10 Ways to Reduce Spam in Your Inbox

SpamBefore the invention of email, mail that arrived in your physical mailbox often contained pamphlets, sales brochures, credit card offers, and product catalogs. Much of this waste was thrown away and ended up in a landfill somewhere. Today, the equivalent and often more annoying nuisance is spam. Spam comes in many forms, and has evolved from dubious product claims, miracle supplements, conspiracy theories, and offers of easy money to more malicious threats such as ransomware attacks and targeted spear-phishing.

While the amount of spam as a percentage of total email traffic has gone down recently, the severity of email-borne  threats has increased.

So how can users protect themselves from becoming the next victim to these malicious threats? There are numerous spam fighting tools in MDaemon and other mail servers, but server-side tools are only half of the spam-fighting equation. The other half is user education. With this in mind, here are 10 things users can do to reduce the amount of spam they receive.

  1. Unsubscribe – How often have you been asked by a store clerk for your email address or placed an order online? In either of these situations, chances are you may have ended up on a company’s mailing list. When you receive email from these companies, take the time to open the message and click on the Unsubscribe link. But first, make sure the email is in fact coming from a reputable company (Here’s how). If you’re not completely sure where the email came from, then report the message as spam instead of unsubscribing.
  2. Create a secondary email account – While we’re on the topic of retailers having your email address, you might also consider having a second email address that’s used solely for the purpose of store records or placing orders. This allows you to keep solicitations from these vendors out of your primary inbox.
  3. Keep your email address private – If your email address is visible on social networking sites like Facebook or Twitter, then it’s also visible to spammers. Spammers have tools that can easily detect visible email addresses and add them to their mailing lists. This is why it’s often recommended that, if you MUST use your email address on one of these sites, you mask it by changing its format. For example, type out “at” instead of using the “@” symbol. With the prevalence of Business Email Compromise (BEC) attacks, it’s even more important for executives to be mindful of posting their email address or other personal information, as scammers will use this information to send out well-crafted spear-phishing emails.
  4. Before you join a mailing list, make sure the list owner cannot sell your email address – If the list you’re joining has a privacy policy, read it thoroughly and make sure your information cannot be sold to a third party.
  5. Don’t reply to ANY spam or unsolicited marketing messages – Most spam messages use forged sender (return-path) addresses, so replying to a spam message will almost never result in the spammer getting your message. Replying to legitimate marketing messages tells the sender that your email address is valid, and thus, they may continue to send you spam.
  6. Never click on links – Often, when you click on a link in a spam email, it specifically identifies you to the spammer as having received the message. Not only can clicking links in spam messages identify you to the spammer; you can also end up getting infected with malware.
  7. Block Images – Even if you don’t click any links, an image opening in your email can alert spammers to a valid address. Spammers often try to be stealthy by inserting images that are only one pixel wide. If your mail client is configured to automatically open images, spammers can be alerted that your email address is valid. We recommend configuring your email client to automatically block images to reduce spam. You can always choose to view images in specific emails if you are sure the sender and content are legitimate.
  8. Make your email address unique – Spammers often use common names to try to guess email addresses. If your email address is unique, it makes it harder for spammers to guess your email address.
  9. Don’t fall for scams – If you receive an anonymous email from someone who appears to be in dire need, who promises you large sums of money for your small up-front investment, you may be witnessing the familiar Nigerian email scam, or one of many other variants. What are the odds that someone you’ve never met, who’s in a desperate situation, would contact you for help? Don’t fall for this scam.
  10. Never forward email from someone you don’t know – I often see email messages with some type of public service announcement, petition, or other bit of advice, and often, there’s a request to forward the message to your friends. Don’t fall for this, as it’s a prime opportunity for spammers to harvest email addresses.

Blocking junk email is not just the job of the mail server administrator. A well-informed email user can mean the difference between spam that is manageable and spam that is out of control. These ten tips will help you reduce spam, and help prevent you from becoming a victim to phishing or malware.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Are you a little hasty with the Send button? Avoid costly mistakes with Deferred Delivery!

Let’s face it. We all make mistakes. At one time or another, most of us have gotten a little hasty with the Send button when composing an email, and sent it to the wrong Frank Thomas, accidentally CC’d the customer in an inter-office communication, or realized the email was probably not such a good idea in the first place. These examples can be quite embarrassing, but other mistakes can result in legal trouble for you or your company. For example, healthcare providers can violate HIPAA regulations by sending an email containing protected health information (PHI) to the wrong person. Penalties for these HIPAA violations can be steep, ranging from $50,000 to $1.5 million.

To avoid these situations, your email solution should have a feature that lets you delay delivery of a message. With MDaemon Webmail, message scheduling options are just a mouse click away.

“This is all great, but why would I want to delay delivery of an important email message?”

There are many reasons why one might want to defer delivery of an email message.

  • Delaying message delivery for an hour or even a few minutes gives you time to take a break from it and review it with a refreshed perspective – providing another opportunity to catch errors you might have missed before.
  • Some email conversations go back and forth too quickly, so you might respond before you have all the information or ask questions that are already answered in the next message. Deferred delivery allows you to slow the process down so you’re not having to play email tag.
  • Deferred delivery can help prevent you from sending an angry email response during heated discussions. Allowing yourself a little extra time to re-think your message or to cancel the message altogether can help prevent a great deal of workplace conflict.
  • For companies that operate globally, deferred delivery allows users to schedule messages for delivery during peak business hours in the recipient’s country, increasing the likelihood that it will be seen.

We demonstrate how to defer delivery of an email message in MDaemon Webmail in this week’s tutorial video.

Would you like to learn more about this and other MDaemon features? Click here to schedule a personal demo of MDaemon. Deferred Delivery is explained further here in the MDaemon Help fileHere’s a handy list of features, or you can download your free trial of MDaemon and see for yourself how easy it is to use!

On our next post, we’ll discuss MDaemon’s message recall feature and demonstrate three ways to recall a message, so check back soon for more tips & tricks!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Can you Have an Auto-Responder on a Frozen MDaemon Account?

I’ve heard various opinions on what to do with an MDaemon account belonging to someone who has left a company. In a recent post on our community forums, an MDaemon administrator had set a former employee’s account to Frozen, and then configured an auto-responder for the account. Frozen accounts cannot send outbound email, and the user of a frozen account cannot check for new email.

From this page of the MDaemon manual:

Account is FROZEN (can receive but cannot send or check email)

Select this option if you wish to allow the account to receive incoming messages but prevent it from being able to check or send messages. This is useful when, for example, you suspect the account has been hijacked. Freezing the account would prevent the malicious user from accessing its messages or using the account to send messages, but it would still be able to receive its incoming email.

The result of this is that auto-response messages from frozen accounts to external (non-local) addresses are sent to the Holding queue (more information on the Holding queue can be found here).

Let’s take a closer look at what happens.

Let’s say an employee has left the company. As the MDaemon administrator, I don’t want that employee’s account to be used, so I place it in Frozen status via the main Account Details screen of the account editor, as shown here.

MDaemon Account Editor Showinng Frozen Account
MDaemon Account Editor Showinng Frozen Account

Now let’s say I’ve enabled an auto-responder for the account, as shown here.

MDaemon Account Auto-Responder Enabled
MDaemon Account Auto-Responder Enabled

In the following example, I’ve created the account frozen@brad.ssllock.com, and have configured the auto-responder.

When I send a test to frozen@brad.ssllock.com from training@mdaemon.com, the MDaemon server hosting the @brad.ssllock.com domain places the message in the frozen account’s mailbox, but the user is unable to log into webmail or access the inbox via another email client.  When MDaemon then tries to send the auto-responder that we enabled for the frozen account, the message is moved to the  Holding queue and the following is written to the MDaemon logs:

Mon 2018-06-18 11:18:33.406: Session 042192; child 0001
Mon 2018-06-18 11:18:33.406: Parsing message <c:\mdaemon\queues\remote\pd50000000056.msg>
Mon 2018-06-18 11:18:33.406: *  From: frozen@brad.ssllock.com
Mon 2018-06-18 11:18:33.406: *  To: Training@mdaemon.com
Mon 2018-06-18 11:18:33.406: *  Subject: RE: Test to Frozen Account with Auto-Responder
Mon 2018-06-18 11:18:33.406: *  Size (bytes): 3822
Mon 2018-06-18 11:18:33.406: *  Message-ID: MDAEMON0005201806181118.AA1812640@mail.brad.ssllock.com
Mon 2018-06-18 11:18:33.421: Message moved to holding queue because sending account is disabled
Mon 2018-06-18 11:18:33.421: SMTP session terminated (Bytes in/out: 0/0)
Mon 2018-06-18 11:18:33.421: ———-

The result is that the auto-response never gets sent because the account is frozen.

The Solution

Rather than freezing the account, you could simply change the account’s password so that it can still accept mail and send auto-response messages. This can be done via the main Account Details screen, as shown here.

Account Details
Account Details

If you prefer to freeze the account instead of changing its password, another option would be to create a content filter rule that would send your desired response to the original message sender instead of using the auto-responder. That content filter rule would look something like this:

Content Filter Rule
Content Filter Rule

In this example, I created a rule that sends a reply to the sender of messages addressed to frozen.account@example.com using the “Send a NOTE 1” action. I then entered the $SENDER$ macro and the desired response. This message will be sent back to the message sender in response to a message originally sent to the frozen account.

You can get pretty creative with MDaemon’s content filter to perform a variety of tasks, so hopefully you found this helpful!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

How to Encrypt your Email Messages from MDaemon Webmail in Three Easy Steps!

Whether you work in healthcare, finance, education, or another highly regulated industry, it’s likely that you’re required to meet increasingly stringent regulations on email security and privacy, such as the General Data Protection Regulation (GDPR). But even if these strict requirements do not apply to your industry, you still want to maintain customer trust by ensuring their confidential data is safe.

To address these concerns, MDaemon offers email encryption using OpenPGP.

In the past, implementations of OpenPGP have been cumbersome, requiring users to manually exchange encryption keys or to take complex steps to send encrypted messages. With MDaemon, in addition to providing various ways to automate the encryption key exchange and server-side encryption processes, MDaemon Webmail users can easily enable per-message encryption right from within the message compose window.

Here’s a quick video to demonstrate how easy it is to encrypt messages in MDaemon Webmail.

A more comprehensive overview of MDaemon’s OpenPGP settings and how to configure them can be found in this knowledge base article.

Upgrade MDaemon to Take Advantage of the Latest Features!

Are you running an older version of MDaemon? Check out our Features by Version chart to see what you may be missing out on! Server-side email encryption with OpenPGP was introduced in MDaemon 15.5. Click here for upgrade & renewal instructions.

If you’re not currently using MDaemon and would like to see how an affordable, easy-to-use mail server can benefit your business, click here to download your free trial!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Introducing MDaemon 18: Single Installer for All Licensed Features, AntiVirus Mailbox Scanning, and Much More!

I’ve got some exciting news. Our latest & greatest MDaemon release is now available for download! With MDaemon 18, we introduce new features that benefit administrators and end-users alike. Let’s go over the top new features. You can view a more comprehensive list of all new features and enhancements in the MDaemon release notes.

New Features for Administrators

Single Installer for All Licensed Features

The MDaemon download/install file now includes all former plug-ins which are now “licensed features” of MDaemon that require a separate license key.

When you enable each feature for the first time, a 30-day trial is activated. You can purchase a full license for these features on our website or through your local MDaemon reseller. Purchase options can also be found under the Help menu in MDaemon.

Enhanced Security to Avoid DNS Attacks

DNSSEC is a technology that digitally signs DNS data so that you can be assured that it’s valid. It was created to combat man-in-the-middle attacks that are possible in the DNS system. These types of attacks can lead to users being directed to a hijacker’s own deceptive website in an attempt to collect personal data. To help ensure MDaemon does not become a victim of these attacks, it is now capable of requesting DNSSEC be used when available.

DNSSEC - Enhanced Protection Against DNS Attacks
DNSSEC – Enhanced Protection Against DNS Attacks

Remote Administration – Set Security Features to their Recommended Settings

If you have adjusted MDaemon’s security settings over time and are unsure of the best settings for optimal security, you can now set each security feature to its recommended setting with a single mouse click in MDaemon Remote Administration.

MDaemon Remote Administration - Set Security Settings to Recommended Values
MDaemon Remote Administration – Set Security Settings to Recommended Values

Antivirus – Mailbox Scanning

When MDaemon Antivirus is enabled, administrators can now configure a schedule to scan all mailboxes. This allows the detection of any infected messages that may have passed through before any new virus definitions were created to detect the latest threats.

MDaemon Antivirus Mailbox Scan
MDaemon Antivirus Mailbox Scan

ActiveSync – Exempt Known Devices from Location Screening

An option has been added to allow a previously known device to bypass location screening when connecting via MDaemon ActiveSync. Administrators can enable this option to allow users to continue to access their account from locations that are configured to have their authentication attempts blocked. This is useful if you have users who are traveling and need access to their email.

Exempt Mobile ActiveSync Devices from Location Screening
Exempt Mobile ActiveSync Devices from Location Screening

New Features for End Users

Remote Administration  & Webmail – Remember Me for Easier Access

MDaemon Webmail and Remote Administration users can enable the Remember Me feature to automatically login without having to enter a username and password. The Remember Me duration can be configured by the administrator for up to 365 days.

Remember Me for MDaemon Webmail and Remote Administration
Remember Me for MDaemon Webmail and Remote Administration

Webmail – Simplified Email Encryption

When composing a message, MDaemon Webmail users can use the Advanced Options screen to instruct MDaemon to encrypt the message, retrieve their public key, or retrieve the public key of another user (if available). This greatly simplifies the process of sending secure, encrypted email using MDaemon PGP.

MDaemon Webmail Encryption using OpenPGP
MDaemon Webmail Encryption using OpenPGP

Webmail  – Message Snooze

MDaemon Webmail users can snooze emails to temporarily remove them from their inbox until they need them. The user’s email will reappear in the inbox at the configured time, whether it’s tomorrow, next week, or when you get home.  Snoozed messages can be displayed at any time using the View Snoozed Messages options.

MDaemon Webmail - Message Snooze
MDaemon Webmail – Message Snooze

Webmail  – Collaboration & Security for Public Calendars

MDaemon Webmail users can publish a calendar to a publicly accessible URL for easy sharing and collaboration. For added security, these public calendars can be password protected. To publish a calendar, click the Share Folder icon for your calendar under the Options|Folders menu in MDaemon Webmail, enter an optional display name and password under the Public Access tab, and then click on Publish Calendar. Anyone who has the calendar’s URL and optional password can view it in their browser. More information on how to enable this feature globally or on a per-user basis can be found in the MDaemon release notes.

MDaemon Webmail - Publish Calendar to Public URL
MDaemon Webmail – Publish Calendar to Public URL

Webmail – Text-to-Speech

When viewing a message in MDaemon Webmail using the WorldClient, LookOut, or Mobile theme, users can click on a button to listen to the message.

MDaemon Webmail - Text-to-Speech
MDaemon Webmail – Text-to-Speech

Note: This feature is currently only supported in Chrome or Firefox.

Are you running an older version of MDaemon or using a different email platform? Download the latest MDaemon & see what you’ve been missing!

If you’d like to learn more about MDaemon & what’s new with version 18, or if you’re considering changing platforms for a simpler and more cost-effective email solution, here are a few links you may find helpful.

As always, I’ll be happy to answer any questions via the Comments section, or if you need further assistance, you can click here to contact our Support staff.

And one more thing while we’re on the topic of product updates. Is there a feature you’d like us to add to a future version of MDaemon? Click here & let us know!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Never lose an important message. Organize your Inbox with message Categories!

MDaemon’s webmail client is loaded with a variety of features for organization, collaboration and security. As a daily user of MDaemon Webmail (I use it almost exclusively instead of my desktop email client), I like to keep important messages organized so I can find them later. This is made easy with message categories (in addition to follow-up flags). Within the MDaemon webmail client, you’ll find a variety of built-in categories, or you can create your own custom categories. Multiple categories can be assigned to a message, and messages can be arranged by category, keeping all of your important messages in one, easy-to-find place.

Check out our latest tutorial video to learn more, or if you’re not yet an MDaemon user, click here to download your free trial!

 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Save Time by Saving Frequently-Performed Searches as Folders

If you’re like me, you like shortcuts that make life easier when performing common tasks. For example, if you work in finance or accounting, wouldn’t it be nice to be able to pull up all emails with the word “invoice” with a single mouse click? Well now you can. With the latest release of MDaemon, we introduced search folders in MDaemon Webmail. This week’s 30-Second Email Tips video will walk you through the setup process.

Search folders were added in MDaemon 17.5.1. If you’re running an older version of MDaemon, you could be missing out on some great new features!

If you’re not currently using MDaemon, but would like to try it out, click here to download your free 30-day trial!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

A New Year and a New Name

As we welcome in a New Year, we are also welcoming a new company name. Alt-N Technologies is transitioning to MDaemon Technologies. This change is now in motion and will be implemented gradually across our many company assets.

We are adopting the new name to better leverage the brand equity and recognition we have built over the many years with our trusted email server. The new name will consolidate our brand and align the company around a globally recognized name.

With the name change also brings the new tag line: Simple Secure Email. We believe this tag line summarizes the value many of our global customers and partners have expressed over the years and is synonymous with the attributes that have made MDaemon a popular email server with many IT professionals and resellers.

We may have a new name but our mission and focus remain the same: develop features in our email server and email gateway products that deliver value (reliability, security, and flexibility) to the IT professionals that put their trust in us.

For more than 20 years we have succeeded by listening to our global customers and delivering exceptional service. We treat our employees, customers and channel partners like family and we believe this is just one of the many reasons why we remain a trusted vendor in an ever changing and competitive email and email security market. We may not be the biggest company you will deal with, but we strive to be the best company you deal with!

To our current customers we thank you for allowing us the opportunity to earn your business. To prospective customers, we ask that you give us a try. Download a free 30 day trial of our products or look at our hosted services and partners.

We look forward to an exciting 2018 and the opportunity to serve you!

Happy New Year,
Kevin

Kevin Beatty
VP, Marketing & Business Development

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Alt-N Technologies is Renamed MDaemon Technologies

New Name to Leverage Global Brand Equity of Company’s Flagship Email Server

Grapevine, TX (USA) January 2, 2018 Alt-N Technologies announced today that, effective immediately, the Company’s legal name will be MDaemon Technologies, and that it will begin doing business under the new company name.

“We are adopting the new name to better leverage the brand equity and recognition we have built over the many years with our trusted email server,” said Jerry Donald, CEO of MDaemon Technologies. “The new name will consolidate our brand and align the company around a globally recognized name.”

With the name change also brings a new tag line: “Simple Secure Email. This tag line summarizes the value many of the Company’s global customers and partners have expressed over the years and is synonymous with the attributes that have made MDaemon a popular email server with many IT professionals and resellers.

More information about the name change can be found by visiting the MDaemon Technologies Blog.

About MDaemon Technologies

MDaemon Technologies develops email and email security software for the global small and medium enterprise business market. Founded in 1996, its products are trusted by organizations in over 140 countries and 25 languages. The company’s flagship products, MDaemon Messaging Server and SecurityGateway for Email Servers can be deployed in virtual, hosted cloud or private on-premise environments. The company’s products include the latest security technologies and require minimal support and administration to operate and maintain. The company uses a network of global distributors and resellers for the sale and support of its products.

###

Media Contact:
Kevin Beatty
MDaemon Technologies
(817) 601-3222 x214
kevin.beatty@mdaemon.com
www.mdaemon.com

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Block Hackers from Guessing Passwords with MDaemon’s Improved Dynamic Screening

If you have an email account (and in 2017, you probably have more than one), you are a target. More specifically, your email password is a target and a coveted prize for hackers. And let’s face it – hackers are not going away anytime soon. Because the barriers to entry are so low and the potential payoffs so large, hackers are more motivated than ever to try to steal your login credentials. As an MDaemon administrator, you are tasked with making sure your users use strong passwords, but here are a few things to consider when evaluating your password & security policies:

  • People often reuse passwords.
  • People tend to use the same password across multiple sites.
  • Hackers have access to a variety of password-generating tools that are freely available on the Internet.
  • Automated systems installed in botnets can crack complex passwords in a matter of minutes.
  • Password dictionaries reduce the effectiveness of password complexity policies.

To address these threats, MDaemon’s new Dynamic Screening features can be configured to track authentication failures for all protocols, including SMTP, POP, IMAP, WorldClient, and ActiveSync (among others). When a specified number of authentication attempts from a given IP address fail in a designated period of time, subsequent connections from the IP are blocked for a specified period of time. The affected email account can also be frozen – meaning the mailbox can collect mail, but the user cannot login to check email or send out email messages.

Watch our latest tutorial video to learn more!

In the event that a hacker or spammer still manages to guess an account’s password, MDaemon’s Account Hijack Detection feature will disable or freeze the account after a specific number of messages have been sent from an authenticated session in a given timeframe.

Do you have questions or comments? Let us know via the Comments section!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •