For companies that operate globally, deferred delivery allows users to schedule messages for delivery during peak business hours in the recipient’s country, increasing the likelihood that it will be seen.
We demonstrate how to defer delivery of an email message in MDaemon Webmail in this week’s tutorial video.
While it’s true that hard drives are continuing to grow exponentially in storage capacity, many mail server administrators are still finding the need for greater control over disk space usage. An easy way to automate the process of limiting disk space used per-user while still retaining business-related data transmitted via email is to set message and disk space quotas while implement an archiving solution such as MailStore.
By default, MDaemon Remote Administration is accessed via port 1000 at your server’s host name, so if your host name is mail.example.com, then you’d enter http://mail.example.com:1000 to access Remote Administration. You can also use a secure URL – for example: https://mail.example.com. The URL you would use depends on the settings you have configured in MDaemon under Setup | Web & IM Services | Remote Administration | Web Server (and SSL & HTTPS).
I hope you find these tutorials useful. If you have questions or comments, please click on Leave a Comment (up there under the title of this post) and let us know!
Most of our customers are small-to-medium businesses with limited IT budgets across a variety of industries – including healthcare, education, manufacturing, and government. Having a limited IT budget often means having limited staff available for troubleshooting email or tracking down messages, so when considering which email gateway/spam filter you want for your business, one of the main criteria to consider is how easy it is to find messages for your users. Users who are expecting business-critical messages need to know ASAP what happened if that message is not delivered. With SecurityGateway, it’s easy to find out if a message was rejected, quarantined or delivered. If it was rejected or quarantined, color-coded transcripts make it easy to determine exactly why the message was not delivered.
At-a-Glance: The Message Log Window
Let’s have a look at the message log and its layout.
Use the buttons across the top to:
Refresh the message list
Search for messages. Advanced search options are provided, allowing you to find messages based on a variety of criteria, such as message contents, delivery date, the result of the message delivery attempt, keywords in a message header, and others.
View message details (providing the same information as double-clicking the message)
Redeliver the message. Note that if the issue that made a message undeliverable still exists then the message will return to the message log with the same status.
Whitelist the sender or sender’s domain
Blacklist the sender or sender’s domain
Press the blue buttons to enable or disable specific columns.
The right-facing blue arrows indicate outbound messages, and the left-facing green arrows indicate inbound messages.
The remaining columns from left-to-right include:
Date (notice the arrow indicating sort order)
The message sender (From)
The message recipient
The message subject
The result of the message delivery attempt (Delivered, Quarantined, Rejected, etc.)
The reason the message was quarantined or rejected (for those that meet these criteria)
The message size
The final message score based on the total score accumulated by all security tests performed
Viewing message transcripts to determine a message’s fate
Now that we’re familiar with the layout of the message listing, let’s review how to troubleshoot email delivery issues.
Key events in a message’s transcript are color-coded for easy identification. In the following example, the message was scanned by SpamAssassin. During this process, it accumulated 1.7 points. It was then scanned by Outbreak Protection, during which it accumulated an additional 5.5 points. Finally, the total message score was tallied with a final score of 12.2 points and was rejected.
We’ve created the following video to help you become more familiar with message tracking in SecurityGateway.
If you work in IT or manage a mail server, then you probably know that the vast majority of global email traffic consists of spam. However, if you’re an end user working for a small business in healthcare, manufacturing or education, the following statistic might surprise you:
In June 2018, spam made up a staggering 85.32% of all global email traffic.
A good spam filter & email gateway will filter out most of these malicious email messages circling the globe so that users and administrators can spend more time focusing on their business.
SecurityGateway for Email Servers was designed to make it easy for small-to-medium businesses to manage their inbound and outbound email security needs without taking up too much time that could be spent on more business-related tasks. It reduces the workload on administrators by providing automated user & domain creation and periodic quarantine report emails for end users. The focus on today’s “30-Second Email Tips” video is to demonstrate the quarantine report emails which allow users to manage their own quarantines so you can spend more time focusing on your business.
Many of SecurityGateway’s security settings (including heuristic and Bayesian analysis by the spam filter, DNS blacklists, SPF verification, DKIM verification, DMARC, and others) can be configured to perform one of three options for messages that fail a given security check:
Accept the message (and optionally place a tag in the message subject and add points to the message’s spam score)
Refuse the message
Quarantine the message
For messages that are placed in the quarantine, reports can be sent out to users so that they can decide what to do with these messages. Options provided are:
Release the message from quarantine
Always allow (whitelist) messages from the sender
Blacklist messages from the sender
We’ve created the following video to demonstrate these features.
SecurityGateway helps meet the needs of businesses that want an additional layer of security for their existing email server and businesses running Microsoft Exchange or another mail server that has cumbersome controls or a confusing interface – helping simplify the process of scanning inbound and outbound email for malicious content. Click here to learn more about SecurityGateway, or click here to download your free trial!
I’ve heard various opinions on what to do with an MDaemon account belonging to someone who has left a company. In a recent post on our community forums, an MDaemon administrator had set a former employee’s account to Frozen, and then configured an auto-responder for the account. Frozen accounts cannot send outbound email, and the user of a frozen account cannot check for new email.
Account is FROZEN (can receive but cannot send or check email)
Select this option if you wish to allow the account to receive incoming messages but prevent it from being able to check or send messages. This is useful when, for example, you suspect the account has been hijacked. Freezing the account would prevent the malicious user from accessing its messages or using the account to send messages, but it would still be able to receive its incoming email.
Let’s say an employee has left the company. As the MDaemon administrator, I don’t want that employee’s account to be used, so I place it in Frozen status via the main Account Details screen of the account editor, as shown here.
Now let’s say I’ve enabled an auto-responder for the account, as shown here.
In the following example, I’ve created the account firstname.lastname@example.org, and have configured the auto-responder.
When I send a test to email@example.com from firstname.lastname@example.org, the MDaemon server hosting the @brad.ssllock.com domain places the message in the frozen account’s mailbox, but the user is unable to log into webmail or access the inbox via another email client. When MDaemon then tries to send the auto-responder that we enabled for the frozen account, the message is moved to the Holding queue and the following is written to the MDaemon logs:
Mon 2018-06-18 11:18:33.406: Session 042192; child 0001
Mon 2018-06-18 11:18:33.406: Parsing message <c:\mdaemon\queues\remote\pd50000000056.msg>
Mon 2018-06-18 11:18:33.406: * From: email@example.com
Mon 2018-06-18 11:18:33.406: * To: Training@mdaemon.com
Mon 2018-06-18 11:18:33.406: * Subject: RE: Test to Frozen Account with Auto-Responder
Mon 2018-06-18 11:18:33.406: * Size (bytes): 3822
Mon 2018-06-18 11:18:33.406: * Message-ID: MDAEMON0005201806181118.AA1812640@mail.brad.ssllock.com Mon 2018-06-18 11:18:33.421: Message moved to holding queue because sending account is disabled Mon 2018-06-18 11:18:33.421: SMTP session terminated (Bytes in/out: 0/0) Mon 2018-06-18 11:18:33.421: ———-
The result is that the auto-response never gets sent because the account is frozen.
Rather than freezing the account, you could simply change the account’s password so that it can still accept mail and send auto-response messages. This can be done via the main Account Details screen, as shown here.
If you prefer to freeze the account instead of changing its password, another option would be to create a content filter rule that would send your desired response to the original message sender instead of using the auto-responder. That content filter rule would look something like this:
In this example, I created a rule that sends a reply to the sender of messages addressed to firstname.lastname@example.org using the “Send a NOTE 1” action. I then entered the $SENDER$ macro and the desired response. This message will be sent back to the message sender in response to a message originally sent to the frozen account.
You can get pretty creative with MDaemon’s content filter to perform a variety of tasks, so hopefully you found this helpful!
Most of us don’t wake up thinking about email, but without it, business communications would be set back at least 20 years. We rely on email for many basic business functions, so we want email management features that simplify communications & make collaboration easier and more efficient.
With MDaemon Webmail, users can perform a variety of tasks via the Options menu. But, following the theme of making things easier, did you know you can perform many of these same tasks with the click of the right mouse button without leaving your Inbox?