Happy New Year 2017

187567849

2016 was an exciting year for Alt-N Technologies as it marked the 20th anniversary of the MDaemon email server for Windows and our ongoing efforts to bring affordable, secure, and reliable email and email security software to the small-to-medium business segment. And as many of you know, a lot has changed in the last 20 years. One thing that hasn’t changed over the years is the ongoing threat of people trying to use email as the primary method to attack an organization or steal personal information.

Like any form of communication, it can be used for good or bad. Unfortunately, when email was initially developed, its creators didn’t anticipate the ways bad actors would exploit the technology through methods like phishing, hacking, and launching disabling applications like ransomware, Trojans, etc.

On this front, Alt-N will continue its efforts to improve the security and privacy of email with features like the ones we added in 2016, such as two-factor authentication, client and server-side encryption, and others.

2016 also reflected changes the industry continues to see in the area of deployment options. We saw some resellers and customers turning over the management of their email to MSPs (Managed Service Provider) or other third-party providers. The driver for this behavior varied by customer and industry but can be summarized by the desire to move hardware and software costs from capital expenditures (CAPex) to operational expenditures (OPex), with pros and cons to each approach. Alt-N worked with many existing and new channel partners to see MDaemon Private Cloud hosted email services introduced into new markets like Africa, Asia Pacific, and Latin America with continued growth in existing markets like North America and Europe.

With regards to hosted email services, we also received growing requests from direct customers asking Alt-N to manage their email. In response, Alt-N launched its own service using the MDaemon Private Cloud version of the software by introducing WorldClient Private Email for Business. With this new service offer, we have been able to meet the needs of direct customers who want us to manage their email, such as a 600-user customer who chose our service and support after having a large Office365 reseller attempt to convert them away from MDaemon!

For 2017, we will look for sales growth in new and emerging markets while working hard to earn and retain the loyalty and support of our existing customers. We will continue our efforts to add valuable features to MDaemon and SecurityGateway for Email Servers as those products remain the focus of our development efforts. We will be working on improving features that support cloud-based deployments while keeping a close eye on the needs of customers who want the control of on-premise and hybrid environments. And we will continue to look for new ways to enhance and bring value through our partnerships with complimentary vendors like MailStore, as well as seek out new technologies and vendors to make integration with our software simple and easy to use.

As we begin 2017, we want to express our sincere gratitude to those customers and channel partners who have helped Alt-N Technologies grow these past 20 years. We also look forward to earning the business of new customers and partners as we work toward a successful 2017.

As always, we invite you to tell us what you think by sending us your feedback. You can reach me directly at kevin(dot)beatty(at)altn(dot)com.

Happy New Year,

Kevin

 

 

 

Kevin Beatty
VP, Marketing & Business Development

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Get Aggressive at Fighting Spam by Re-training the Bayesian Learning Process in MDaemon

Fight spam with Bayesian Learning in MDaemon

In certain situations, it may be necessary to retrain your Bayesian Learning database. This can be necessary when spam messages are inadvertently placed in the Bayes non-spam folder, or when non-spam messages are placed in the Bayes spam folder.

To reset your Bayesian Learning and start training it again from scratch, you can perform the following steps:

1. Stop the MDaemon service.
2. Verify that the MDaemon executables (MDaemon.exe, CFEngine.exe, MDSpamD.exe, WorldClient.exe) have all exited memory using Windows task manager.
3. Rename the folder “/MDaemon/SpamAssassin/Bayes/” to”/MDaemon/SpamAssassin/Bayes.old/”
4. Re-launch MDaemon.
5. Go to Security | Spam Filter | Bayesian Classification, then click on the Learn button.

At this point, MDaemon recognizes that the Bayes folder isn’t there when the learn process is triggered, so it builds a new Bayes folder.

You will then need to feed Bayesian learning at least 200 spam and 200 non-spam messages (although the more the better) to start the Bayesian learning process again. Here is a knowledge base article on training the Bayesian learning process in MDaemon.

The Bayesian learning engine won’t process new messages until the administrator has taught it 200 spam and 200 non-spam messages. So even if an administrator were to manually press the Learn button OR have MDaemon learn automatically at midnight, the Bayesian engine  wouldn’t apply itself to new messages even though the new folder is created.

Once MDaemon recognizes that Bayesian learning has learned more than 200 spam and 200 non-spam messages, it will start applying what it has learned to new messages.

You can run a script to determine how many messages the Bayesian filter has learned from. This will come in handy for administrators who need to know how many more messages to feed the Bayesian filter. This process is explained in this knowledge base article.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

2016 Year in Review

2016 Year in ReviewWell, another year is almost over, but over the past year, we’ve managed to pack in lots of new features and enhancements to our products, and thanks to people like you sharing your ideas with us via the Alt-N Idea Engine, or on our community forums, our development staff can have a direct dialog with customers.  For 2016, we’ve added the following new features to MDaemon:

  • Two-factor authentication – Requires users to provide a verification code in addition to the username and password.
  • Spambot detection – When multiple messages claiming to come from the same sender are received from multiple IP addresses, a spambot is often the culprit. This feature helps keep those pesky Spambots from sending mail to your server.
  • XML API for complimentary applications – Allows third-party developers to integrate complimentary applications (such as CPanel, etc.) with MDaemon.
  • CardDAV support – Allows users to synchronize their contacts with their favorite mobile device or other mail client.
  • ActiveSync migration client – The ActiveSync migration client makes it easy to import data over from any other mail server that supports ActiveSync protocol version 14.1.
  • Third-party chat (XMPP) client – Users now have more options for chatting with their colleagues. In addition to the standard WorldClient Instant Messenger, users can now chat with their favorite XMPP client from their desktop or even their mobile device!
  • Automatic updates – With automatic updates, the administrator no longer has to manually check for new versions and install them. The automatic update feature will notify the postmaster when a new version is available. Updates can be automatically downloaded and installed at a designated time.
  • Centralized management of Outlook Connector settings – Outlook Connector settings can now be pushed out to users. All that’s needed is the email address and password. No more guessing at what to put in the other fields! We’ve updated our Outlook Connector Quick-Start guide to help you get started with this new functionality.

We also released SecurityGateway 4, which includes the following new features:

  • Enhanced anti-spoofing support with DMARC – DMARC allows domain owners to specify what actions to take for messages that don’t align with DKIM or SPF. This helps take out the guesswork on how to handle messages that may be spoofed.
  • Improved user interface for mobile devices – SecurityGateway’s web interface now scales to fit any screen size, so whether you’re using a mobile device or a PC, you’ll see a friendly, responsive interface that has been designed for the screen size you are using.
  • Send mail from each domain’s IP address – When you have more than one IP address on your server, each domain can be bound to a specific IP address. Mail from the domain will be sent from its assigned IP address.

We launched our blog over three years ago to provide another communication channel for our customers, to keep people updated on the latest email industry and security news, tips, product releases, and more. For 2016, we’ve compiled a list of the ten blog posts that generated the most interest. With email security featured prominently in the news over the last year, it comes as no surprise that the topics that generated the most interest revolve around email security and privacy.

Here are the top ten blog posts from 2016:

  1. SSL & TLS Best Practices
  2. New MDaemon Feature Helps Detect Spambots
  3. MDaemon 16.5, with Automatic Updates, WorldClient Categories, & More!
  4. Encrypting vs. Signing with OpenPGP – What’s the Difference?
  5. Encryption Options for Keeping your Private Email Messages Safe
  6. Teach Your Inbox to Recognize Spam
  7. Access your Outlook contacts from Anywhere by Importing them into WorldClient
  8. MDaemon 16 = 2016
  9. Why Passwords May Not Keep your Email Safe
  10. 10 Ways to Reduce Spam in your Inbox

Need a quick video lesson on a particular feature? This year, we also added all of our eLearning videos for MDaemon and SecurityGateway to our YouTube channel.

While 2016 is almost over, our development staff is already hard at work to bring you new & exciting features for 2017, so check back often for the latest updates!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

MDaemon 16.5 – with Automatic Updates, WorldClient Categories & More!

Earlier this year, we introduced several new security and convenience features for MDaemon, including contact synchronization via CardDAV, two-factor authentication in WorldClient, spambot detection, and an ActiveSync migration client for migrating from any mail platform that supports ActiveSync protocol version 14.1. If you’re running an older version of MDaemon and would like to see what you may be missing, check out our MDaemon Features by Version page for all features by release version.

For MDaemon 16.5, we continue the trend of packing in new features for both administrators and end users.

Administrators will Benefit From these New Features:

Centralized Management of Outlook Users

Outlook Connector Client Settings

Outlook Connector allows Outlook users to share their email, calendars, contacts, tasks and notes. In previous versions of MDaemon and Outlook Connector, users would configure all settings on the Outlook Connector client, including host names, SSL and port settings, and other preferences. Beginning with MDaemon 16.5 and Outlook Connector 4.0 (also released today), these settings can now be stored centrally in MDaemon and pushed out to clients. When a new Outlook Connector profile is created, only the username and password are needed. All other settings are retrieved from MDaemon with the click of a button.

Unique Public Key Management for Encryption Security Control

OpenPGP Encryption Settings

OpenPGP uses public/private key pairs to encrypt and decrypt messages. If I want to send you an encrypted message, I would need to obtain your public key, which is used to encrypt the message, and you would decrypt it with your private key. WorldClient, MDaemon’s webmail client, can now be used as a basic public key server for exchanging public encryption keys. This allows WorldClient to honor requests for your users’ public keys using a specially formatted URL. Additionally, MDaemon’s OpenPGP feature now supports collection of public keys over DNS. This helps to automate the process of exchanging encryption keys.

Automatic Product Updates

Automatic Updates
Automatic Updates

It’s easier to ensure that you’re running the latest version of MDaemon, Outlook Connector, and SecurityPlus with the new Automatic Updates feature. Updates can be automatically downloaded and installed at a designated time.

For end users, we’ve added these new features:

Easily Identify Trusted Email & Confirm Message Authenticity to Prevent Spearphishing

 

DKIM Verified Sender
DKIM Verified Sender

MDaemon’s OpenPGP features can now verify embedded signatures found within messages. This helps the recipient ensure that the message is authentic. WorldClient will display an icon or text label for verified messages. WorldClient will also display labels for messages with valid DKIM signatures, messages decrypted by OpenPGP, and messages signed with an OpenPGP key.

WorldClient Categories for Easier Inbox Management

WorldClient Message Categories
WorldClient Message Categories

When using the LookOut and WorldClient themes, WorldClient has new category selections for easy sorting and identification of email messages. Messages can be sorted by category, and multiple categories can be assigned to a message. Authorized users can also create their own custom categories in addition to using the built-in categories.

Connect with most IM Clients

XMPP Chat Server
XMPP Chat Server

MDaemon 16.5 includes two separate chat systems. In addition to WorldClient Instant Messenger, users can now chat with each other using their favorite third-party chat (XMPP) client. With the addition of this feature, users now have the flexibility to chat from any device with a compatible XMPP client, including mobile devices.

There are many XMPP clients to choose from, including Trillian (Windows), Adium (Mac OSX), and Mozilla Thunderbird (Linux, OSX, Windows). A list of XMPP clients can be found here: http://xmpp.org/software/clients.htm.

Features may vary depending on which XMPP client is used. WorldClient Instant Messenger’s features can be found here:

http://www.altn.com/Products/MDaemon-Email-Server-Windows/WorldClient-Instant-Messenger/

Other improvements include:

Additional SMTP authentication settings

SMTP Authentication from Local IPs
SMTP Authentication from Local IPs

The SMTP Authentication screen has a new option which, when enabled, will require all incoming messages from local IP addresses to use SMTP authentication. When this setting is enabled, if a message that is not authenticated arrives from a local IP address, it will be rejected. We recommend enabling this setting for added security.

Modification of “From” header as additional protection from spoofing

Sometimes users are fooled into thinking an email comes from one person when it is actually from an attacker. This happens because email clients often display only the sender’s name and not his email address. This new option defeats such an attack  by altering the From: header value. If enabled, when a message arrives for a local user, its From: header is modified. For example: From: “Spartacus” <crixus@capua.com> would become From: “crixus@capua.com — Spartacus” <crixus@capua.com>.

WorldClient can check for attachments if they are mentioned in the subject/body.

WorldClient Attachment Notification
WorldClient Attachment Notification

When an attachment is mentioned in the subject or body of a message, yet no file is attached, WorldClient can be configured to remind the sender of a possibly missing attachment when clicking the Send button.

These are just the major new features for MDaemon 16.5. For a complete list of all new features & enhancements, view the MDaemon release notes. Or if you’re ready to try MDaemon for free, click here to download your free trial!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Using DKIM, SPF & DMARC to Protect your Brand and Customers from Spear Phishing

Introduction

Scammers use a variety of tactics to get users to give out personal information. One very common tactic is known as phishing. Phishing is a scam where tech-savvy con artists use spam and malicious websites to deliver malware, or to trick people into giving them personal information such as social security numbers, bank account numbers, and credit card information. A more targeted (and often more dangerous) type of phishing is known as spear phishing.

What is Spear Phishing?

Spear phishing is a targeted attack that’s usually addressed to a specific individual. With spear phishing, the perpetrator knows something personal about you. He may know your name, email address, or the name of a friend, or he may have information about a recent online purchase you made. While most phishing emails will have a generic greeting such as “Dear Sir or Madam,” a spear phishing email may address you by name, such as “Hello John.” It may also appear to come from someone you know.

According to Allen Paller, director of research at the SANS Institute, 95% of all attacks on enterprise networks are the result of spear phishing attacks. Earlier this year, Symantec issued a warning about an ongoing spear phishing attack targeting small and midsize businesses in the United States, India, and the UK that infects users with a remote access Trojan (RAT). A RAT gives an attacker remote access to a machine & can lead to disclosure of sensitive information and financial losses. Based on campaigns run by Symantec’s Phishing Readiness technology, on average, employees are susceptible to email-based attacks 18 percent of the time.

How can You Protect Yourself & Your Business?

Protecting your company from spear phishing attacks is the responsibility of employees as well as the mail server administrator. For employees, user education is key. This post contains helpful email safety tips for end users. For the administrator, implementing DKIM, SPF and DMARC can help reduce data breaches, financial losses, and other threats to your business. These three methods are described in greater detail below.

How DKIM Works

DKIM (DomainKeys Identified Mail) is a cryptographic email verification system that can be used to prevent spoofing. It can also be used to ensure message integrity, or to ensure that the message has not been altered between the time it left the sending mail server and the time it arrived at yours. Here’s how DKIM works:

  • An encrypted public key is published to the sending server’s DNS records.
  • Each outgoing message is signed by the server using the corresponding encrypted private key.
  • For incoming messages, when the receiving server sees that a message has been signed by DKIM, it will retrieve the public key from the sending server’s DNS records and then compare that key with the message’s cryptographic signature to determine its validity.
  • If the incoming message cannot be verified then the receiving server knows it contains a spoofed address or has been tampered with or changed. A failed message can then be rejected, or it can be accepted but have its spam score adjusted.

You can refer to the following knowledge base article for DKIM setup instructions in MDaemon:

How to enable DKIM signing and configure records

You can refer to this knowledge base article for DKIM setup instructions in SecurityGateway:

http://www.altn.com/Support/KnowledgeBase/KnowledgeBaseResults/?Number=496

How SPF Works

Another technique to help prevent spoofing is known as SPF. SPF (Sender Policy Framework) allows domain owners to publish DNS records (SPF records) to identify those locations authorized to send messages for their domain. By performing an SPF lookup on incoming messages, you can attempt to determine whether or not the sending server is permitted to deliver mail for the purported sending domain, and consequently determine whether or not the sender’s address may have been forged or spoofed.

MDaemon’s SPF settings are located under Security | Security Settings | Sender Authentication | SPF Verification. This screenshot displays the recommended settings.

SPF Settings in MDaemon
Recommended Sender Policy Framework Settings

Recommended SPF settings for SecurityGateway are outlined in this knowledge base article:

http://www.altn.com/Support/KnowledgeBase/KnowledgeBaseResults/?Number=497

These are the recommended settings for verifying SPF records of other domains. To help protect against spear phishing attacks that spoof your own domain, you should set up an SPF record in DNS. You can find helpful information on SPF record syntax and deployment at www.openspf.org.

DMARC (Domain-Based Message Authentication, Reporting & Conformance)

When a message fails DKIM or SPF, it is up to the receiving mail server’s administrator as to how to handle the message. The problem with this is that if DKIM or SPF is not set up properly, it can lead to problems. DMARC (Domain-based Message Authentication, Reporting and Conformance) takes out the guesswork on how to handle messages from a domain that are not properly aligned with DKIM or SPF.

DMARC defines a scalable mechanism by which a mail sender can express, using DNS records (DMARC records), domain level policies governing how messages claiming to come from his or her domain should be handled when they do not fully align with DKIM and SPF lookup results. In other words, if you perform SPF, DKIM and DMARC record lookups on a message claiming to come from my domain (example.com), and it does not align with SPF, DKIM, or both, my DMARC record can tell you how I want you to handle messages that are unaligned with SPF & DKIM. My DMARC record can specify whether I want you to accept, quarantine, or reject unaligned messages, and I can even go a step further and specify what percentage of unaligned messages I want you to reject or quarantine based on my policy preferences. This is useful when first deploying DMARC, as it allows you to be more lenient with rejection of unaligned messages until you’re sure DKIM & SPF are configured properly.

You can view the following recorded webinar for a more in-depth overview of DMARC, including examples and syntax of DMARC records and deployment strategy.

https://youtu.be/vrMMKmxCmqs?list=PLt-aAHf-ocsYYmpXFABce39b_CgJXXubp

This knowledge base article will also be useful:

How to Enable DMARC and Configure Records

Conclusion

While we must be vigilant against spoofing and phishing attacks, we must also acknowledge that cautious, informed users and properly implemented SPF, DKIM and DMARC policies are the best defense against cybercriminals who are intent on stealing your data and damaging your brand.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Quarantine Management with WorldClient Private Email

WorldClient Private Email makes spam management easy by providing users with the email and collaboration features found in WorldClient, MDaemon’s webmail client, and the security and spam filtering features found in SecurityGateway. This tutorial video covers the following topics:

  • How to allow users to manage their own quarantines in SecurityGateway
  • Quarantine management via the Quarantine Summary Email, and how often this email is sent to users
  • When to whitelist or blacklist the sender, and when & how to release a message from quarantine
  • Quarantine management via the SecurityGateway interface
  • Feeding the Bayesian spam and non-spam database – to improve the spam filter’s accuracy

Spam doesn’t have to be an overwhelming nuisance. When these practices are followed, spam is kept under control so you can spend less time dealing with spam and more time focusing on your business.

If you are interested in our WorldClient Private Email hosted email service, click here for pricing and features, or click here to sign up!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

New MDaemon Feature Helps Detect Spambots

Ever wonder why so much spam exists today? By some estimates, more than 100 billion spam messages are sent every day. This represents around 85 percent of global daily email traffic. Some of the most common types of spam messages include financial scams, phishing attempts, ransomware, and botnet malware. In this article, we focus primarily on botnets.

Spam is big business. The barriers to entry are low and the payoffs are high. If a spammer sends out 50,000 spam messages, but only a handful of users click on a link in one of these messages, the spammer’s efforts will likely have paid off.

A single spammer may not have the resources to send out a large-scale spam attack, however, a spammer’s job is made much easier by the use of botnets – networks of hundreds or even thousands of malware-infected computers (known as spambots) that can be remotely controlled over the internet.  Similar to legitimate cloud services such as Amazon’s AWS, a botnet-for-hire provides individuals with ample cloud-based resources to carry out large-scale spam campaigns with very little effort.

According to Spamhaus, the top five countries with the most spambots are India, Vietnam, China, Iran, and Brazil. As of May 23, 2016, India had close to 2 million spambots!

The botnet-for-hire industry is a growing industry that makes it easy for anyone to send out thousands of spam messages using the botnet as the attack vector.

In addition to sending out spam, botnets can be used to launch DDoS attacks by flooding a company with thousands of connections over a short period of time – in an effort to try to shut down a company’s network or to damage its reputation.

User education is likely the most important factor in preventing a computer from becoming a spambot. The following are a few guidelines that every email user should know by now.

  • Never open an email from an unknown source.
  • Never open an attachment from an unknown source.
  • Even if the sender appears to be someone you know, always verify – because spammers often forge the sender’s address.
  • Use anti-virus software on your local computer.
  • Learn how to recognize phishing
    • Messages that contain threats to shut your account down
    • Requests for personal information such as passwords or Social Security numbers
    • Words like “Urgent” – portraying a false sense of urgency
    • Forged email addresses
    • Poor writing or bad grammar
  • Don’t give your email address to sites you don’t trust.
  • Don’t post your email address to public websites or forums.
  • Understand that reputable businesses will never ask for personal information via email.

For more of these guidelines, see our blog posts – Email Safety Tips for End Users and Ransomware and Banking Trojans are Big Business.

Spambot Detection in MDaemon

The information provided above applies primarily to end users, but what actions can be taken by the mail server administrator to detect and prevent spambot activity? While MDaemon has many spam-fighting features, MDaemon 16 includes tools to detect spambot activity and block it from further communication with your server. This new feature is called Spambot Detection. Spambot Detection tracks the IP addresses that every return-path value (sender) uses over a period of time. If the same return-path is used by multiple IP addresses (more than can be expected from users switching between their computers and mobile devices) in a given timeframe, then it’s possible that this activity is being generated by a spambot. Of course, it’s also possible that this activity is completely legitimate. However, in some cases, tests have shown that this can be an effective tool at detecting a distributed spambot network as long as the same return-path is used in the spam messages. If a spambot is detected the connection is dropped and the return-path value is optionally blacklisted for a designated period of time.  You can also optionally blacklist all known spambot IPs for a designated period of time.

As with most MDaemon security features, various settings allow you to bypass Spambot Detection for mail from trusted sources. You can exempt specific IPs, senders, and recipients from Spambot Detection using the White list feature, and exempt connections from authenticated sessions or trusted IPs. Click on the Advanced buttons to view a list of return-paths or IPs that are currently blocked. If a return-path or IP is blocked by mistake, you can easily remove it from the list.

We demonstrate how to configure Spambot Detection in this tutorial video.

Spammers are always coming up with new ways to spam users. That’s why user education and a properly configured mail server are equally important in the war against spam.

Spambot Detection is one more tool in MDaemon’s arsenal of anti-spam and security features. When these features are enabled, MDaemon can help protect your users and your business from spam, phishing attempts, and malware. For more information on protecting your MDaemon server, check out our knowledge base article on recommended MDaemon security settings.

If you’re not yet an MDaemon user, and would like to take advantage of its robust security and anti-spam features, click here to download your free trial!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

New MDaemon Tutorials Added to YouTube

If you haven’t seen our YouTube channel lately, you’re missing out on some valuable information that can be used to help you manage MDaemon and SecurityGateway. Recently, we’ve added several new MDaemon tutorial videos. Here are a few that might interest you.

MDaemon Graphical User Interface (GUI) Overview

In this video, we provide a tour of MDaemon’s graphical user interface. We show you where to find key security, administration, and account management settings, how to navigate your way through the mail queues, and how to find information in the mail routing, security and spam filter logs using the tabs across the bottom of the MDaemon interface.

MDaemon’s File Structure

One of the benefits of MDaemon that make it easy to troubleshoot and administer is its file structure. All key settings are stored in configuration files located in the MDaemon/App directory, and user email messages are stored in the Users directory. This flat-file structure makes MDaemon very easy to backup and restore using simple drag & drop.

How to Enable and Use Two-Factor Authentication in WorldClient

Two-factor authentication is a security feature found in WorldClient, MDaemon’s webmail client, which requires users to submit two forms of identifying data – a password, and a special code or token, before they are able to login. Two-factor authentication helps prevent accounts from being hijacked by someone who manages to guess the account’s password. A potential hacker would have to know the second authenticating factor in order to access the account.

Enabling Do Not Disturb to Establish Work/Life Balance for Employees

MDaemon’s Do-Not-Disturb feature allows administrators to set a time during which certain users are not allowed to check for or send new email messages. In an age where we’re all constantly connected via mobile devices, this helps foster better work-life balance for your users.

These are just a few of the tutorial videos on our YouTube channel. Visit our YouTube channel for other tutorials, product overview videos, webinars, and more. If you haven’t tried MDaemon yet, click here to download your free trial and see how easy MDaemon is to use!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

MDaemon 16.0.2 Available – with “Remember Me” for Two-Factor Authentication

MDaemon 16.0.2 has been released. This update includes a “remember me” feature for two-factor authentication in WorldClient. With this feature enabled, users will not have to re-enter a verification code for a designated period of time.

Other new features and enhancements include:

  •  Global administrators can now set the Mail Archive path in Remote Administration.
  • The Remote Administration group editor now supports Do Not Disturb scheduling. This allows administrators to schedule a period of time during which email cannot be accessed for all accounts that have been assigned to a group.
  • Administrators can now sort the Active Sessions list in Remote Administration – for an improved view of server activity.
  • Global administrators can now disable two-factor authentication for selected users in Remote Administration.

These are just the highlights for MDaemon 16.0.2. For a complete list of new features and fixes, view the MDaemon release notes. If you’d like to update to MDaemon 16.0.2, you can download MDaemon here.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Manage Employee Overtime with New Email Feature

Companies around the world are faced with the need to manage email access after hours to reduce overtime pay and promote a stronger work/life balance for their employees. MDaemon makes this goal attainable using its Do Not Disturb feature. Do Not Disturb allows administrators to designate a time during which selected users are not allowed to check their email. During the Do Not Disturb period, accounts can still receive email on the mail server, but users cannot send or check for mail using SMTP, IMAP, POP, WorldClient or ActiveSync.

In MDaemon, you can access the Do Not Disturb feature via the Group Manager screen under the Accounts menu. Follow these steps to configure Do Not Disturb.

  1. Select Accounts.
  2. Select Groups & Templates.
  3. Select Group Manager.
  4. Select New Group or click on an existing group to select it.
    Click on New Group to create a user group in MDaemonEnter a Group Name and Description for your new group.Group name and description - MDaemon user group
  5. Click on Add or remove accounts from the selected group.
    Adding Accounts to a Group in MDaemon Messaging Server
  6. Check the box for each account you wish to add to this group, and then click OK.
    Adding Accounts to a Group in MDaemon Email Server
  7. Select the group name under the Group Manager list.
    Select the Group in the Group Manager List
  8. Check Enable Do Not Disturb.
    Do Not Disturb Checkbox - MDaemon Groups & Templates
  9. Click on Define Do Not Disturb Schedule to configure when you would like this feature to take effect.
    Defining a do-not-disturb schedule for selected accounts in MDaemon
  10. Select your desired Do-Not-Disturb schedule, including dates, times, and days of the week, and then click OK.
    Do not Disturb schedule
  11. Click OK to close the Groups & Templates window.

Once these settings are enabled, users who try to access or send email during Do Not Disturb hours will be denied access.

The following video demonstrates how to configure Do Not Disturb.

Do Not Disturb gives administrators and management teams greater control over who has after-hours access to the email system. This feature was added in MDaemon 15.5. If you’re using an older version of MDaemon and would like to upgrade, then visit our Downloads page to download the latest version of MDaemon.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •