ExchangeDefender Starts Deployment of 3.0

ExchangeDefender Starts Deployment of 3.0

We will begin deploying ExchangeDefender 3.0 over the next two months. Because ExchangeDefender is a large cloud-based network all updates are all-or-none so we will be deploying features one by one. We will be announcing them here on our blog so please stay tuned.

The first significant change to come is the end to open relaying:

Starting November 1st, 2006 we will no longer blindly relay domains through ExchangeDefender for our customers. The following email address requirements will be established for the new accounts:

  • All users and valid email addresses must be provided at the time of account activation. By default ExchangeDefender will block traffic to addresses it is not aware of.
  • All users will be programmed into the Valid Recipients database, either by the customer, reseller or ExchangeDefender staff (through the LDF file)
  • All users that activate their accounts will automatically be allowed through the ExchangeDefender cloud, there is no need for double entry on the administrative side.

All current customers will have until December 1st, 2006 to provide a list of valid recipients or establish a protocol for address verification. We will of course be available to assist you with any administrative tasks that may be required to get the data exported correctly.

Reasons for Address Restrictions

ExchangeDefender has always applied address restrictions but until now it was an optional feature. Unfortunately over the past year address book attacks and mail probes have made open addressing impossible to facilitate. Many major ISP’s (Own Web Now Corp included) have stopped allowing “catch-all” addresses. Furthermore, many sites have even stopped issuing NDR’s (Non-Delivery Receipt) alltogether.

In the modern world of email threats, NDR’s can and are often used to flood the third party mailbox with SPAM. All servers are configured by default to send an NDR if there is a problem with delivery. Spammers can identify mail servers that openly issue NDR’s and can forge the From: address that the message is being sent from. When the target SMTP server rejects the message by issuing an NDR the message is sent back to the forged From: email address.

The result? Flooded mailbox. Quota Warnings. Diminished effectiveness of spam filtering. Increased overall load on the mail server. To protect our customers from all of these we’ll begin enforcing address validations through ExchangeDefender.

Any questions? Let us know – support@ownwebnow.com