Are you experiencing disruptions with MDaemon or Security Gateway?

UPDATE: This issue has been resolved. Please restart MDaemon or Security Gateway.

If you are currently experiencing a disruption with MDaemon or Security Gateway, please disable (uncheck) “Outbreak Protection.” We are working with Cyren to fix the issue. MDaemon users can disable this feature via Security | Outbreak Protection.

Security Gateway users can disable this feature via Security | Anti-Spam | Outbreak Protection (be sure to un-check both Anti-Spam Outbreak Protection and Anti-Virus Outbreak Protection).

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Coronavirus (COVID-19) Update for Customers and Partners

At MDaemon Technologies, the health and safety of our employees, customers and partners is our primary concern. As a global technology company, we are monitoring the developments of the Novel Coronavirus (COVID-19) pandemic very closely. Our entire staff is trained and participates in our remote workforce program and we are committed to providing seamless support to our customers’ business operations.

#coronavirus #coronavirusupdate

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Microsoft is Ending Support for Windows 7. Here’s how to Move MDaemon and Security Gateway to the Latest OS

Microsoft Ends Support for Windows 7. Here's how to move MDaemon and Security Gateway for Email Servers to a new server.

Today, Microsoft is ending support for Windows 7. And while MDaemon and Security Gateway continue to support Windows 7, it’s a good idea to consider updating your Windows installation or migrating to an updated system.

Fortunately for MDaemon and Security Gateway users, moving to a new server isn’t a complicated process.

Moving MDaemon to a New Server or OS

Moving MDaemon to a new server using the same directory path involves these tasks:

  1. On the existing server, remove the MDaemon system service.
  2. Deactivate MDaemon & its associated plugins.
  3. Copy the MDaemon directory to the same path on the new server.
  4. Install the same version of MDaemon on the new server.
  5. Activate MDaemon on the new server.

For more detailed instructions, you can follow the steps outlined in this knowledge base article to move MDaemon.

If you’re moving MDaemon to a different directory path on the new server, you’ll need to update a few configuration files to point to the proper path, but this process isn’t complicated. Simply follow the steps outlined here to migrate to the new server on a new path.

Moving Security Gateway to a New Server or OS

To move Security Gateway, simply make a backup copy of the Security Gateway database, shut down Security Gateway, install Security Gateway on the new server, and then restore the database file.

You’ll find step-by-step instructions for moving Security Gateway in this knowledge base article.

“Will my software stop working after Microsoft ends support for Windows 7?”

MDaemon and Security Gateway will continue to support Windows 7, but because Microsoft will no longer provide automatic security updates, it’s a good idea to move to a newer operating system to remain secure.

If you need help, our expert support staff is available to provide guidance.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Year in Review – Our Top New Features of 2019

MDaemon Technologies - Year in Review

With 2019 coming to a close, I’d like to announce a few product updates. 2020 is going to be an exciting year for new features, but until then, we’ve made a few improvements in MDaemon, MDaemon Connector for Outlook, and Security Gateway for Email Servers.

New Security Features

Macro Detection in Email Attachments

A common tactic used by scammers to distribute malware is to send emails containing attachments with a message asking the user to enable macros. In fact, this tactic has been used extensively by the Emotenet botnet during its recent resurgence after a period of inactivity. Once enabled, these macros can unleash malware that destroys your data or infiltrates your network. To help protect users from these threats, a new option was added to MDaemon Antivirus and SecurityGateway to detect macros in documents scanned by Cyren AV and flag them as infected for further review by the administrator.

Antivirus Macro Detection
Antivirus Macro Detection

Authentication Failure & Frozen Account Reports

To help users maintain awareness of unauthorized account access attempts, a new setting was added to MDaemon’s Dynamic Screening feature to notify the user after a given number of failed authentication attempts or after the account has been frozen.

MDaemon Email Server Authentication failure tracking - Dynamic Screening Notifications
Dynamic Screening Notifications

Regulations & Backup/Restore Features

Email Archiving in SecurityGateway

Any business that has lost data to a malware attack or suffered fines for not meeting regulatory requirements will benefit from a solid backup and recovery solution. To help businesses meet these needs, archiving was added to SecurityGateway. Advanced searching options make it easy to find archived messages based on the sender, recipient, message subject, message content, date range, attachment, and much more.

Archiving in SecurityGateway for Email Servers
Archiving in SecurityGateway for Email Servers

Email Journaling

Businesses that need to meet regulatory and compliance requirements or provide document retention for litigation requests can use SecurityGateway’s new Journaling feature. Journaling creates a backup copy of every email sent and received, along with a summary of the message’s sender, recipient, subject, and date, and stores it in a separate mailbox that cannot be accessed by end users.

SecurityGateway Archive Journal Reports
SecurityGateway Archive Journal Reports

Privacy

New Data Leak Prevention Rules

Your data is your business’ most valuable asset, so if it lands in the wrong hands, it could lead to devastating financial losses as well as a loss of trust. To help businesses keep confidential data such as credit card numbers, Social Security numbers, and bank account numbers from being stolen over 60 new data leak prevention rules were added to SecurityGateway to protect against transmission of a wider variety of sensitive data.

Data Leak Prevention in SecurityGateway
Data Leak Prevention in SecurityGateway

Usability

Saved Searches in MDaemon Webmail

Over the past year, we added new features to MDaemon Webmail to help users stay organized, including automatic creation of “All Unread” and All Flagged” saved searches. When you log into MDaemon Webmail, you’ll receive a pop-up message asking you if you’d like to create these saved searches. Simply confirm to add them to your folders list.

MDaemon Webmail - Saved Searches
MDaemon Webmail – Saved Searches

Expired Webmail Session Notifications

If you’ve been logged into MDaemon Webmail for a period of time, you may not have noticed your session has expired. Beginning with MDaemon 19, MDaemon Webmail will display (EXPIRED) on the browser tab to help notify users that they’ve been logged out without having to switch tabs.

Expired Session notification in MDaemon Webmail
Expired Session notification in MDaemon Webmail

New Mobile Theme for MDaemon Webmail

Most of us are using our phones more than we’re using our desktop to check email, and you shouldn’t have to sacrifice features for the convenience of anywhere access. To address these needs, MDaemon Webmail’s mobile theme has been redesigned with a more modern look, plus a variety of new features previously only found in desktop themes. New email management features include email templates, personalized categories, drag & drop email filters, an email signature editor with support for multiple signatures, deferred delivery, message snooze, message recall, and sorting options.

Calendar features for the new Mobile Webmail theme include importing and exporting in CSV or ICS (iCal) format, support for external calendars, private access links, simultaneous multi-calendar view, and much more.

MDaemon Webmail - New Mobile Theme
MDaemon Webmail – New Mobile Theme

Performance

Businesses with higher email usage environments will benefit from these new features for SecurityGateway.

64-Bit Version of SecurityGateway

This year, we added a 64-bit version of SecurityGateway. This allows 64-bit operating systems to take advantage of the extra processing power that’s achieved by allowing more operations to be performed at a time. The 64-bit version can handle a higher volume of active connections for improved performance.

External Database Support in SecurityGateway

External database support has been added to SecurityGateway, so you’re no longer limited to using the built-in Firebird database. When an external Firebird database is used, multiple items can access the database at the same time, which helps improve performance.

Administration

Support for Multiple SSL Certificates

In the past, when adding a new domain and host name to an existing MDaemon server, administrators had to remove and re-create the SSL certificate, or re-issue the third-party certificate. In 2019 we added support for Server Name Indication (SNI) to MDaemon. With SNI, each host name can have its own SSL certificate, which means you no longer have to delete and re-create existing certificates and share them among new domains/host names. Simply create the new SSL certificate & assign it to the new host name.

Centralized Management of Email Signatures

If your business allows users to create their own email signatures, you may have noticed there’s no consistency, with variations in text formatting, images, or overall layout of the signature. In MDaemon 19.5, we added support for centralized management of email signatures.

Central Management of Email Client Signatures
Central Management of Email Client Signatures

More Features Coming Soon!

This is by no means an exhaustive list of all new features. Our developers have devoted countless hours to making MDaemon the best email and collaboration product on the market, and 2020 is going to be even more exciting, so check back for new features and updates!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

News Roundup – November 25, 2019

This week, we present the latest stories and events in the field of email, email security, phishing, data breaches, regulations, and trends.

Ransomware in the News

I’m old enough to remember life without a computer in the house, so I was a bit surprised to learn that the first ransomware attack happened 30 years ago!

Cybercriminals have come a long way since 1989 as they continue to employ a mix of oldWeekly Email Security and IT News and new tactics to scam businesses and end-users out of millions of dollars. For the second time this year, Louisiana’s state government systems were hit with ransomware. Fortunately, they were better prepared after the previous attack, so they suffered no data losses and did not pay a ransom.

Other reported incidents included:

Business Email Compromise Threats Continue

Business email compromise continues to be a growing threat due to the potential to extort large payouts from victims. A prominent incident reported last week included one in which fraudsters diverted $742,000 from the City of Ocala in Florida.

Reports of business email compromise typically discuss the facts about the incident itself – how it happened, how much money was lost, and actions taken to protect from future losses, but what is rarely reported is what legal action, if any, a company takes against the employee who was successfully tricked by one of these scams. But last week, a judge ruled on a case against an employee of a Scotland based company who was tricked into transferring approximately $200,000 to a cybercriminal.

Other Recent Incidents

Other recent incidents include:

New Trends We’re Watching

Other recent incidents show evolving threat vectors and attack techniques, including the Raccoon Stealer malware that bypasses Microsoft Messaging Gateways, a WhatsApp vulnerability that can remotely execute code, specially crafted ZIP filese used to bypass secure email gateways, Google Assistant on Android devices could be tricked into taking photos or videos, and the growing threat of fake Windows updates.

Staying  informed of current and emerging threats and tactics is the first step in protecting yourself and your business. Check back often for the latest updates..

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Business Email Compromise Discussed on NPR’s Morning Edition

business email compromiseEarlier this week, I heard an interesting interview on NPR’s Morning Edition with a recent victim of Business Email Compromise (BEC), a growing threat that uses social engineering to exploit human nature in order to divert massive amounts of money to cybercriminals.

Recent Business Email Compromise Trends show Evolving Tactics

First, let’s start with a little background information. In 2013, when Business Email Compromise scams were gaining popularity, attackers typically compromised a legitimate email account belonging to the company president, CEO or CFO in order to request the transfer of funds to an account controlled by the attacker. As awareness of BEC scams has grown, the tactics used by the scammers to avoid detection have evolved as well. These newer deception methods use compromised lawyer email accounts, requests for W-2 records, and the targeting of real estate transactions. Another recent trend involves spoofing a company executive or other position of authority and requesting the targeted victim purchase gift cards for personal or business reasons.

Over the past couple of years, BEC tactics have further evolved into a new trend known as Vendor Email Compromise in which cybercriminals target vendors or suppliers with phishing emails and then send realistic-looking invoices to their customers in order to steal money.

BEC scams have been wildly successful, with $1.2 billion in losses reported in 2018 by the FBI’s Internet Crime Complaint Center (nearly triple 2016 losses). Unfortunately, these are only REPORTED losses. Many incidents go unreported because companies don’t want to risk bad publicity.

While recent efforts by law enforcement agencies have led to many arrests, Michael J. Driscoll, FBI special agent in charge of the Criminal Division for the bureau’s New York Field Office, has named Business Email Compromise the #1 priority – replacing ransomware as the biggest threat facing businesses.

And that brings me to the interview I heard on NPR.

This week on Morning Edition, Martin Kaste interviewed “Mark” (not his real name), the owner of a Seattle-based real estate company and one of the earliest victims of Business Email Compromise. Mark discussed how the attack began and how it evolved.

It started with a scammer intercepting email traffic between Mark and a business partner. For a period of time, the scammer monitored this email traffic and studied their speech, writing patterns and message timing (see Step 1 here). When Mark and his partner discussed a $50,000 disbursement owed to the partner, the scammers took action and inserted their own wire transfer instructions (see Step 3 here).

Mark was convinced the request was legitimate, and transferred the $50,000 (Step 4) to the scammer’s bank account. His partner never received the money. By the time they alerted the bank, the money had already been transferred to an overseas account.

Mark said, “We’re somewhat experienced businesspeople. The idea that we’ve been duped makes you feel pretty stupid,” and as I mentioned, this “shame” element, along with fear of a damaged business reputation, is why many of these incidents often go unreported.

Kaste points out, “The banks weren’t much help, either. Since he was the one who gave the scammers the account number, they saw this as his responsibility. He has learned one thing – never again trust wiring instructions that are sent by email.”

And that sound advice is among other tips you’ll find in my earlier post on avoiding Business Email Compromise scams.

You can listen to the full interview from NPR’s Morning Edition here.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Security Gateway a High Performer Again – G2 Crowd 2019 Fall Report

We’re proG2 Crowd High Performer 2019ud to announce that Security Gateway for Email has once again been named a High Performer in Secure Email Gateways by G2 Crowd in their Fall Report. And if you are looking for a hosted solution, Security Gateway also was recognized as a top Cloud Email Security solution.

Security Gateway for Email Servers - High Performer 2019
Security Gateway for Email Servers – High Performer 2019

G2 Crowd awards are based on honest reviews from users. In other words, the product is recognized because of the feedback from users just like you who use the product every day; awards that reflect a superior customer experience.

The data from G2 Crowd speaks for itself – Security Gateway received satisfaction ratings above 90% in the Ease of Set Up, Ease of Use, Ease of Admin, and Quality of Support categories; ratings that exceed the category average scores.

Why Users Love Security Gateway

Easy to Use 

Security Gateway Review from G2 Crowd

SecurityGateway is designed to be simple and easy-to-use. Set-up, configuration and maintenance is easy for the administrator, and every-day tasks like accessing quarantine reports is easy for the end user.

Best Results

Security Gateway for Email Review - G2 Crowd

With SecurityGateway you get results, which means you DON’T get malicious emails in your inbox. We protect email communications for businesses of all sizes and verticals, regardless of which email platform they use and whether it’s in-house or in the cloud.

Reliable

Security Gateway Review

Try Security Gateway for Free and Compare its performance and Cost to Your Current Solution

Security Gateway is one of the best email security gateways in the market. Find out what organizations of all sizes already know – Security Gateway saves you time, headache and money.

Click here to learn how Security Gateway can protect your email!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

MDaemon Email Server and Security Gateway Rank High in G2 Crowd’s Summer Reports

MDaemon Email Server and Security Gateway for Email - Higth Performers on G2 CrowdMDaemon Email Server and Security Gateway customers have made it clear – MDaemon Technologies delivers safe, secure email solutions that fit their unique business needs at a great price.

Users voiced their opinions on G2 Crowd this past quarter, earning both products a number of awards on the peer-to-peer review site. Recognition is based solely on customer reviews, with users rating products on what they like, what they dislike, and what problems the particular product solves.

MDaemon Email Server earned a 4.7 out of 5 star rating, netting the #2 slot in both the Highest Rated and Easiest to Use categories. In addition, customers’ positive comments also gave MDaemon Email Server the “High Performer” and “Users Love Us” badges.

Top Email Servers - G2 Crowd
Top Email Servers – G2 Crowd

Reviews of MDaemon Email Server praise the security and stability of the tool, ease of use and management, amount of control and customization, affordability, and value of customer support.

Meanwhile, Security Gateway also performed well against other email gateway products. Scoring 4.4 stars out of 5, Security Gateway placed third in the Easiest to Use group, and among the top 5 in the Highest Rated division. Security Gateway also garnered a “High Performer” badge for both the on premise and cloud Email Security Gateway solution.

Security Gateway for Email Servers - Ranking on G2 Crowd
Security Gateway for Email Servers – Ranking on G2 Crowd

Security Gateway users lauded the easy setup and management, robust security features, reporting capability, and the ability to customize the tool to fit their needs.

Where do your email solutions rank? View the G2 Grids for Best Email Software and Best Secure Email Gateway Software.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Looking for an Alternative Email Client to Microsoft Outlook? eM Client – Email and Collaboration that Works Well with MDaemon Email Server!

If you’re like me, you want an email client that’s easy to set up, easy to use, and easy on the eyes, and if it works well with MDaemon, then that’s a huge plus!

An email client that fits these criteria quite nicely is eM Client, a full-featured email client that supports email, contacts, calendars and tasks, and works on a variety of platforms and devices. Its touch-friendly design makes eM Client the ideal messaging and collaboration tool for smartphones and tablets.

eM Client is simple, elegant, customizable and easy to set up. Its built-in calendar works seamlessly with MDaemon’s free/busy server to help users avoid scheduling conflicts when planning meetings and events.

It even integrates nicely with MDaemon’s XMPP chat server for convenient instant messaging and file sharing using the integrated chat bar.

There’s even a Mac OS version!

An Email Client that’s Easy to Install and Configure. No hassles!

MDaemon users will find eM Client to be a viable alternative to Microsoft Outlook and other mail clients. Simple, hassle-free setup means users can be up and running in less than a minute by simply entering their email address and password. eM Client takes care of the rest!

To get started, download eM Client and then simply follow these steps.

  1. Launch the installer file & click Agree on the license agreement.eM Client License Agreement
  2. Click the Install button.

    eM Client Install Button
    eM Client Install Button
  3. Leave the boxes checked if you’d like to set eM Client as the default email application, run at Windows startup, and launch eM Cleint after setup, and then click on Finish.

    eM Client Install Startup Options
    eM Client Install Startup Options
  4. Enter your email address, and then click Start Now.

    eM Client Email Address
    eM Client Email Address
  5. Enter your password, and then click Continue.

    eMClient - Enter Password
    eMClient – Enter Password
  6. Verify your name and account name (your full email address), and then click Next.

    eM Client Verify Account
    eM Client Verify Account
  7. By default, email, calendars and contacts are automatically synced, and instant messaging via XMPP is enabled. Click on Finish to continue.

    eM Client Sync Calendars and Contacts
    eM Client Sync Calendars and Contacts

That’s it! You can now begin using eM Client with MDaemon!

 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Expiring Support for Older Software: Renew & Upgrade for the Latest Features & Improved Security!

As our products have evolved over the years, with new features added regularly, older versions of our software are eventually no longer supported.

Effective July 30, 2019, technical support will be discontinued for the following product versions:

  • MDaemon – Versions 14.5.x and below
  • Security Gateway – Versions 4.5.x and below
  • Outlook Connector – Versions 4.5.x and below
  • SecurityPlus – Versions 5.0.x and below

For continued support, this is a great opportunity to renew your license and upgrade to most recent versions of our software to take advantage of the latest features! As a current user we offer an automatic 30% discount off the price of a new purchase!

Upgrade MDaemon today and get these exciting new features:

MDaemon, webmail, chat, IM, collaboration
Integrated instant messaging in MDameon Webmail

Check out our MDaemon Features by Version page to see what you could be missing!

After July 30, 2019, supported versions of MDaemon will include MDaemon 15 & up.

Upgrade Security Gateway for Email Servers today and get these exciting new features:

When you upgrade to the latest release of Security Gateway, you can take advantage of these new features:

Archiving Features in Security Gateway
Archiving Features in Security Gateway

More information on these new features can be found on our Security Gateway Product Page.

MDaemon Connector for Outlook (formerly Outlook Connector for MDaemon) has new features, too!

MDaemon Connector for Outlook Client Settings
Control MDaemon Connector for Outlook client settings from the MDaemon console

Outlook Connector has been re-branded as MDaemon Connector for Outlook, and, beginning with MDaemon 18,  is now included with MDaemon as a licensed feature (via purchase of separate license).

 

Therefore, in the latest version of MDaemon, a separate download is not required on the MDaemon server. Simply enter your MDaemon Connector license key via Help | Register your MDaemon Products to activate MDaemon Connector for Outlook. Features introduced after version 4.5 include:

  • “Expired password” or “password change required” notification for end users
  • Administrator control over which Outlook add-ins are allowed or disabled
  • Junk Email folder / Blocked Senders support
  • S/MIME support for message signing and encryption
  • MDaemon Connector configuration reports for administrators, with Outlook send/receive schedules for all accounts.
  • Centrally-managed send/receive schedules
  • Nearing/over quota alerts for end users
  • New database management tools to help administrators maintain optimal performance

Visit the MDaemon Connector for Outlook product page to learn more!

MDaemon Antivirus – with Cyren AV and Mailbox Scanning

SecurityPlus has been rebranded as MDaemon Antivirus, and beginning with MDaemon 18,  is also now a licensed feature of MDaemon that no longer requires a separate download.

Recent versions of MDaemon Antivirus include these new features:

  • Mailbox scanning
  • Cyren AV (The Kaspersky AV engine was replaced by Cyren in October, 2017)
  • ClamAV antivirus plugin
  • Exclusions for password-protected files for approved senders or recipients

Visit the MDaemon Antivirus page to learn more.

MDaemon Antivirus - Mailbox Scanning
MDaemon Antivirus – Mailbox Scanning

Would  you like to take advantage of these new features? Click here to upgrade or renew your product license today and receive the latest security and administration updates as they become available for the duration of your license term!

 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •