Year in Review – Our Top New Features of 2019

MDaemon Technologies - Year in Review

With 2019 coming to a close, I’d like to announce a few product updates. 2020 is going to be an exciting year for new features, but until then, we’ve made a few improvements in MDaemon, MDaemon Connector for Outlook, and Security Gateway for Email Servers.

New Security Features

Macro Detection in Email Attachments

A common tactic used by scammers to distribute malware is to send emails containing attachments with a message asking the user to enable macros. In fact, this tactic has been used extensively by the Emotenet botnet during its recent resurgence after a period of inactivity. Once enabled, these macros can unleash malware that destroys your data or infiltrates your network. To help protect users from these threats, a new option was added to MDaemon Antivirus and SecurityGateway to detect macros in documents scanned by Cyren AV and flag them as infected for further review by the administrator.

Antivirus Macro Detection
Antivirus Macro Detection

Authentication Failure & Frozen Account Reports

To help users maintain awareness of unauthorized account access attempts, a new setting was added to MDaemon’s Dynamic Screening feature to notify the user after a given number of failed authentication attempts or after the account has been frozen.

MDaemon Email Server Authentication failure tracking - Dynamic Screening Notifications
Dynamic Screening Notifications

Regulations & Backup/Restore Features

Email Archiving in SecurityGateway

Any business that has lost data to a malware attack or suffered fines for not meeting regulatory requirements will benefit from a solid backup and recovery solution. To help businesses meet these needs, archiving was added to SecurityGateway. Advanced searching options make it easy to find archived messages based on the sender, recipient, message subject, message content, date range, attachment, and much more.

Archiving in SecurityGateway for Email Servers
Archiving in SecurityGateway for Email Servers

Email Journaling

Businesses that need to meet regulatory and compliance requirements or provide document retention for litigation requests can use SecurityGateway’s new Journaling feature. Journaling creates a backup copy of every email sent and received, along with a summary of the message’s sender, recipient, subject, and date, and stores it in a separate mailbox that cannot be accessed by end users.

SecurityGateway Archive Journal Reports
SecurityGateway Archive Journal Reports

Privacy

New Data Leak Prevention Rules

Your data is your business’ most valuable asset, so if it lands in the wrong hands, it could lead to devastating financial losses as well as a loss of trust. To help businesses keep confidential data such as credit card numbers, Social Security numbers, and bank account numbers from being stolen over 60 new data leak prevention rules were added to SecurityGateway to protect against transmission of a wider variety of sensitive data.

Data Leak Prevention in SecurityGateway
Data Leak Prevention in SecurityGateway

Usability

Saved Searches in MDaemon Webmail

Over the past year, we added new features to MDaemon Webmail to help users stay organized, including automatic creation of “All Unread” and All Flagged” saved searches. When you log into MDaemon Webmail, you’ll receive a pop-up message asking you if you’d like to create these saved searches. Simply confirm to add them to your folders list.

MDaemon Webmail - Saved Searches
MDaemon Webmail – Saved Searches

Expired Webmail Session Notifications

If you’ve been logged into MDaemon Webmail for a period of time, you may not have noticed your session has expired. Beginning with MDaemon 19, MDaemon Webmail will display (EXPIRED) on the browser tab to help notify users that they’ve been logged out without having to switch tabs.

Expired Session notification in MDaemon Webmail
Expired Session notification in MDaemon Webmail

New Mobile Theme for MDaemon Webmail

Most of us are using our phones more than we’re using our desktop to check email, and you shouldn’t have to sacrifice features for the convenience of anywhere access. To address these needs, MDaemon Webmail’s mobile theme has been redesigned with a more modern look, plus a variety of new features previously only found in desktop themes. New email management features include email templates, personalized categories, drag & drop email filters, an email signature editor with support for multiple signatures, deferred delivery, message snooze, message recall, and sorting options.

Calendar features for the new Mobile Webmail theme include importing and exporting in CSV or ICS (iCal) format, support for external calendars, private access links, simultaneous multi-calendar view, and much more.

MDaemon Webmail - New Mobile Theme
MDaemon Webmail – New Mobile Theme

Performance

Businesses with higher email usage environments will benefit from these new features for SecurityGateway.

64-Bit Version of SecurityGateway

This year, we added a 64-bit version of SecurityGateway. This allows 64-bit operating systems to take advantage of the extra processing power that’s achieved by allowing more operations to be performed at a time. The 64-bit version can handle a higher volume of active connections for improved performance.

External Database Support in SecurityGateway

External database support has been added to SecurityGateway, so you’re no longer limited to using the built-in Firebird database. When an external Firebird database is used, multiple items can access the database at the same time, which helps improve performance.

Administration

Support for Multiple SSL Certificates

In the past, when adding a new domain and host name to an existing MDaemon server, administrators had to remove and re-create the SSL certificate, or re-issue the third-party certificate. In 2019 we added support for Server Name Indication (SNI) to MDaemon. With SNI, each host name can have its own SSL certificate, which means you no longer have to delete and re-create existing certificates and share them among new domains/host names. Simply create the new SSL certificate & assign it to the new host name.

Centralized Management of Email Signatures

If your business allows users to create their own email signatures, you may have noticed there’s no consistency, with variations in text formatting, images, or overall layout of the signature. In MDaemon 19.5, we added support for centralized management of email signatures.

Central Management of Email Client Signatures
Central Management of Email Client Signatures

More Features Coming Soon!

This is by no means an exhaustive list of all new features. Our developers have devoted countless hours to making MDaemon the best email and collaboration product on the market, and 2020 is going to be even more exciting, so check back for new features and updates!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

3 Ways Security Gateway for Email Helps Businesses Stay Compliant

Staying informed of the latest data privacy regulations can be a challenging endeavor, with a plethora of different security and retention requirements based on industry. And as these laws and regulations continue to evolve, businesses will need to evolve as well to keep up.

The timeline for compliance with new data privacy laws is “yesterday”

As Cynthia Cole, special counsel in the Palo Alto technology practice at law firm Baker Botts says in a recent interview, the timeline for data privacy compliance is “yesterday”. And because cybercriminals continue to target users with phishing campaigns and malware downloads, user education continues be a top priority.

So whether you use Office 365, Microsoft Exchange, or any other on premise or cloud hosted email service, are you confident you are protected from accidental or intentional exposure of confidential information contained in email, such as Social Security or Tax-ID numbers, or bank account numbers?

Archiving with Data Retention & Legal Hold in Security Gateway

Security Gateway includes built-in archiving and data retention policies, plus legal hold, to help businesses meet evolving data retention laws. It’s simple to set up and can help your business avoid serious litigation headaches.

Prevent Leaks of Sensitive Data

Companies of all sizes continue to suffer data breaches, and while the larger victims often make the news, many smaller companies don’t, and as many businesses have reported losses, countless more have fallen victim but have chosen not to report the incident in order to protect their reputation.

A small, early investment in additional email security and compliance can help your business avoid much costlier losses later.

Security Gateway’s Data Leak Prevention feature can help protect businesses against the loss of confidential business data transmitted via email, such as PHI (protected health information), financial data, Social Security numbers, and much more. Messages containing sensitive data can be encrypted or sent to the administrative quarantine for further review.

If you’re ready to start protecting your business against regulatory violations and data leaks, sign up for a free trial of Security Gateway for Email, and if you have questions, leave us a comment or click here to contact us by phone or email.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

The Recent Concerns with OpenPGP and S/MIME Encryption

On Monday, May 14th, the Electronic Frontier Foundation (EFF) reported that European researchers had discovered core problems and commonplace implementation flaws in the S/MIME and OpenPGP protocol specifications. The vulnerability, which the researchers have described as EFAIL, can reportedly expose the content of encrypted emails (even messages sent in the past) to be viewed. The EFAIL vulnerability affects many email clients that use S/MIME and OpenPGP. There is a list of email clients with vulnerabilities by protocol in an article posted at thehackernews.com.

It’s very important to understand that to be at risk for this vulnerability, attackers would need access to your emails. This means that your email system has been compromised by an attacker who has access to the encrypted emails through tactics such as eavesdropping on network traffic (also known as a man-in-the-middle (MITM) attack), compromised email accounts, access to email servers, backup systems or client computers, usually achieved through social engineering attacks, such as Phishing and other tactics.

We have checked our own web-based email client (MDaemon Webmail) and our MDaemon OpenPGP-based encryption feature. Our results show that MDaemon Webmail is not vulnerable. However, the MDaemon email server OpenPGP feature is partially vulnerable to one implementation flaw. We have released a patch for affected versions of MDaemon email software, which can be found here. The current version of the MDaemon email server, v18.0.1, includes this fix.

A Reminder on the Best Email Security Practices

This latest issue should remind us all about the importance of email security practices as a whole.  Implementing strong passwords, two-factor authentication, location screening, SSL/TLS, SMTP AUTH, IP Shielding, dynamic screening, freezing accounts after failed authentication attempts, all play a role in helping to keep your accounts and your email safe. You can review a list of email security features in MDaemon here.

If you’ve implemented security to help protect malicious people from accessing your email accounts, then you are less likely to have an account compromised and you will be better protected against these types of attacks and vulnerabilities.

Ongoing Monitoring

While the researchers go into some depth to expose issues deep within the S/MIME and OpenPGP specification documents, these encryption protocols may need specification changes to address the longer-term issues mentioned in the initial report. MDaemon Technologies will continue to monitor this issue.

Additional Resources

We have provided links to past blog posts that cover a number of email security topics to provide additional information:

Thwart Hackers with Strong Password Policies

Are You Taking the Security of Your Email Account Seriously?

Why Passwords May Not Keep Your Email Safe

Block Incoming Connections by Country with MDaemon’s New Location Screening Feature

SSL & TLS Best Practices

Block Hackers from Guessing Passwords with MDaemon’s Improved Dynamic Screening

Are You Doing Enough to Protect Your Email Privacy?

Follow These 13 Tips to Avoid Being Blacklisted

New Security & Collaboration Features for MDaemon 17.5!

Introducing SecurityGateway 5.0, with New Location Screening, Terms of Service Agreements, and More!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

A New Year and a New Name

As we welcome in a New Year, we are also welcoming a new company name. Alt-N Technologies is transitioning to MDaemon Technologies. This change is now in motion and will be implemented gradually across our many company assets.

We are adopting the new name to better leverage the brand equity and recognition we have built over the many years with our trusted email server. The new name will consolidate our brand and align the company around a globally recognized name.

With the name change also brings the new tag line: Simple Secure Email. We believe this tag line summarizes the value many of our global customers and partners have expressed over the years and is synonymous with the attributes that have made MDaemon a popular email server with many IT professionals and resellers.

We may have a new name but our mission and focus remain the same: develop features in our email server and email gateway products that deliver value (reliability, security, and flexibility) to the IT professionals that put their trust in us.

For more than 20 years we have succeeded by listening to our global customers and delivering exceptional service. We treat our employees, customers and channel partners like family and we believe this is just one of the many reasons why we remain a trusted vendor in an ever changing and competitive email and email security market. We may not be the biggest company you will deal with, but we strive to be the best company you deal with!

To our current customers we thank you for allowing us the opportunity to earn your business. To prospective customers, we ask that you give us a try. Download a free 30 day trial of our products or look at our hosted services and partners.

We look forward to an exciting 2018 and the opportunity to serve you!

Happy New Year,
Kevin

Kevin Beatty
VP, Marketing & Business Development

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  

Outlook Connector 5.0 Adds New Control & Reporting Features

In addition to all of the new security & collaboration enhancements introduced in MDaemon 17.5, our latest release of Outlook Connector adds additional control for administrators as well as configuration reporting for end users.

Allow or Block Certain Third-Party Outlook Add-ins to Improve Performance

With the wide variety of Outlook add-ins that users can install, one common challenge is making sure these add-ins don’t negatively impact Outlook performance. Beginning with MDaemon 17.5 and Outlook Connector 5.0, administrators can control which add-ins are enabled or disabled on client machines.

Administrator Control of Outlook Add-Ins
Administrator Control of Outlook Add-Ins

New Outlook Connector Features for End Users

Generate an Outlook  Configuration Report to Assist with Support Requests

When submitting an Outlook Connector support request, it is helpful for our support staff to know as much as possible about the Outlook configuration settings on the client computer. Beginning with Outlook Connector 5.0, users can generate a configuration report containing information such as:

  • All Outlook Connector Profiles, including the email address plus the location and size of the local cache file
  • Information about when the Outlook Connector database was last compacted, and the size of the database
  • The current version of the Outlook Connector plug-in
  • Send/receive intervals
Outlook Connector - Generate Configuration Report
Outlook Connector – Generate Configuration Report

In addition to these major updates, we’ve included various minor fixes & enhancements. More information can be found in the release notes, or if you can download our free trial to start using Outlook Connector today!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •