ExchangeDefender Blog

Most Popular Products

EMAIL SECURITY

Services that protects your mail from spam, viruses, and malware.

ARCHIVING

Secure long term message storage and ediscovery reporting.

BUSINESS CONTINUITY

Constantly archiving your sent and received mail.

Image result for how to determine spam email

The more SPAM stays the same, the more ways they find to get it through to your mailbox.

How we determine something to be SPAM vs legitimate mail is a bit of a science and it incorporates a ton of statistical analysis, data feeds, real-time blacklists, IP reputation scores, several antivirus products, several malware detection products, subscription services, etc. We pass each inbound message through almost all of these subsystems and assign it a score – as that score adds up the message becomes categorized as SPAM or SureSPAM based on the amount of UCE/malware/infected content the message has.

Every year we rebuild the ExchangeDefender engine to pull out things that no longer perform well, add new promising technologies, shift around the different plugins and so on. While ExchangeDefender filtering is updated in real-time and by tons of different vendors along with our in house technology, major improvements and technology shifts are necessary in order to prevent truly dangerous stuff from getting through. Unfortunately, this means that for about a week or two the amount of junk mail that gets through goes up as we reset all our scores, statistical models, weighs for different services and the implementation. While we wish we could just point and click, the process is far more complex than that, and requires delicate changes over a few days.

We appreciate your patience with us as we get the new engine online. The SPAM filtering levels should return to 100% shortly and we realize SPAM is annoying – which is why we’re doing this in the first place. Thank you for your business and trusting us with your email, we look forward to getting our best ever SPAM detection online shortly.

ExchangeDefender is in it’s final stage of Exchange 2016 migration which means tons of small business users are about to experience Exchange 2016 for the first time (coming from 2010, 2013 and even a few 2007 / virtualized SBS folks). While there are tons of advantages and features in 2016, nearly all of them are related to the back end/IT that will make your Exchange/Outlook experience much better. Yes, I can hear you yawning. 🙂

SIMPLICITY

The most exciting thing about ExchangeDefender on Exchange 2016 is the extent to which we have templated, wizarded, and simplified the management of an Exchange 2016 organization – we’ve written tons of control panels and wizards that will make ordinary users as powerful as IT people with a ton of PowerShell experience. As a matter of fact, our Exchange 2016 UI will be on sale shortly as a separate product. All the cool stuff you read about Exchange 2016 is only accessible via PowerShell and coding, something that even an overwhelming majority of trained IT staff aren’t capable of doing effortlessly.

We looked at the Microsoft Exchange platform, surveyed our users, looked at all the tickets and requests we’ve had since the 2016 launch and we built a simple, easy to use, non-IT guy friendly way of managing Exchange 2016 and all it’s new features. This means that for an average organization, ExchangeDefender Exchange 2016 will be the most powerful platform they can get.

FLEXIBILITY

Microsoft has really changed the game in Exchange 2016 with massive improvements around the web – from MAPI over HTTP to Outlook on the Web. Outlook on the web will turn your web browser into something as similar and almost as powerful as your desktop Outlook application. In fact, all ExchangeDefender employees currently use Outlook on the Web as their primary email interface because the search component is flawless and we already spend the entire day in the browser.

MAPI over HTTP component is truly solid and will hopefully eliminate a ton of problems that 2003/07/10/13 users had with configuring their Outlook initially. With the new setup and autodiscover, apps will be able to quickly locate the right server and keep connecting even when there are backend maintenance or outage scenarios. So far so good though, 2016 has been rock solid leading us to..

RELIABILITY

As everyone that’s ever had to deal with Outlook and Exchange will tell you, it’s reliable but when you have an issue it’s usually big – well, not anymore. With better implementation of multiple roles, Managed Store, expanding archives and SharePoint Foundation Search the new version of Exchange can handle larger mailboxes, provide faster searches and assure smooth operation in event of failure.

We have been leveraging Expanding Archives to provide bigger (archived mail) mailboxes while making the recent messages on entirely different storage. The results are phenomenal and you will notice the difference immediately.

Everyone with an AutoDiscover record can be moved on demand, if you don’t have an auto discover record you will need to create one for your domain and point it to autodiscover.xd.email – beyond that Outlook will handle everything just requiring the user to run an online “repair” that takes just a few moments and doesn’t require downloading all of the email, creating a new profile, re-configuring everything and so on. If you don’t have an auto-discover yet you will need it – there is no more “manual” configuration.

We truly look forward to getting all of our clients on 2016 as fast as possible and have additional staff, documents, and resources to make this a successful move for everyone. Once moved, the power of our UI and management infrastructure will give you more flexibility over the Exchange management and implementation while also allowing you to run things without PowerShell, hacking or putting things together. That in fact is our biggest competitive advantage: You don’t need to be in IT to manage your email.

 

A new webinar for October 17th at noon has been scheduled! We’ve been working around the clock to provide our partners, and their clients new features that make all of our work process easier, and more effective. Cool things that are happening as of today, October 1st :

Exchange 2016, Finally

The new exchange 2016 comes with a lot of new features. We’re particularly excited about the ability to create shared mailboxes, and manage password and lockout policies.

Corporate Encryption

You can now reset your recipients accounts (PIN+Password) in Corporate Encryption.

SPAM Reporting

New ExchangeDefender SPAM Email Reports are launching on October 1st 2018 and we’ve made several significant changes to the look and feel based on user feedback.

Friendly Names

You’ve only been waiting 20 years for this feature and we’re happy to finally deliver it: ExchangeDefender will now show friendly display names and email addresses, giving you a better idea of who the email sender is.

Watch ExchangeDefender’s CEO, Vlad Mazek discuss newsworthy topics to be discussed during the upcoming webinar on the 17th at noon. Stay tuned as we share key advancements of our products and within the company. Reserve for the webinar now!

Friendly Names, Finally.

You’ve only been waiting 20 years for this feature and we’re happy to finally deliver it: ExchangeDefender will now show friendly display names and email addresses, giving you a better idea of who the email sender is.

This is a slightly technical pragraph that we encourage you to skip. Every email you receive has two From: addresses. One is a “friendly from” or “header from” address that prints the name of the sender as the user configured it inside their mail software such as Outlook or Gmail. The other is an “envelope from” or “mail from / return path from” address that is used for mailer/postmaster reasons to bounce and process messages. As an email security solution, ExchangeDefender only looks at and reports envelope addressing as the friendly from can easily be spoofed and faked and generally has no impact on the underlying SPAM filtering technology, message routing, SPF/DKIM, and a myriad of other technical reasons. Two decades ago, when ExchangeDefender was first and foremost meant to be a front line defense on the edge/perimeter before allowing traffic to get to the firewall, envelope from was what I went with.

What made sense two decades ago, which is centuries in IT terms, doesn’t make sense in 2018. Today ExchangeDefender is no longer primarily an edge security service, it is prime real estate in which end users and business employees spend a considerable amount of their time managing their mail, sending documents, sending encrypted attachments, assuring compliance, collaborating, and as such the design and the content needs to show something relevant to the user (not the IT administrator power user that is likely managing things through our powerful Domain Administrator section).

Oh, and by the way, it’s also going to show up like this in our updated SPAM Reports starting in October for our ExchangeDefender Pro subscribers:

P.S. Please tune into our new feature webinar on Wednesday, October 17th, 2018 at noon EST. Lot’s of new features are coming in ExchangeDefender as we transform the product to better serve the compliance and security needs of our clients. Register Now!

 

 

ExchangeDefender Encryption Enrollment Account Reset

Encryption is hot – with daily news of hackers breaking in or compromising one system after another, taking that extra step to make sure your information is safe and secure has never been on the minds of business owners more. We may sound like a broken record when it comes to encryption but it is one of our more popular products and today we’re happy to announce another quick feature that is coming.

October 1st: You can now reset your recipients accounts (PIN+Password) in Corporate Encryption.

ExchangeDefender Corporate Encryption has an alternate [ENCRYPT] flag that can allow the users to encrypt messages on demand and require the recipient to enroll in the ExchangeDefender Corporate Encryption in order to access the message. Enrollment process is quick and simple and requires the recipient to provide their name and phone number along with a selection of a password and a 4 digit PIN. This additional security step is put in place to eliminate man in the middle attacks where a hacker may have compromised the firewall, disgruntled employee is trying to spy on inbound mail, or a variety of other threatening issues. It is the ultimate layer of protection because PIN is only known to the user.

If you support ExchangeDefender Corporate Encryption, you’re going to like this feature a lot because you’ve likely had to deal with the inevitable case of a recipient forgetting both their password and their PIN. Since we have no way to verify the users identity, we’ve always processed reset requests manually. Now, this process is automated.

Just go to admin.exchangedefender.com and login as the domain administrator.  If you subscribe to Corporate Encryption you will see it under the Configuration menu. Simply type in the recipients email address and their account at ExchangeDefender will be reset allowing them to enroll again.

As a security precaution, they will not be able to see emails sent to them prior to the enrollment period – only new messages after they have created their account. On the backend, there are additional checks in order to make sure that this is actually a user that receives email from your domain, etc, etc so we don’t open the door to a malicious ExchangeDefender client attempting to reset accounts of unknown contacts. Obviously there is far more going on in the background that we cannot disclose in a blog post but if you’re interested in the technology, we have patents pending on several of these and would be happy to discuss privately.

There you have it, October 1st. Another cool feature that will save a lot of time for our users while keeping everyone just a little bit safer. We’re adding more features all over the place so please stay tuned to our blog and our Facebook page.

 

Email encryption is on the rise, ExchangeDefender offers two types of encryption.

Corporate Encryption

ExchangeDefender Encryption (Corporate Encryption) has been one of our hottest products for years, the demand for it is fueled by daily news of exploits, hacking, data theft and so on. Just last night, one of the largest retailers in the world was exploited and for over a month hackers stole credit cards and client information. This sort of daily reporting is creating an unprecedented demand for encryption products, with Let’s Encrypt becoming the largest SSL certificate issuer on the planet.

One thing remains, if the data you are sending or receiving is sensitive to you it’s your responsibility and best interest to assure it is protected.

When it comes to email encryption things get a bit more confusing, complicated, fragmented and unclear. One thing remains, if the data you are sending or receiving is sensitive to you it’s your responsibility and best interest to assure it is protected. Whether you’re the sender or the recipient. Unfortunately, email alone isn’t secure enough by design and <big deal>it is the most exploited and hacked medium available.</bigdeal> . Why hack a bank when I can hack your mailbox and get all your accounts, credentials, reset mechanisms, notes, private information and more?

This is where ExchangeDefender, and ExchangeDefender Encryption, become such a big deal and such a valuable <i>service</i> for your business. You can exchange emails back and forth securely, without installing any software, without requiring the recipient to install any software. Your still use your same email program, desktop, mobile phone, tablet – but your information goes from point to point in an encrypted and protected process. Not just that but you get things you typically can’t get from IT – knowing when the message was was received, when it was read, how many times it’s been read, and you get a reply in the same secure way.

Request your complimentary branded marketing collateral. Looking for something else? Give us your feedback.

It’s clear to see how easy and essential selling ExchangeDefender Encryption is: but you can’t show up empty handed. We have marketing collateral available for our partners – Click on the PDF to download. 

SPAM Email Reports

ExchangeDefender SPAM Email Reports remain one of our most popular features and after nearly 6 years since the last major revision we’re looking to improve both the value and the functionality. For many of our end users, ExchangeDefender is the sole provider of cyber security training and information – so the responsibility of better educating our clients on the threats they are likely to face via email and web is crucial.
Then there is the look and feel of it. White collar workforce has largely gone away from dual monitor configurations to smaller portable devices on which users don’t spend the whole day in Outlook – so our email reports that were designed for the Microsoft desktop era needed a little face lift.

New ExchangeDefender SPAM Email Reports are launching on October 1st 2018 and we’ve made several significant changes to the look and feel based on user feedback.

– New reports feature “friendly” From addresses, instead of the actual From: line we’ve always used.
– Contrast has been improved as well as spacing, so finding information in the email is much simpler.
– Font size, padding, colors, etc has been modernized as well, allowing the report to look amazing on both small phone screens and large wide-screen computer displays.

On the backend, our reports and email release requests are starting to embed our support at the point of release, making sure our end users get exactly what they are expecting right away. If the message isn’t displaying correctly, or if it cannot be located, or if the message is continuously ending up in the SPAM quarantine even though the user believes they whitelisted it (99.999999999% they whitelist the disposable from tracking email which changes every time a message is sent, instead of whitelisting the domain) – our support will be there to assist them immediately without picking up a phone, without opening up a support ticket, without escalating it to the office manager or creating additional work. On demand service #ftw.

Our mission to help protect our clients from dangerous and malicious content also has to account for threats before they become problems – which is why we’re investing in training and info collateral aimed at the users so they are aware of new ways hackers are trying to exploit them. This info will be featured prominently in the service and we will cover it in detail as we ramp up production but for the time being we understand our end users have limited time and limited interest in what is going on in the world of cyber crime – so we will limit our content to 140 characters and feature relevant stuff only, nothing commercial.

If you have any suggestions or ideas for our Email SPAM Reports, please do not hesitate to let us know.

 

ExchangeDefender Corporate Encryption
ExchangeDefender Corporate Encryption

ExchangeDefender Corporate Encryption now allows you to send encrypted attachments and share files securely from any device, even many of you that aren’t on Microsoft Outlook/Exchange. It was one of the more popular parts of the webinar we held yesterday (hope you had a chance to attend it, you can watch it anytime in our secure portal at https://support.ownwebnow.com)

ExchangeDefender Corporate Encryption was designed to eliminate the pain point of traditional key-based email encryption: too much software, too much management, exchange of public keys, software deployment, and more. It also eliminates the complaints about cloud based solutions that are often clunky, unfriendly, not to mention expensive. ExchangeDefender Corporate Encryption is none of those: it is friendly, affordable, requires no additional software or hardware.

And as of this week, it allows the sender and the recipient to exchange attachments so that the content is encrypted in both directions. Furthermore, because it is cloud based, you can resume work when you get back to your desk. The upgrades to the UI allow you to quickly see new messages, respond to them, or forward them elsewhere. It is truly turning into a highly secure, policy-based, email solution for businesses that require compliance and content security.

We’ve also made the UI more friendly by putting actions on top of the page so that it resembles popular webmail products end users have gotten used to for over a decade. Attachments are a lot more prominent and go both ways: not only can you send them, but when the recipient logs into our portal to reply they can attach anything they want to in response as well – assuring that content is protected and encrypted at all times.

 

ExchangeDefender mail flow and email analysis troubleshooting is at times a long and difficult process that has been automated through our admin portal at  https://admin.exchangedefender.com. We realize that it’s not an option for some of our end users and new MSPs so we often get tickets in our support portal asking us why a certain message got delayed, rejected, classified as SPAM or allowed to get through if it had SPAM content, etc.

In order to troubleshoot an issue with a specific message we always ask for SMTP headers. The following blog post will help you find them in Outlook Web App, Outlook 2013 and Outlook 2016.

Outlook Web App

From the message listing, right click on the message and select “View Message Details”:

 

 

 

 

 

 

 

 

You will see Message details screen. Copy and paste it in the ticket and we can help you with the rest.

 

 

 

 

 

 

 

 

 

Outlook 2013 / Outlook 2016

From the message listing double click on the message so it pops up in it’s own Outlook window.

 

 

 

 

 

 

 

 

 

 

 

Then click on File and you will be shown the message file options:

 

 

 

 

 

 

 

 

Click on Properties and you will see the SMTP headers. Copy and paste it in the ticket and we can help you with the rest.

 

 

 

 

 

 

 

 

Important: Please copy and paste the contents of the screen into our support ticket instead of taking a screenshot. Sometimes the SMTP headers contain characters that are very similar (qf9mfIlI1IlI) and it can take a lot longer to locate the message rather than having a specific text search.

What happens next is that our team is able to locate the specific message in our database and then with that data do further analysis using the node that processed the message and look at all the logs generated by hundreds of different services that are analyzing every message for dangerous content.

Partner to Retail Transfers

After nearly 21 years in business, we have seen just about everything, from partners dying to companies disappearing overnight. More often than not, they leave businesses they served stranded and ExchangeDefender has to pick up the pieces. As each case is different, we’ve always handled every issue delicately with great care from a dedicated employee at ExchangeDefender to handle the issue.

While that sounds nice on the surface, it’s actually a horrific mess with a point person playing coordinator, negotiator, project manager, liason, unofficial legal advisor and more often than not wasting more time than neccessary.

As a result, there is now a 3 month initiative at ExchangeDefender to streamline and automate most of our processes that involve external parties. The honor of the first such automated process is the “Transfer of Services”:

Transfer of Service

ExchangeDefender is exclusively sold through our IT Solution Partners. However, when one partner disappears (death, bankruptcy, laziness, poor customer service) we do not have the means to refer them to a new partner. Often, even if we can find someone local, partner may not have an incentive or business case to sell them ExchangeDefender if the client will not sign up for other support services that are required by our partners to deliver XD. Sometimes, clients get bought/sold, hire their own IT staff, or move to a new provider and want to keep ExchangeDefender. All of these scenarios create a massive mess for ExchangeDefender, for the client, and ultimately for the partner.

The site is designed to create a process-oriented survey that ties in all the parties involved in service delivery – the client requesting the transfer, the existing partner, and if applicable the new IT Solution Provider. This way we have the contact information about everyone, we have set milestones in the process, we have everyone moving along the project and we have deadlines so nobody is left stuck or forgotten. The same ExchangeDefender SLA for support applies to the transfer process but it makes ExchangeDefender handle it.

That is the key part and perhaps the most valuable one for our existing partners that may be worried about account transfers. From our experience, when a client decides they want to leave the service (be it ours, or our partners) there is little that will stand in their way of either moving to another ExchangeDefender partner or another service. This can be painful, awkward, and at times emotional as a loss of business can be stressful. This is where ExchangeDefender can help as well – instead of having to deal with asset control, configuration, transferring credentials and doing support and the work of the new IT Service Provider, our partner can just sign a waiver and from that point on anything regarding the old client and ExchangeDefender will be handled by our team. This way the current partner that is losing the service isn’t stuck with an uncomfortable process of dealing with a client that fired them or training their competitor how to manage the service – it’s simply all on us.

We had to do something. All our future transfers will happen through the “Partner To Retail” web site at https://exchangedefender.com/transfer

Our mantra remains the same, we are still very much a partner-channel based organization. These process automation projects are meant to give our partners and clients a more predictable, measurable, and accountable system backed by an SLA rather than a single point person. If there are processes that you’ve found frustrating, unpredictable, difficult, or frustrating please let us know by contacting your account manager and we’ll put some priority on those. Otherwise, we look forward to serving you better.

GDPR - GET STARTED

Our readiness kit contains valuable resources designed specifically to help businesses with GDPR requirements.

DOWNLOAD OUR GDPR READINESS KIT

IoT Security Solution

Introducing our newest security solution for IoT devices. Protect and secure your IoT environment with robust built in Security.

READ MORE

Are you an MSP?

See why you should consider our partner program. Become a partner at no cost, with no annual commitment, cancel anytime.

MORE INFORMATION