New MDaemon Feature Helps Detect Spambots

Ever wonder why so much spam exists today? By some estimates, more than 100 billion spam messages are sent every day. This represents around 85 percent of global daily email traffic. Some of the most common types of spam messages include financial scams, phishing attempts, ransomware, and botnet malware. In this article, we focus primarily on botnets.

Spam is big business. The barriers to entry are low and the payoffs are high. If a spammer sends out 50,000 spam messages, but only a handful of users click on a link in one of these messages, the spammer’s efforts will likely have paid off.

A single spammer may not have the resources to send out a large-scale spam attack, however, a spammer’s job is made much easier by the use of botnets – networks of hundreds or even thousands of malware-infected computers (known as spambots) that can be remotely controlled over the internet.  Similar to legitimate cloud services such as Amazon’s AWS, a botnet-for-hire provides individuals with ample cloud-based resources to carry out large-scale spam campaigns with very little effort.

According to Spamhaus, the top five countries with the most spambots are India, Vietnam, China, Iran, and Brazil. As of May 23, 2016, India had close to 2 million spambots!

The botnet-for-hire industry is a growing industry that makes it easy for anyone to send out thousands of spam messages using the botnet as the attack vector.

In addition to sending out spam, botnets can be used to launch DDoS attacks by flooding a company with thousands of connections over a short period of time – in an effort to try to shut down a company’s network or to damage its reputation.

User education is likely the most important factor in preventing a computer from becoming a spambot. The following are a few guidelines that every email user should know by now.

  • Never open an email from an unknown source.
  • Never open an attachment from an unknown source.
  • Even if the sender appears to be someone you know, always verify – because spammers often forge the sender’s address.
  • Use anti-virus software on your local computer.
  • Learn how to recognize phishing
    • Messages that contain threats to shut your account down
    • Requests for personal information such as passwords or Social Security numbers
    • Words like “Urgent” – portraying a false sense of urgency
    • Forged email addresses
    • Poor writing or bad grammar
  • Don’t give your email address to sites you don’t trust.
  • Don’t post your email address to public websites or forums.
  • Understand that reputable businesses will never ask for personal information via email.

For more of these guidelines, see our blog posts – Email Safety Tips for End Users and Ransomware and Banking Trojans are Big Business.

Spambot Detection in MDaemon

The information provided above applies primarily to end users, but what actions can be taken by the mail server administrator to detect and prevent spambot activity? While MDaemon has many spam-fighting features, MDaemon 16 includes tools to detect spambot activity and block it from further communication with your server. This new feature is called Spambot Detection. Spambot Detection tracks the IP addresses that every return-path value (sender) uses over a period of time. If the same return-path is used by multiple IP addresses (more than can be expected from users switching between their computers and mobile devices) in a given timeframe, then it’s possible that this activity is being generated by a spambot. Of course, it’s also possible that this activity is completely legitimate. However, in some cases, tests have shown that this can be an effective tool at detecting a distributed spambot network as long as the same return-path is used in the spam messages. If a spambot is detected the connection is dropped and the return-path value is optionally blacklisted for a designated period of time.  You can also optionally blacklist all known spambot IPs for a designated period of time.

As with most MDaemon security features, various settings allow you to bypass Spambot Detection for mail from trusted sources. You can exempt specific IPs, senders, and recipients from Spambot Detection using the White list feature, and exempt connections from authenticated sessions or trusted IPs. Click on the Advanced buttons to view a list of return-paths or IPs that are currently blocked. If a return-path or IP is blocked by mistake, you can easily remove it from the list.

We demonstrate how to configure Spambot Detection in this tutorial video.

Spammers are always coming up with new ways to spam users. That’s why user education and a properly configured mail server are equally important in the war against spam.

Spambot Detection is one more tool in MDaemon’s arsenal of anti-spam and security features. When these features are enabled, MDaemon can help protect your users and your business from spam, phishing attempts, and malware. For more information on protecting your MDaemon server, check out our knowledge base article on recommended MDaemon security settings.

If you’re not yet an MDaemon user, and would like to take advantage of its robust security and anti-spam features, click here to download your free trial!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

New MDaemon Tutorials Added to YouTube

If you haven’t seen our YouTube channel lately, you’re missing out on some valuable information that can be used to help you manage MDaemon and SecurityGateway. Recently, we’ve added several new MDaemon tutorial videos. Here are a few that might interest you.

MDaemon Graphical User Interface (GUI) Overview

In this video, we provide a tour of MDaemon’s graphical user interface. We show you where to find key security, administration, and account management settings, how to navigate your way through the mail queues, and how to find information in the mail routing, security and spam filter logs using the tabs across the bottom of the MDaemon interface.

MDaemon’s File Structure

One of the benefits of MDaemon that make it easy to troubleshoot and administer is its file structure. All key settings are stored in configuration files located in the MDaemon/App directory, and user email messages are stored in the Users directory. This flat-file structure makes MDaemon very easy to backup and restore using simple drag & drop.

How to Enable and Use Two-Factor Authentication in WorldClient

Two-factor authentication is a security feature found in WorldClient, MDaemon’s webmail client, which requires users to submit two forms of identifying data – a password, and a special code or token, before they are able to login. Two-factor authentication helps prevent accounts from being hijacked by someone who manages to guess the account’s password. A potential hacker would have to know the second authenticating factor in order to access the account.

Enabling Do Not Disturb to Establish Work/Life Balance for Employees

MDaemon’s Do-Not-Disturb feature allows administrators to set a time during which certain users are not allowed to check for or send new email messages. In an age where we’re all constantly connected via mobile devices, this helps foster better work-life balance for your users.

These are just a few of the tutorial videos on our YouTube channel. Visit our YouTube channel for other tutorials, product overview videos, webinars, and more. If you haven’t tried MDaemon yet, click here to download your free trial and see how easy MDaemon is to use!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Quarantine Management in SecurityGateway

SecurityGateway quarantine management best practicesSecurityGateway can be configured to handle spam in various ways. Messages can be refused, quarantined, or accepted, and their spam scores can be adjusted accordingly. When messages are quarantined and held on the server, the administrator can determine whether, and how often, to send the user an emailed quarantine summary report. The administrator can also grant users permissions to view and manage their own quarantine folders in the SecurityGateway interface. The quarantine summary email allows users to release the message from quarantine, and whitelist or blacklist the sender. When the quarantine is viewed in the SecurityGateway interface, users have additional options, such as the ability to feed messages to SecurityGateway’s Bayesian spam learning engine.

We generally recommend using the Bayesian feature to mark a message as spam, rather than blacklisting the sender. Thus, to avoid any confusion, we’ve put together a new best practices guide on quarantine management in SecurityGateway.

Click here to view the new SecurityGateway Quarantine Management guide.

Following the suggestions outlined in this guide will help ensure that you receive the messages you want, and block the messages you don’t want.

If you have questions, let us know in the comments section below!

 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Protect Email Privacy with Message Expiration using Virtru

In a previous video and blog post, I demonstrated how to maintain data privacy by encrypting email messages in WorldClient (MDaemon’s webmail client) using Virtru. However, this easy-to-use client-side email encryption feature does more than just email encryption. When you use Virtru Pro, you can set a message expiration  period, revoke sent messages, or disable forwarding. In today’s video tutorial, I show you how to set a message expiration using WorldClient and Virtru.

 

If you’d like to see for yourself how easy Virtru is to use, then download  your free trial of MDaemon!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Thwart Hackers with Strong Password Policies

For spammers, the barriers to entry are very low and the potential payoffs are very high relative to the small amounts of effort required to send out lots of spam. Spammers typically look for the “low hanging fruit” of an email system, such as mail servers that are not configured to prevent relaying, or accounts with weak passwords. If a hacker manages to guess an account’s password, he can use that account to send out large amounts of unsolicited spam email messages. This can result in your server winding up on a blacklist. Additionally, if large amounts of spam are sent out before the issue is corrected, your business can suffer lost trust and a reduction in revenue.

MDaemon’s Account Hijack Detection feature can be used to disable the account once a specified number of messages have been sent from an authenticated session within a given period of time. But it would be better to not even let a hacker get that far. Having strong passwords that are difficult to guess would help prevent an account from being hijacked in the first place.

Today, we focus on the issue of weak passwords and how to thwart hackers by implementing strong password policies. These settings are located in MDaemon under the Accounts | Account Settings configuration screen. In today’s video tutorial, we demonstrate how to require strong passwords, how to force accounts with a weak password to change their password, and how to send a Weak Passwords report to a designated email address.

Email is one of the most valuable intellectual property assets a company can have. Protect your email by enacting strong security and password policies & keep the hackers out.

Click here to learn more about MDaemon and why many small-to-medium businesses have migrated to it from Microsoft Exchange Server, or click here to download your free trial!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

For Security & Privacy – Easy Email & Attachment Encryption with Virtru

Recently, I created a video and blog post about Virtru Email Encryption for MDaemon, to demonstrate its features, benefits, and ease of use. Following along with its ease of use, I’ve created the following animation to show you just how easy Virtru is to use. Simply enable Virtru support in WorldClient (MDaemon’s webmail client), enable the Virtru features by clicking on the small “V” button within the email compose window, and then click on “Send Encrypted.” It really is that simple!

Virtru Email and Attachment Encryption
It’s easy to encrypt email and attachments using Virtru

For a more thorough overview of Virtru’s features, please see this blog post, or click here to visit our main Virtru page.

Virtru (email and attachment encryption) is included with the MDaemon Messaging Server. Virtru Pro features include Message Revoke, Disable Forwarding, Set Message Expiration, and automatic encryption. Click here if you’d like to purchase Virtru Pro.

Want to learn more about the encryption features offered by MDaemon? Then click here to learn more!

Protect your business from unauthorized access to your important and confidential email messages. Download your free trial of MDaemon today!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

How to Deal with Spam in SecurityGateway

SecurityGateway is a powerful email spam & malware filter & gateway that can be used to protect any type of mail server. It offers a layered approach to security, with protection features including data leak prevention, attachment filtering, heuristic and Bayesian analysis, zero-hour Outbreak Protection, and much more.

In today’s video tutorial, we demonstrate best practices for handling spam in SecurityGateway. Topics covered include:

  • How to mark a message as spam to teach the Bayesian learning process how to identify junk email messages, which helps to make the spam filter more accurate over time.
  • How to use whitelists and blacklists.
  • How to manage messages in your quarantine.
  • How to find specific messages in the Message Log.

If you’d like to learn more about SecurityGateway, then visit our SecurityGateway product page.

Or download your free trial to see how easy it is to use, and let us know if you have questions!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Keeping Email Private with Virtru Client-Side Encryption

Have you ever created an account on a website that you wouldn’t want others to know about, or made travel arrangements, purchased personal items, or set a doctor’s appointment online? If so, then it’s possible that sensitive information about you has been transmitted via email. If any of these situations apply to you, or if you just don’t want anyone to see the cat photos you sent as an email attachment to your neighbor, then you should be encrypting your email. If you send personal or financial information, it’s best to assume that at any given time, someone out there is trying to gain access to that information.

Many small businesses think data breaches only happen to large companies, however, no company is too small to protect itself from outside threats. In fact, many hackers know that smaller companies might be a bit more lax in their security practices, and thus target them more aggressively. This is why email security and encryption are so important.

Virtru recently wrote a blog titled “Four Enterprise Security Statistics that Might Scare You Straight.” Here are some interesting statistics cited in the article:

  • 87% of Senior Managers Upload Business Files to a Personal Email or Cloud Account
  • Email Malware Creation is up 26% Year Over Year, with 317 Million New Pieces of Malware Created in 2014
  • Hackers Targeted 5 out of 6 Large Companies Using Email Attacks Last Year — an Annual Increase of 40%
  • Cybercrime has a 1,425% ROI

So with the above statistics in mind, do we even need to ask why we need encryption? If these reasons aren’t convincing enough, consider these:

  • Firewalls, antivirus, and anti-spyware may provide good protection, but they may not be enough. If one of the above is breached, encryption helps keep data safe.
  • Encryption can help shield businesses and users from government surveillance or other unauthorized access.
  • When you need to send sensitive data, encryption helps keep this data away from unauthorized viewers.
  • Encryption helps companies stay in compliance with HIPAA, CJIS, FERPA, and other government regulations.
  • Encryption helps keep sensitive data out of the hands of criminals and competitors.
  • Encryption helps companies preserve data integrity and privacy policies.

Client-side vs. Server-Side Encryption

Now that we’ve discussed why encryption is important, let’s discuss Virtru and its benefits.

First, we need to make a distinction between client-side and server-side encryption. With client-side encryption, email messages and attachments are encrypted by the sending mail client, and remain encrypted until an authorized recipient opens the message. With server-side encryption, messages and attachments are encrypted on the mail server with no user interaction. MDaemon users can use Virtru to encrypt messages on the client, and MDaemon administrators can use PGP to encrypt messages as they pass through the mail server. In this blog post, we’re going to focus on the client-side Virtru encryption features. If you’d like to learn more about MDaemon’s server-side encryption options using OpenPGP, then check out this blog post & video.

What is Virtru?

Virtru is an easy to use email encryption service that lets you protect private information while using your existing email service.  Encryption converts plain text into gibberish (cipher text) that is unreadable to all except the intended recipient. Virtru offers end-to-end encryption, ensuring that only authorized parties can decrypt your content.

When you send messages with Virtru, your emails and files are locked using strong encryption. Only you and your recipients can decrypt your messages. Separation of content and encryption gives you an extra level of privacy.

Why use Virtru?

Virtru was designed for user privacy and ease of use. Virtru never has access to your passwords and does not store any of your email content on their servers; only the encryption keys. Virtru helps users avoid headaches by managing their encryption keys for them.

Users have two versions of Virtru to choose from. The free version provides encryption and decryption of email and attachments. The Pro version provides the same encryption and decryption features, plus the ability to set message expiration dates, revoke emails, and disable forwarding.

Want to learn more about Virtru? Then  check out the video below for a demonstration, or visit the Virtru page on our website. You can also try out Virtru’s features by downloading your free trial of MDaemon.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Server-side Encryption, Decryption & Key Management with OpenPGP

Whether you work in health care, finance, government, or any other field that requires the storage of data, there’s always someone out there who would love to gain access to your confidential records. Don’t let the bad guys steal your data. Protect it with server-side encryption. Our latest release of MDaemon supports OpenPGP, which allows MDaemon to perform encryption, decryption, and key management tasks. Learn how to enable OpenPGP support in MDaemon, and how to send encrypted mail in our latest video.

Click here to learn more about MDaemon’s email encryption features, or click here to download your free trial of MDaemon and see for yourself how easy it is to use!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Email Privacy and More in MDaemon 15.5

MDaemon_logo_transparent

Today we’ve launched the newest version of the MDaemon email server with some exciting new features. Staying true to the company’s focus on email security and end user ease of use, we believe these new features will be welcomed by many of our users across industries.

I’ve outlined some of the features below, but if you’d like a more extensive list, the MDaemon Features by Version page can provide additional detail.

Encryption Layers for Extended Email Privacy

With a growing emphasis in the market on email privacy, MDaemon 15.5 introduces additional encryption features using Vitru and Open PGP to make it easy for users and administrators to keep email communications private.

On the client side, WorldClient users can enable Virtru for end-to-end encryption. Basic encryption for emails and attachments is included for free within the WorldClient settings menu. Virtru encrypts the user’s email and attachments and does not have access to the encryption keys. For organizations that need to comply with HIPAA or need additional security controls, Virtru Pro is available for an annual subscription of only $24 per user. Virtru Pro allows users and administrators to revoke messages at anytime, see and control forwarding, as well as add expiration data to email messages. For Microsoft Outlook users, the same features (free and Pro) are available using the Virtru for Outlook add-on.

On the server side, Open PGP for MDaemon has been added to give administrators the ability to use encryption, decryption, and basic key management capabilities through OpenPGP support. This additional layer helps administrators who want to ensure user compliance by managing encryption settings at the server versus the user implemented client level. Also, MDaemon’s Content Filter now contains actions to encrypt and decrypt messages. And finally, server-side encryption capabilities are beneficial when using email archiving with MDaemon.

Managing Employee Workload and Overtime with Email Do Not Disturb

Companies in many countries are being challenged by the need to manage email access “after hours” to prevent overtime pay and promote a stronger work/life balance. To date, most companies can only implement Human Resource policies to address the issue. To help IT Administrators deliver another layer of compliance to the organization, MDaemon 15.5 introduces its “Email Do Not Disturb” feature.

Located within the Accounts | Groups & Templates settings, Do Not Disturb allows the MDaemon administrator to set a time frame during which email may not be accessed by its users. Accounts in this state will receive incoming mail but users may not be able to login to their MDaemon account or send/reply to messages until the Do Not Disturb period has lapsed.

New Calendar Synchronization Options with CalDAV Support

Support for synchronizing calendars via the CalDAV protocol has been added. Notable CalDAV clients are Apple iCal (Included with Mac OS X), Apple iOS (iPhone), and Mozilla Thunderbird via the Lightning calendar plugin.

Adding Public Contacts Support in ActiveSync

The ActiveSync server has an option to include and merge a user’s public contacts with their default contacts. This allows users of clients such as Outlook 2013, which does not support multiple contacts folders or global address list searching, to access public contacts. The public contacts are read-only and tagged with “Public” and “Read-Only” categories.

Productivity Improvements for WorldClient Users (MDaemon’s Web-based Email)

Browser* Desktop Notifications – When launching WorldClient using the LookOut or WorldClient theme, the browser will prompt the user to allow desktop notifications. If accepted, the user will receive notifications of new email messages, new Instant Messages (in the case that the corresponding chat is not in focus), and any change in status of a chat buddy.
*Desktop notifications are not supported by Internet Explorer.

Password Recovery – If enabled, users who have permission to edit their password will be able to enter an alternate email address to reset their password in case they forget it. Once set, if the user attempts to log in with an incorrect password a “forgot password?” link will appear and direct them to a page that asks them to confirm their password recovery email address. If entered correctly, a message containing a link to a page that allows them to change their password is sent. This feature is disabled by default.

Creating a New Event, Task, or Note via Email – Users can easily convert an email message to an event, task or note. This enables users to more easily follow-up on emails that contain information relevant to projects, meetings or other time sensitive activities.

For pricing to purchase, upgrade or renew your MDaemon license to the newest version, please visit the Purchase, Renew or Upgrade page!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •