We Hear You (Part 1)

We Hear You (Part 1)

We Hear You!Over the past 6 months Vlad and myself have been gathering a lot of feedback both positive and negative: positive (support’s effort is appreciated across the board, which makes me not have to inflict physical damage on anyone) and negative (development items from core engine stuff (which I can help with) and some GUI stuff (which I may be able to barter some live chickens in exchange for features, unless my hand is cut off during negotiations). This first quarter and going into the second quarter, we have undergone massive build outs and redesigns. For those of you that headed our heads up and stayed us, thank you for the bottom of our hearts. We understand that while we’re working on things the end user perceives it as “well I don’t care it’s still not working, when will it work like I want it to?” and it puts pressure on your teams and your staff. Over the next couple of few weeks I’m going to touch on some things we’ve done and others that are in the pipe line.

This week the one I’m going to focus on is probably a big one for your support staff, whitelist handling. In the past we’ve had issues caused by the increased adoption of BATV addressing and address handling in our engine. Here’s the bottom line, the  from address line can be spoofed so we’ve always toted the line that for the safety of your clients against spoofed phishing attacks we test against the envelope address. However, this became a problem as BATV grew in adoption because basically your clients would continually submit whitelists that were never ever going to work. Of course, this would give you and by association us a huge black eye, with the feeling that our software “doesn’t work”. We went back to the drawing board on this issue and made some core changes to our engine. We are no able to, without sacrificing security, evaluate and track these correctly. You should see a huge decrease in “the whitelists don’t work” complaints as long as the senders are using RFC compliant BATV address. We wrote the code based on this, so if their sender’s mail providers did not follow the guidelines there may be a handful of issues literally.

This does NOT affect SART addressing though, which is used for newsletters only and they’re formatted a bit differently. But your clients can rest assured that folks behind bounce address protection are being safely whitelisted now. Next week I’ll touch on another biggie. Thread whitelisting.

Carlos Lascano
VP Support Services, ExchangeDefender
carlos@ownwebnow.com
(877) 546-0316 x737