Quarantine Management in SecurityGateway

SecurityGateway quarantine management best practicesSecurityGateway can be configured to handle spam in various ways. Messages can be refused, quarantined, or accepted, and their spam scores can be adjusted accordingly. When messages are quarantined and held on the server, the administrator can determine whether, and how often, to send the user an emailed quarantine summary report. The administrator can also grant users permissions to view and manage their own quarantine folders in the SecurityGateway interface. The quarantine summary email allows users to release the message from quarantine, and whitelist or blacklist the sender. When the quarantine is viewed in the SecurityGateway interface, users have additional options, such as the ability to feed messages to SecurityGateway’s Bayesian spam learning engine.

We generally recommend using the Bayesian feature to mark a message as spam, rather than blacklisting the sender. Thus, to avoid any confusion, we’ve put together a new best practices guide on quarantine management in SecurityGateway.

Click here to view the new SecurityGateway Quarantine Management guide.

Following the suggestions outlined in this guide will help ensure that you receive the messages you want, and block the messages you don’t want.

If you have questions, let us know in the comments section below!

 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Thwart Hackers with Strong Password Policies

For spammers, the barriers to entry are very low and the potential payoffs are very high relative to the small amounts of effort required to send out lots of spam. Spammers typically look for the “low hanging fruit” of an email system, such as mail servers that are not configured to prevent relaying, or accounts with weak passwords. If a hacker manages to guess an account’s password, he can use that account to send out large amounts of unsolicited spam email messages. This can result in your server winding up on a blacklist. Additionally, if large amounts of spam are sent out before the issue is corrected, your business can suffer lost trust and a reduction in revenue.

MDaemon’s Account Hijack Detection feature can be used to disable the account once a specified number of messages have been sent from an authenticated session within a given period of time. But it would be better to not even let a hacker get that far. Having strong passwords that are difficult to guess would help prevent an account from being hijacked in the first place.

Today, we focus on the issue of weak passwords and how to thwart hackers by implementing strong password policies. These settings are located in MDaemon under the Accounts | Account Settings configuration screen. In today’s video tutorial, we demonstrate how to require strong passwords, how to force accounts with a weak password to change their password, and how to send a Weak Passwords report to a designated email address.

Email is one of the most valuable intellectual property assets a company can have. Protect your email by enacting strong security and password policies & keep the hackers out.

Click here to learn more about MDaemon and why many small-to-medium businesses have migrated to it from Microsoft Exchange Server, or click here to download your free trial!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Training the Bayesian Spam Learning Engine in WorldClient

MDaemon’s built-in spam filter includes a feature known as Bayesian Learning. Bayesian Learning allows MDaemon to “learn” what types of messages are spam and what types are not spam. This allows the spam filter to become more accurate over time.

It is important for users to properly train the Bayes system so that messages are correctly flagged as spam or non-spam. We do not recommend blacklisting the sender of spam messages because this does not help the Bayes engine learn from the message, and thus, has no effect on reducing spam. The easiest way to train the Bayes engine is for users to use the thumbs-up and thumbs-down icons in WorldClient (MDaemon’s webmail client) to feed the Bayes engine samples of spam and non-spam. The more spam and non-spam samples you feed to the Bayes engine, the more accurate the spam filter will become over time, thus, it is very important for users to use the thumbs-down icon on every spam message – whether it arrives in your Inbox or in your Junk Email folder. Likewise, for every false-positive (legitimate, non-spam message that is flagged as spam), you can use the thumbs-up icon to flag the message as non-spam.

This knowledge base article provides a more thorough explanation of Bayesian Learning and how to train the Bayesian Learning engine.

This video explains further.

If you are an end user and you do not see the thumbs-up and thumbs-down icons in WorldClient, the MDaemon administrator can take steps outlined in this video and blog post to make those icons appear.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Backscatter Protection in SecurityGateway

As we discussed in an earlier post, messages that users may receive in response to messages they never actually sent (due to their email addressed having been forged in a spam message’s return-path) are known as backscatter. In that post, we discussed what backscatter is and explained how to enable Backscatter Protection in MDaemon.

In today’s video tutorial, I show you how to enable Backscatter Protection in SecurityGateway.

Do you have questions or comments? Let us know via the Comments section below, or if you need support or further assistance, several options are available for you via our Support page.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Blocking Incoming Email by Country

Are you receiving a lot of inbound email to MDaemon or SecurityGateway from a particular country?

Does your company do business with this country?

Do your email users only need to send and receive email within your own country?

If you run a small business and all of your clients and suppliers are local, then chances are you’re not going to be sending email to certain countries across the globe. Depending on the type of business, companies may want to block all incoming connections from these countries. This is especially useful because a lot of international email traffic contains spam, malware, phishing attempts, and viruses. Taking the time to deal with these types of messages can lead to lost productivity.

There’s an easy way to block these connections. In this video, I show you how to block mail by originating country using the DNS-BL features in MDaemon and SecurityGateway.

If you’d like more information on MDaemon’s security features, then visit the Email Security link under our MDaemon product page.

Click here to learn more about SecurityGateway’s security features.

Visit the Downloads page on our website to download a free trial, and please leave us a comment below if you have questions or would like more information.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

DMARC Webinar Added to YouTube

We’ve added our recent DMARC webinar to our YouTube channel. DMARC (Domain-based Message Authentication, Reporting and Conformance) is an anti-spoofing technology that makes it possible for domain owners to use the Domain Name System (DNS) to inform receiving servers of their DMARC policy, which is how they want those servers to handle email messages that claim to be sent from their domain but cannot be authenticated as having actually come from it. In this webinar, we’ll introduce you to DMARC, describe its purposes and goals, and explain how it works. Then, we’ll show you how to configure MDaemon to use DMARC to verify incoming messages.

This webinar focuses specifically on MDaemon’s implementation of DMARC, however, for a more technical and comprehensive overview of DMARC, and as a prerequisite for this webinar, we recommend viewing the Video Training series located at www.dmarc.org.

Other webinars, tutorials, and overview videos can be found on our YouTube channel.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Blocking Messages based on Keywords in SecurityGateway

If you work in real estate, you are not likely to receive email with pharmaceutical-related content, and if you work in the medical field, you’re not likely to receive email about stock tips or account-related notifications from PayPal. With SecurityGateway, you can create content filter rules to filter out messages that contain words that are not relevant to your business. You can filter based on the sender, recipient, IP address, message subject, message body, or any header found within the message. I’ll show you how in the following brief tutorial video.

SecurityGateway is a software-based email gateway/firewall that can be installed in front of any Exchange or other SMTP mail server, allowing you to block malicious content, such as spam, viruses, malware, and phishing attempts, before it reaches your mail server. You can learn more about SecurityGateway here.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

MDaemon Spam Filter Deep-Dive Webinar

In addition to its built-in spam filter, MDaemon includes many other security features that can be used to fight spam. In this webinar, we take you through an in-depth explanation of MDaemon’s spam-fighting features, and discuss recommended settings for best results.

 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Rebuilding the Bayesian Learning Process in SecurityGateway

SecurityGateway and MDaemon both feature Bayesian learning, which allows administrators (or users, when authorized) to feed samples of spam and non-spam email messages to designated public folders. By default, when 200 samples of spam and 200 samples of non-spam have been placed in these folders, the Bayesian learning process will process these folders and feed their contents to a database of what are known as tokens – snippets of spam-like and ham-like (non-spam) content, basically. We all know that we humans are not infallible – people make mistakes, so it’s possible for messages to be fed to the wrong folders. When this happens, users may begin to receive more false-negatives (spam that was not caught by the spam filter) or you may accumulate a number of false positives (legitimate email messages that were flagged as spam by the spam filter). When this happens, it may be necessary to rebuild the Bayesian database. You may recall that I posted  a blog entry awhile back on how to rebuild the Bayesian database for MDaemon. You can read that post here. For SecurityGateway, the concepts are the same, but the navigation and file locations are different. The following tutorial video explains how to rebuild the Bayesian database in SecurityGateway.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Bayesian Thumbs Up & Thumbs Down Icons Missing in WorldClient?

WorldClient, MDaemon’s webmail client, features icons that users can click on to feed examples of spam or non-spam to MDaemon’s Bayesian learning feature.

MDaemon’s Bayesian Learning feature allows you to feed samples of spam and non-spam  to designated folders. These samples are used to train the spam filter to recognize spam and non-spam messages. The more samples you feed these folders, the more accurate your spam filter can be over time. This feature is especially useful if you work in an industry that uses medical or financial terms. If you work for a bank, messages containing pharmaceutical terminology can be handled with greater scrutiny, while messages of a financial nature can be treated with less suspicion. The same is true if you work for a medical facility. Your daily email correspondence may contain messages with names of medications or other pharmacy related terms, while they may not contain many words of a financial nature. So if you’re a bank & you receive a great deal of spam with the names of medications in them, you can feed those messages to your Bayesian Learning folder so that MDaemon can learn from them based on your specific business.

Using WorldClient, MDaemon’s webmail client, users can feed examples of spam and non-spam to MDaemon’s Bayesian Learning system using the Thumbs Up & Thumbs Down icons in the upper toolbar. But what if these icons are missing for a particular user, or for all users? Or, what if you as the administrator do not want users to have access to the Bayesian learning folders due to messages being improperly fed to the wrong folders? In this situation, you could create two more folders for spam and non-spam messages, then grant your users access those folders instead of to the main Bayesian learning folders. This means, though, that the thumbs up & thumbs down icons will not appear in WorldClient, but users would still be able to access the new public folders you created (if you granted them access via Public Folder Manager) for placement of samples of spam or non-spam.

I’ve put together the following tutorial video, which shows how to enable the Thumbs up & Thumbs down icons in WorldClient.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •