To ensure MDaemon and its plugins provide the most up-to-date security and best performance, we often provide maintenance updates to help our customers get the most out of their business email and collaboration server.
In the early to mid nineties, our founder and CEO Arvel Hathcock recognized the need for a less expensive, easier to manage alternative to Microsoft Exchange Server for small-to-medium businesses. With solid programming skills and an entrepreneurial spirit, he created the MDaemon Email Server and launched Alt-N Technologies.
Through word of mouth among IT professionals and with the help of great channel partners, the popularity of MDaemon spread to customers across the globe. Over the years and in various geographies, the product name became more recognized than Alt-N Technologies. To better leverage the name recognition that had been built over the many years of MDaemon email server popularity, the company was renamed to MDaemon Technologies in January of 2018.
Helping the World Communicate
From the introduction of Webmail in 1997 and instant messaging in 2001, to support for third-party XMPP chat clients in 2016, MDaemon has helped improved communication for businesses in over 90 countries.
Focused on Security
Alongside these communication features came enhancements in security. IP Shielding, which is used to help prevent spoofing by blocking messages from unauthorized IP addresses, was introduced in 1996 before MDaemon even had version numbers (for some great historical information, check out the Ancient-History.txt file located inside the MDaemon/Docs directory). Relay control was added the following year, with many new security features added with each new release. In 2005, MDaemon became the first Windows-based email server to offer DKIM (Domainkeys Identified Mail) as a new tool in the fight against spoofing. And to address the growing need to protect confidential data and meet growing regulations in health care, finance, and other industries, email encryption with OpenPGP was added in 2015.
Sharing & Collaboration
MDaemon’s collaboration tools have evolved over the years as well. Instant messaging was added in 2001, followed by shared calendars and groupware in 2002 and 2003. Scheduling meetings with multiple attendees was made easier by the addition of free/busy in 2006.
As business communication needs evolve, so does MDaemon, with new features on the way for 2019. If you’d like to be among the first to benefit, follow us on twitter for the latest news & product updates.
Before the invention of email, mail that arrived in your physical mailbox often contained pamphlets, sales brochures, credit card offers, and product catalogs. Much of this waste was thrown away and ended up in a landfill somewhere. Today, the equivalent and often more annoying nuisance is spam. Spam comes in many forms, and has evolved from dubious product claims, miracle supplements, conspiracy theories, and offers of easy money to more malicious threats such as ransomware attacks and targeted spear-phishing.
While the amount of spam as a percentage of total email traffic has gone down recently, the severity of email-borne threats has increased.
So how can users protect themselves from becoming the next victim to these malicious threats? There are numerous spam fighting tools in MDaemon and other mail servers, but server-side tools are only half of the spam-fighting equation. The other half is user education. With this in mind, here are 10 things users can do to reduce the amount of spam they receive.
Unsubscribe – How often have you been asked by a store clerk for your email address or placed an order online? In either of these situations, chances are you may have ended up on a company’s mailing list. When you receive email from these companies, take the time to open the message and click on the Unsubscribe link. But first, make sure the email is in fact coming from a reputable company (Here’s how). If you’re not completely sure where the email came from, then report the message as spam instead of unsubscribing.
Create a secondary email account – While we’re on the topic of retailers having your email address, you might also consider having a second email address that’s used solely for the purpose of store records or placing orders. This allows you to keep solicitations from these vendors out of your primary inbox.
Keep your email address private – If your email address is visible on social networking sites like Facebook or Twitter, then it’s also visible to spammers. Spammers have tools that can easily detect visible email addresses and add them to their mailing lists. This is why it’s often recommended that, if you MUST use your email address on one of these sites, you mask it by changing its format. For example, type out “at” instead of using the “@” symbol. With the prevalence of Business Email Compromise (BEC) attacks, it’s even more important for executives to be mindful of posting their email address or other personal information, as scammers will use this information to send out well-crafted spear-phishing emails.
Don’t reply to ANY spam or unsolicited marketing messages – Most spam messages use forged sender (return-path) addresses, so replying to a spam message will almost never result in the spammer getting your message. Replying to legitimate marketing messages tells the sender that your email address is valid, and thus, they may continue to send you spam.
Never click on links – Often, when you click on a link in a spam email, it specifically identifies you to the spammer as having received the message. Not only can clicking links in spam messages identify you to the spammer; you can also end up getting infected with malware.
Block Images – Even if you don’t click any links, an image opening in your email can alert spammers to a valid address. Spammers often try to be stealthy by inserting images that are only one pixel wide. If your mail client is configured to automatically open images, spammers can be alerted that your email address is valid. We recommend configuring your email client to automatically block images to reduce spam. You can always choose to view images in specific emails if you are sure the sender and content are legitimate.
Make your email address unique – Spammers often use common names to try to guess email addresses. If your email address is unique, it makes it harder for spammers to guess your email address.
Don’t fall for scams – If you receive an anonymous email from someone who appears to be in dire need, who promises you large sums of money for your small up-front investment, you may be witnessing the familiar Nigerian email scam, or one of many other variants. What are the odds that someone you’ve never met, who’s in a desperate situation, would contact you for help? Don’t fall for this scam.
Never forward email from someone you don’t know – I often see email messages with some type of public service announcement, petition, or other bit of advice, and often, there’s a request to forward the message to your friends. Don’t fall for this, as it’s a prime opportunity for spammers to harvest email addresses.
Blocking junk email is not just the job of the mail server administrator. A well-informed email user can mean the difference between spam that is manageable and spam that is out of control. These ten tips will help you reduce spam, and help prevent you from becoming a victim to phishing or malware.
Let’s face it. We all make mistakes. At one time or another, most of us have gotten a little hasty with the Send button when composing an email, and sent it to the wrong Frank Thomas, accidentally CC’d the customer in an inter-office communication, or realized the email was probably not such a good idea in the first place. These examples can be quite embarrassing, but other mistakes can result in legal trouble for you or your company. For example, healthcare providers can violate HIPAA regulations by sending an email containing protected health information (PHI) to the wrong person. Penalties for these HIPAA violations can be steep, ranging from $50,000 to $1.5 million.
To avoid these situations, your email solution should have a feature that lets you delay delivery of a message. With MDaemon Webmail, message scheduling options are just a mouse click away.
“This is all great, but why would I want to delay delivery of an important email message?”
There are many reasons why one might want to defer delivery of an email message.
Delaying message delivery for an hour or even a few minutes gives you time to take a break from it and review it with a refreshed perspective – providing another opportunity to catch errors you might have missed before.
Some email conversations go back and forth too quickly, so you might respond before you have all the information or ask questions that are already answered in the next message. Deferred delivery allows you to slow the process down so you’re not having to play email tag.
Deferred delivery can help prevent you from sending an angry email response during heated discussions. Allowing yourself a little extra time to re-think your message or to cancel the message altogether can help prevent a great deal of workplace conflict.
For companies that operate globally, deferred delivery allows users to schedule messages for delivery during peak business hours in the recipient’s country, increasing the likelihood that it will be seen.
We demonstrate how to defer delivery of an email message in MDaemon Webmail in this week’s tutorial video.
I’ve heard various opinions on what to do with an MDaemon account belonging to someone who has left a company. In a recent post on our community forums, an MDaemon administrator had set a former employee’s account to Frozen, and then configured an auto-responder for the account. Frozen accounts cannot send outbound email, and the user of a frozen account cannot check for new email.
Account is FROZEN (can receive but cannot send or check email)
Select this option if you wish to allow the account to receive incoming messages but prevent it from being able to check or send messages. This is useful when, for example, you suspect the account has been hijacked. Freezing the account would prevent the malicious user from accessing its messages or using the account to send messages, but it would still be able to receive its incoming email.
Let’s say an employee has left the company. As the MDaemon administrator, I don’t want that employee’s account to be used, so I place it in Frozen status via the main Account Details screen of the account editor, as shown here.
Now let’s say I’ve enabled an auto-responder for the account, as shown here.
In the following example, I’ve created the account email@example.com, and have configured the auto-responder.
When I send a test to firstname.lastname@example.org from email@example.com, the MDaemon server hosting the @brad.ssllock.com domain places the message in the frozen account’s mailbox, but the user is unable to log into webmail or access the inbox via another email client. When MDaemon then tries to send the auto-responder that we enabled for the frozen account, the message is moved to the Holding queue and the following is written to the MDaemon logs:
Mon 2018-06-18 11:18:33.406: Session 042192; child 0001
Mon 2018-06-18 11:18:33.406: Parsing message <c:\mdaemon\queues\remote\pd50000000056.msg>
Mon 2018-06-18 11:18:33.406: * From: firstname.lastname@example.org
Mon 2018-06-18 11:18:33.406: * To: Training@mdaemon.com
Mon 2018-06-18 11:18:33.406: * Subject: RE: Test to Frozen Account with Auto-Responder
Mon 2018-06-18 11:18:33.406: * Size (bytes): 3822
Mon 2018-06-18 11:18:33.406: * Message-ID: MDAEMON0005201806181118.AA1812640@mail.brad.ssllock.com Mon 2018-06-18 11:18:33.421: Message moved to holding queue because sending account is disabled Mon 2018-06-18 11:18:33.421: SMTP session terminated (Bytes in/out: 0/0) Mon 2018-06-18 11:18:33.421: ———-
The result is that the auto-response never gets sent because the account is frozen.
Rather than freezing the account, you could simply change the account’s password so that it can still accept mail and send auto-response messages. This can be done via the main Account Details screen, as shown here.
If you prefer to freeze the account instead of changing its password, another option would be to create a content filter rule that would send your desired response to the original message sender instead of using the auto-responder. That content filter rule would look something like this:
In this example, I created a rule that sends a reply to the sender of messages addressed to email@example.com using the “Send a NOTE 1” action. I then entered the $SENDER$ macro and the desired response. This message will be sent back to the message sender in response to a message originally sent to the frozen account.
You can get pretty creative with MDaemon’s content filter to perform a variety of tasks, so hopefully you found this helpful!
Whether you work in healthcare, finance, education, or another highly regulated industry, it’s likely that you’re required to meet increasingly stringent regulations on email security and privacy, such as the General Data Protection Regulation (GDPR). But even if these strict requirements do not apply to your industry, you still want to maintain customer trust by ensuring their confidential data is safe.
To address these concerns, MDaemon offers email encryption using OpenPGP.
In the past, implementations of OpenPGP have been cumbersome, requiring users to manually exchange encryption keys or to take complex steps to send encrypted messages. With MDaemon, in addition to providing various ways to automate the encryption key exchange and server-side encryption processes, MDaemon Webmail users can easily enable per-message encryption right from within the message compose window.
Here’s a quick video to demonstrate how easy it is to encrypt messages in MDaemon Webmail.
I’ve got some exciting news. Our latest & greatest MDaemon release is now available for download! With MDaemon 18, we introduce new features that benefit administrators and end-users alike. Let’s go over the top new features. You can view a more comprehensive list of all new features and enhancements in the MDaemon release notes.
New Features for Administrators
Single Installer for All Licensed Features
The MDaemon download/install file now includes all former plug-ins which are now “licensed features” of MDaemon that require a separate license key.
When you enable each feature for the first time, a 30-day trial is activated. You can purchase a full license for these features on our website or through your local MDaemon reseller. Purchase options can also be found under the Help menu in MDaemon.
Enhanced Security to Avoid DNS Attacks
DNSSEC is a technology that digitally signs DNS data so that you can be assured that it’s valid. It was created to combat man-in-the-middle attacks that are possible in the DNS system. These types of attacks can lead to users being directed to a hijacker’s own deceptive website in an attempt to collect personal data. To help ensure MDaemon does not become a victim of these attacks, it is now capable of requesting DNSSEC be used when available.
Remote Administration – Set Security Features to their Recommended Settings
If you have adjusted MDaemon’s security settings over time and are unsure of the best settings for optimal security, you can now set each security feature to its recommended setting with a single mouse click in MDaemon Remote Administration.
Antivirus – Mailbox Scanning
When MDaemon Antivirus is enabled, administrators can now configure a schedule to scan all mailboxes. This allows the detection of any infected messages that may have passed through before any new virus definitions were created to detect the latest threats.
ActiveSync – Exempt Known Devices from Location Screening
An option has been added to allow a previously known device to bypass location screening when connecting via MDaemon ActiveSync. Administrators can enable this option to allow users to continue to access their account from locations that are configured to have their authentication attempts blocked. This is useful if you have users who are traveling and need access to their email.
New Features for End Users
Remote Administration & Webmail – Remember Me for Easier Access
MDaemon Webmail and Remote Administration users can enable the Remember Me feature to automatically login without having to enter a username and password. The Remember Me duration can be configured by the administrator for up to 365 days.
Webmail – Simplified Email Encryption
When composing a message, MDaemon Webmail users can use the Advanced Options screen to instruct MDaemon to encrypt the message, retrieve their public key, or retrieve the public key of another user (if available). This greatly simplifies the process of sending secure, encrypted email using MDaemon PGP.
Webmail – Message Snooze
MDaemon Webmail users can snooze emails to temporarily remove them from their inbox until they need them. The user’s email will reappear in the inbox at the configured time, whether it’s tomorrow, next week, or when you get home. Snoozed messages can be displayed at any time using the View Snoozed Messages options.
Webmail – Collaboration & Security for Public Calendars
MDaemon Webmail users can publish a calendar to a publicly accessible URL for easy sharing and collaboration. For added security, these public calendars can be password protected. To publish a calendar, click the Share Folder icon for your calendar under the Options|Folders menu in MDaemon Webmail, enter an optional display name and password under the Public Access tab, and then click on Publish Calendar. Anyone who has the calendar’s URL and optional password can view it in their browser. More information on how to enable this feature globally or on a per-user basis can be found in the MDaemon release notes.
Webmail – Text-to-Speech
When viewing a message in MDaemon Webmail using the WorldClient, LookOut, or Mobile theme, users can click on a button to listen to the message.
Note: This feature is currently only supported in Chrome or Firefox.
Are you running an older version of MDaemon or using a different email platform? Download the latest MDaemon & see what you’ve been missing!
If you’d like to learn more about MDaemon & what’s new with version 18, or if you’re considering changing platforms for a simpler and more cost-effective email solution, here are a few links you may find helpful.
MDaemon’s webmail client is loaded with a variety of features for organization, collaboration and security. As a daily user of MDaemon Webmail (I use it almost exclusively instead of my desktop email client), I like to keep important messages organized so I can find them later. This is made easy with message categories (in addition to follow-up flags). Within the MDaemon webmail client, you’ll find a variety of built-in categories, or you can create your own custom categories. Multiple categories can be assigned to a message, and messages can be arranged by category, keeping all of your important messages in one, easy-to-find place.
If you’re like me, you like shortcuts that make life easier when performing common tasks. For example, if you work in finance or accounting, wouldn’t it be nice to be able to pull up all emails with the word “invoice” with a single mouse click? Well now you can. With the latest release of MDaemon, we introduced search folders in MDaemon Webmail. This week’s 30-Second Email Tips video will walk you through the setup process.
Search folders were added in MDaemon 17.5.1. If you’re running an older version of MDaemon, you could be missing out on some great new features!
As we welcome in a New Year, we are also welcoming a new company name. Alt-N Technologies is transitioning to MDaemon Technologies. This change is now in motion and will be implemented gradually across our many company assets.
We are adopting the new name to better leverage the brand equity and recognition we have built over the many years with our trusted email server. The new name will consolidate our brand and align the company around a globally recognized name.
With the name change also brings the new tag line: Simple Secure Email. We believe this tag line summarizes the value many of our global customers and partners have expressed over the years and is synonymous with the attributes that have made MDaemon a popular email server with many IT professionals and resellers.
We may have a new name but our mission and focus remain the same: develop features in our email server and email gateway products that deliver value (reliability, security, and flexibility) to the IT professionals that put their trust in us.
For more than 20 years we have succeeded by listening to our global customers and delivering exceptional service. We treat our employees, customers and channel partners like family and we believe this is just one of the many reasons why we remain a trusted vendor in an ever changing and competitive email and email security market. We may not be the biggest company you will deal with, but we strive to be the best company you deal with!