Block Hackers from Guessing Passwords with MDaemon’s Improved Dynamic Screening

If you have an email account (and in 2017, you probably have more than one), you are a target. More specifically, your email password is a target and a coveted prize for hackers. And let’s face it – hackers are not going away anytime soon. Because the barriers to entry are so low and the potential payoffs so large, hackers are more motivated than ever to try to steal your login credentials. As an MDaemon administrator, you are tasked with making sure your users use strong passwords, but here are a few things to consider when evaluating your password & security policies:

  • People often reuse passwords.
  • People tend to use the same password across multiple sites.
  • Hackers have access to a variety of password-generating tools that are freely available on the Internet.
  • Automated systems installed in botnets can crack complex passwords in a matter of minutes.
  • Password dictionaries reduce the effectiveness of password complexity policies.

To address these threats, MDaemon’s new Dynamic Screening features can be configured to track authentication failures for all protocols, including SMTP, POP, IMAP, WorldClient, and ActiveSync (among others). When a specified number of authentication attempts from a given IP address fail in a designated period of time, subsequent connections from the IP are blocked for a specified period of time. The affected email account can also be frozen – meaning the mailbox can collect mail, but the user cannot login to check email or send out email messages.

Watch our latest tutorial video to learn more!

In the event that a hacker or spammer still manages to guess an account’s password, MDaemon’s Account Hijack Detection feature will disable or freeze the account after a specific number of messages have been sent from an authenticated session in a given timeframe.

Do you have questions or comments? Let us know via the Comments section!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Block Incoming Connections by Country with MDaemon’s New Location Screening Feature

Block connections by country with Location Screening
Block connections by country with Location Screening

As I announced recently in this post, MDaemon 17.5 has been released, with new security and collaboration features. One feature that our users will find particularly useful is the new Location Screening feature, which allows administrators to block incoming connections from specific countries. When you consider the scale and widespread distribution of global threats, blocking connections by country can provide the following benefits:

New spam domains, email zombies & phishing sites pop up all over the world every day. In fact, Cyren’s World Threat Map displays a handy visual representation of newly-discovered threats in real-time.

So if you know your company does not do business with certain countries, you can add these locations to MDaemon’s Location Screening feature and stop all traffic from these countries.

In previous versions of MDaemon, the best way to block connections by country was to use the DNS-BL feature, but with MDaemon 17.5, a new, intuitive check-box screen was added.  In this tutorial video, I show you how easy it is to configure Location Screening in MDaemon.

Do you have questions or feedback? If so, click on the “Leave a Comment” link under the title of this post & let us know!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Search your Archive from WorldClient in 3 Easy Steps

With the prevalence of data-destroying malware, more businesses are using an archiving solution such as MailStore to create backup copies of all email communications. Archiving is crucial for recovery when the unexpected disaster strikes, and useful for e-discovery and meeting legal requirements & regulations. I’ve written this article to help explain the value of archiving and why it’s so important:

If you’re not archiving your email, you should be!

For end-users, it’s important to have easy access to your archived messages, with the ability to search through your archives based on key words. With the addition of a custom button in the WorldClient toolbar that points to the MailStore login screen (performed by the MDaemon administrator), users can access their archive and perform a search in three easy steps. I’ll show you how in the following video:

MailStore works with virtually all email platforms and clients, and is the recommended choice for small-to-medium businesses worldwide. If you have questions or would like a personal demo, leave a comment below & let me know!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Easy Migration from Microsoft Exchange or any ActiveSync Supported Email Server

For many small-to-medium businesses, hosting an in-house Microsoft Exchange Server requires dedicated staff and deep pockets. In the mid-90’s, MDaemon was created as an affordable alternative to Exchange that wouldn’t break your IT budget &  required no dedicated staff to administer it. With every installation of MDaemon comes the free Exchange migration utility – MDMigrator. MDMigrator will import all user accounts, email messages, public folders and other settings from Exchange to MDaemon. You can find step-by-step instructions in this knowledge base article:

http://www.altn.com/Support/KnowledgeBase/KnowledgeBaseResults/?Number=347

We’ll show you how easy this process is in this tutorial video.

If you’re moving from a non-Exchange mail server, we’ve got you covered as well! Instructions for migrating using our ActiveSync migration client can be found here:

http://www.altn.com/Support/KnowledgeBase/KnowledgeBaseResults/?Number=1135

Looking to move into the cloud? Let us host your email for you with WorldClient Private Email, or click here to find a partner in your region to host your email with MDaemon Private Cloud.

Questions? Comments? Let us know via the links below!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Is spam being sent out from a local machine on your network? Follow these steps to track down a spambot.

Has this happened to you? Let’s say you’re the MDaemon administrator for your company, and you’ve noticed that somewhere, somehow, spam messages are being sent from within your network. Perhaps one of your PCs has been compromised. What do you do? Here are some tips to help you track the issue down.

First, make sure you have the option “Authentication is always required when mail is from local accounts” enabled (Security | Security Settings | SMTP Authentication). Also enable “Credentials used must match those of the return-path address” and “Credentials used must match those of the From header address.” Then, make sure “…unless message is sent to a local account” is unchecked to prevent intra-domain spam (between local domain users).

SMTP Authentication in MDaemeon
Make sure the appropriate boxes are checked to require SMTP authentication

Next, find out if the spam messages are coming in from an authenticated session. To do this, locate one of the spam messages & open it up in Notepad to view its headers (or you can open it in Queue & Statistics Manager). Does the message have an X-Authenticated-Sender header? It will look something like this:

X-Authenticated-Sender: SpammerUser@example.com

If this header is present, then that is the user who authenticated to send the message. The first thing you should do in this case is to change the account’s password via the Accounts menu in MDaemon. Even if the spamming is going through the user’s mail client, until you give the user the new password and they update their mail client the authentication credentials will be rejected and the spamming will be temporarily stopped.

In newer versions of MDaemon, we’ve added Account Hijack Detection, which will automatically disable an account if it sends a specified number of outbound messages via an authenticated session in a given period of time. We recommend enabling this feature. In MDaemon, it’s located under Security | Security Settings | Screening | Hijack Detection.

Account Hijack Detection
Account Hijack Detection

The next step is to look at the Received headers. Find the one where the message was received by your server. Here is an example of what this header would look like:

Received from computer1 (computer1@example.com (192.198.1.121) by example.com (MDaemon PRO v17) with ESMTP id md50000000001.msg for <UserWhoWasSpammed@example.com >, Fri, 13 Sep 2016 21:00:00 -0800

Find the connecting IP (192.198.1.121) in the above example. This is the machine that is sending out spam. Locate that machine to deal directly with the spambot on that machine.

If the message wasn’t authenticated or wasn’t sent from your local network, locate the Message-ID header and copy that value.

Message-ID: <123.xyx.someone@example.net>

Then open the MDaemon SMTP-IN log that covers the time when that message was received by MDaemon (based on the timestamp in the received header) and search for that Message-ID in the log (in the 250 response line when the message is accepted):

Thu 2016-09-12 20:00:00: –> 250 Ok, message saved <Message-ID: <123.xyx.someone@example.net>>

Look at the rest of transaction and see why the message was accepted/not rejected – spam score, DNSBLs, etc.

Also, if your external domain is listed in the Trusted Hosts list (Security | Security Settings | Trusted Hosts), try removing it from this list.

Check back often for more tips & tricks!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

New MDaemon Collaboration Feature: Send & Receive DropBox Files with WorldClient

In MDaemon 17, we added support for DropBox integration for WorldClient, MDaemon’s web-based email client. Now, users can easily save attachments in inbound messages to their DropBox account, or insert links to their DropBox files in outbound attachments. Because files are stored in DropBox and not on the mail server, disk space and bandwidth are reduced.

We’ve put together the following tutorial video to help you get started with WorldClient’s DropBox file sharing features.

Step-by-step instructions can be found in the following knowledge base article:

http://www.altn.com/Support/KnowledgeBase/KnowledgeBaseResults/?Number=1166

If you’re not yet an MDaemon user, visit the MDaemon product page to see what you may be missing!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Open Protocol (XMPP/Jabber) Support Provides More Instant Messaging Choices for MDaemon Users

In today’s connected society, users demand instant access to open channels of Chat-bubblescommunication. For years, MDaemon has offered instant messaging via WorldClient Instant Messenger. Formerly known as ComAgent, WorldClient Instant Messenger has evolved to support open protocol (XMPP/Jabber) for instant messaging, giving users more choices over what instant messaging client to use.

What exactly is XMPP & why should I care?

XMPP is a communication protocol based on XML that powers a wide range of applications. It is based on open standards and offers greater flexibility and choice for its users. XMPP supports secure communications via SSL, and a wide variety of XMPP clients for Windows, MacOS, Linux, iOS, Android, BlackBerry, and Nokia devices. There’s even a DOS/Command-line client for die-hard DOS purists. A complete list of XMPP clients can be found at xmpp.org.

Why is this important for MDaemon users and administrators?

In addition to greater choice for end users, other features that we’ve come to appreciate from the ComAgent years remain, including file transfer for end users and message logging for administrators.

How do I connect to MDaemon’s XMPP service with third-party chat clients?

The steps for each instant messaging client will vary, but the concepts for each are the same. You’ll need your email address, password, and the host name or IP address of your MDaemon server. I’ve created a tutorial video showing the configuration process for both MDaemon administrators and end users.

Want to learn more? We have some valuable resources in the following knowledge base article.

http://www.altn.com/Support/KnowledgeBase/KnowledgeBaseResults/?Number=1167

This is just one of many collaboration features found in the MDaemon Messaging Server. Download your free trial & start collaborating today!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

New Feature: Email Health Check for Optimal Security Settings

Our latest version of MDaemon, MDaemon 17, comes packed with lots of new features for administrators and end users, including new password security, support for Let’sEncrypt, DropBox integration, message scheduling, and much more. Today, I’d like to demonstrate MDaemon’s new Health Check utility. With this handy new tool, administrators no longer have to go through each feature to verify that it’s configured for optimal security. This new tool will analyze all security-related settings, display each setting’s current value, its recommended value, and where that feature is located in the MDaemon interface. This tool offers administrators the flexibility to change all settings to their recommended value at the same time, or to select and change individual settings. In this tutorial video, I demonstrate how to use the new Health Check utility.

Need additional help? More guidance on the MDaemon Health Check utility can be found in this knowledge base article.

If you haven’t yet upgraded to MDaemon 17, check out the release notes and our previous blog post to see what you’re missing!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Easy Backup & Recovery with MDaemon

MDaemon’s user-friendly flat-file structure makes it easy to backup and recover your email messages, user accounts, security settings, and any other data stored in MDaemon. No extra Windows components or third-party applications are required, and you won’t have to navigate through any confusing dialog boxes to backup & recover your data. Backing up and restoring MDaemon is as easy as drag & drop. All you would need to do is map a drive letter from the MDaemon server to another drive on your network, then drag over the files you want to back up.

In this example, we’ve backed up our users’ email directories, our configuration files, and our mail queues.

MDaemon Backup FoldersIf you’ve accidentally deleted users, you can simply restore the Userlist.dat file, located in the MDaemon/App directory. In this example, let’s assume user01, user02 and user03 were all deleted.

MDaemon Users DeletedSimply drag the userlist.dat file from your backup back to the MDaemon/App directory, as shown here.

Userlist drag & dropAnd if email messages were deleted, they can easily be restored as well. Email messages are stored within the Users directory under the specific domain and user. Simply drag the .msg files from the backup to the User’s folder on the MDaemon server.

Restoring Email MessagesYou can do a lot more with MDaemon’s file structure, including restoring a user’s contacts when they were accidentally deleted, moving public folders, and much more.

Click here to learn more about MDaemon’s file structure.

If you’re new to MDaemon, visit our MDaemon product page to learn more!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Restricting Message Size for Everyone Except a Select Few Users in MDaemon

Recently, one of our customers asked the following question:

“How do I restrict messages to 2MB for inbound and outbound mail – for all users except a small group of users?”

In MDaemon, this can be done via the Content Filter (located under the Security menu). Simply follow these easy steps:

  1. Add the users who will not be subject to the size restriction to a group via Accounts | Groups & Templates.
  2. Go to Security | Content Filter and create a new rule.
  3. In the left-hand “Conditions” column, check the box “If MESSAGE SIZE is greater than.”
  4. In the right-hand “Actions” column, check the box “DELETE the message”, and also check the box “Send a NOTE 1 to.”
  5. In the bottom section, click on the blue text “is greater than 10K” and enter a value in KB (2000 KB, for example), and then click OK.
  6. Click on the blue text “Specify Information” next to “and send note 1.”
  7.  In the new window, enter $SENDER$ in the To field, adjust the subject if desired, and enter a message in the main window, such as “Sorry, your message has exceeded the allowed size limit.”
  8. Click OK to save your progress.
  9. Give your new rule a name in the “Name this rule” field at the top, and click OK to save the rule.
  10. Now, we need to create a new rule to skip the size limit rule for members of the group we created in Step 1. Click on New Rule.
  11. Give your rule a name.
  12. In the left-hand “Conditions” column, check the boxes “If SENDER is a member of GROUP” and “If RECIPIENT is a member of GROUP.”
  13. In the box below, click on the blue “specific group name” text for each item, and select the group you created in Step 1. Do not change the word “or” to “and.”
  14. In the right-hand “Actions” column, check the box “SKIP the next ‘n’ rules.”
  15. Click the blue text “Specify Information” in the bottom section, and verify that it has “1” specified under “Skip over how many rules?”
  16. Click OK.
  17. Save your new rule.
  18. Back on the main Rules screen, highlight the last rule you created, and click the “Move up” button to move it above the size limit rule we created previously.
  19. Click OK to exit the content filter.
Here are screenshots of these rules:

Screen1

Screen2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

As a reminder, you can view our webinars and tutorial videos on our YouTube channel. Is there a topic you’d like to learn more about? Let us know in the comments section below!

 

 

 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •