Dear ExchangeDefender Clients, 

As you’ve come to expect from us over more than two decades, we’re open and ready to serve you 24/7. If there is anything we can do for you, please let us know at or just call us at 877-546-0316.

Our Orlando Headquarters has been closed to public since Thursday, March 19th. There is a county-wide curfew in effect starting tonight so we will not be accommodating visitors until further notice. Our data centers will also have restrictions on remote visits.

If you need any troubleshooting or maintenance related to your equipment, we will do our best to assist you, but physical access to assets will not be allowed until further notice.

While we regret that this inconveniences everyone involved, we want to assure you that we’ve got your back during this uncertain time. As Floridians we are accustomed to working remotely and we look forward to being as helpful as we possibly can be.

Please be safe and stay healthy, to keep current on our updates, please follow us on:


In other news, we have an upcoming webinar “ExchangeDefender Solutions Redefined” approaching on Tuesday, March 31st at 12:00 PM. Please join us to learn more about the new changes and expansions in our service portfolio. Register, click here.

ExchangeDefender to update White-listing Protocols

We’re making massive changes to ExchangeDefender whitelisting policies that will make it easier (and safer) to allow trusted senders to bypass our SPAM filtering processes.

For 90% of you, this will just make whitelisting smoother and you don’t need to worry about the details.

For our system administrators and users who have grown infuriated with BATS (disposable email addresses) whitelisting, you’ll be thrilled to hear that we’ve launched a new white-listing service a few weeks ago that has been performing well enough in beta tests and will go into full production this week. The main issue we solved with the new technology is the management of bulk senders, but performance improvements alone and new features will be worth a look and full demonstration will be made during our next webinar.

The biggest problem with whitelisting, and an opening of an attack vector, is the prevalent use of BATS addresses. BAT, basic attention token, has become a standard tracking email address technology used by mass mail (bulk) senders. For example, the email address that the message was sent from appears to be: Vlad Mazek

However, that is often not the actual address – it’s just the pretty, friendly, display address that Outlook shows you. If you open the message, the message is usually from something like

New ExchangeDefender whitelisting service will step in and ask the sender to instead whitelist the domain itself, in this case or even wider. This setting will be on by default.

We will also be introducing gateway whitelisting for our enterprise and Pro clients, which will allow you to whitelist common bulk mail organizations entirely. While we do not recommend it, we understand that for some organizations it’s easier to just whitelist all mail sent by Sendgrid, AmazonSES, Constant Contact, etc than to constantly evaluate which ones to permit on a case by case basis. This setting will be off by default.

Another often requested feature, that is tied to the launch of the new Whitelisting code, is the ability to provide one-click access to report and manage white-list entries. Every user that enables this feature is doing so to better control their blacklists, and this setting will be off by default. When turned on, all received messages will have a footer in the message allowing the user to launch a complaint when something that looks like SPAM has been allowed through. The footer will only be visible on inbound messages and all tracking code will be deleted in replies, forwards, or messages sent from ExchangeDefender to the Internet.

We are rolling in a few more features that will be announced during our next webinar in March. If there is something you’d really love to see, please let us know, all these features are based on user requests so keep them coming!

Email is the most common security threat for all organizations, with 88% of companies suffering a data breach due to lack of proper email security protocols.

Email-based attacks affect the entire organization, not just the single user who clicked on the malicious link, or downloaded the virus-infected attachment. It takes just one harmful email to get past your defenses to cause critical damage throughout your organization. 

What does Advanced Email Security mean for us?

ExchangeDefender Advanced Email Security provides the most secure email suite that protects against SPAM, viruses, malware, and phishing attacks. Compatible with all major email service providers – including Office 365, on-premise Exchange, and G-Suite for Business.

Our solution: ExchangeDefender Advanced Threat Protection

The Advanced Threat Protection helps defend users against threats hidden in emails, attachments, and links. It goes beyond the average business email protection; we even dare to say its stronger than Microsoft’s Advanced Threat Protection. See how we compare with their ATP, hint: we offer more security features than ever.

Our Top ATP Features:

Malicious Attachment Blocking

Protects against unknown malware and viruses, and provides zero-day protection to safeguard your messaging system.

Safe Links

Proactively protects your users from malicious URLs in an email message.

Anti-Phishing Policies

Checks incoming messages for indicators that a message might be a phishing attempt.

Real-time Reporting:

Real-time reporting that enable your security and compliance administrators to focus on high-priority issues, such as security attacks or increased suspicious activity.

Whitelist / Blacklist Policies

Email access control mechanism that allows email senders through, except for senders who have been denied access.

DMARC Domain Fraud Prevention

Protects your brand and the people who trust it from suspicious and infringing domains.

Click here to see full features

The powerful email security suite offers a multi-level protection against email-borne attacks, and also includes advanced threat protection features like Malicious Attachment Blocking, Anti-Phishing Policies, and Domain Fraud Prevention. 

Learn more: Advanced Threat Protection

What is Phishing?

In recent years, spear phishing attacks have been on the rise, and have costed American businesses millions of dollars per year in time and resources.

Phishing is a fraudulent attempt via email to obtain sensitive information like username, passwords and credit card details. This type of attack is tricky because the phishing email appears to be from a trustworthy entity like Netflix, or Apple for example.

Furthermore, the phishing email typically has a call to action, and directs the user to a website via a link within the email. This website then asks the user to update personal information – and boom, your information now is in the hands of hackers.  

According to a recent study by Verizon (2019), over 80% of security compromises start with a spear phishing email. ExchangeDefender can help you eliminate spear phishing threats or just provide notifications to your users when they get tricked into clicking on a link leading somewhere dangerous.

The solution: ExchangeDefender Spear Phishing Protection

ExchangeDefender provides the most sophisticated and most comprehensive real-time protection from email phishing threats through ExchangeDefender Phishing Firewall, External Sender flagging, real-time databases of safe and dangerous sites, and flexible phishing content handling policies.

The Basics:

1. ExchangeDefender’s phishing protection works on every device that is wifi-enabled with the ability to receive email.

2. There is no download or installation required for the security feature.

3. Our email spear phishing protection enables you to whitelist and blacklist email addresses and domains.

Spear Phishing Protection Highlights:

Phishing Firewall

ExchangeDefender rewrites the URL of links in HTML emails and redirects you through our cloud filtering service that can alert or block threats you may inadvertently click on. (Learn More)

Flag External Emails

ExchangeDefender modifies the subject of messages received from outside of your organization, so nobody can ever mistake a message from external source or a coworker. ([EXTERNAL])

Blacklist / Whitelist

ExchangeDefender Phishing Firewall allows organizations, domains, groups, and users to maintain a list of safe and dangerous web sites, to which traffic should be allowed to pass or be blocked.

To learn more about ExchangeDefender’s Email Phishing protection and how it works, click here.

You can also explore our advanced email security suite that includes phishing protection, and so much more!

ExchangeDefender Live Archive provides organizations with email outage protection.

ExchangeDefender’s Live Archive solution offers uninterrupted access to live and archive email via the cloud. It enables organizations to access their email even when service disruptions occur, without customers knowing that there is an internal outage in progress.

The basics of Live Archive:

It’s Always On, and Running
Always have access to your email even during service interruptions.

It is Easy to Setup
Get up and running in minutes, there is no training required.

No Downloads Required
No software installations, no manual switches, and does not require management or maintenance.

It’s mobile friendly
Enjoy 24/7 access to your emails no matter where you go.

Live Archive is an enterprise-grade email continuity service that lets you resume work after a service interruption, or other technical malfunction.

Powered by our custom solutions in multiple data centers, LiveArchive delivers a vigorous and resourceful solution that is secure, and reliable! The best part of all is that – LiveArchive is always-on, constantly archiving your sent and received mail for up to one year. No maintenance or management to worry about in case of an outage. LiveArchive is continuously uploading your mail whether your system is up or not.

Live Archive Top Features:

Secure Servers

We offer email continuity using our secure standby servers to archive emails instantly.

Real Time Archiving

Live Archive is always on records emails in instantly powered by our mail systems with data center redundancy.

One Year Storage

Receive up to 1 year of inbound and outbound mail accessible via our LiveArchive website. If you’re looking for long-term storage for email compliance, see compliance archiving.

Active Sync

It allows for you to sync your contacts, calendars, appointments and everything else in Outlook. And gives you the option to search and manage those items.

So, How Does Live Archive Work?

It’s as simple as typing in, or and logging on to your account using your credentials. You are able to send, receive, forward and search, any of the mail that you need which we have rescued for you. Our inbound and outbound servers are simply an in-between step to your email being sent; as it is going to and from your mailbox, your correspondence is being saved in our servers for you later.

The ExchangeDefender 2020 webinar was a success with partners tuning in to hear about new services arriving this year, click here to watch video.

ExchangeDefender’s CEO, Vlad Mazek hosted the recent talk in which he revealed to partners, the future of ExchangeDefender in 2020 when it came to its technologies and its client support services.

According to the webinar, there are five major areas of focus in which the company would like to strive for better this year, to include:

  1. ExchangeDefender would like to be the best when it comes to overall email security

    a. Clients are already aware of the true value of ExchangeDefender being at the top of its class within the IT industry for advanced email security.
    b. Our company will be investing more resources into developing even stronger security solutions with advanced security protocols to defend against tomorrow’s threats.
    c. We will be investing time into educating users on how to protect their data.

  2. Short circuit the problem escalation and resolution process

    a. ExchangeDefender is looking to improve the troubleshooting capabilities within the support portal to encourage self-service.
    b. Our company will also improve the resolution time by enabling users the ability to fix common email errors.
    c. On the backend, the developers are designing NEW ways to increase proactive monitoring, and reporting to identify issues before they become a problem.

  3. Re-structuring ExchangeDefender service offerings so that they make business sense.

    a. 2020 will usher in a new way to deliver our service offerings with the introduction of XD Service Plans.
    b. XD service plans were designed from our current client base, and the services that they are currently subscribed to with ExchangeDefender.
    c. These plans range from Email Security, Email Archiving, to a full Email Resilience suite that includes a curated selection of our top solutions.

  4. Be more available and responsive to quick questions and real-time millennial-talk

    a. ExchangeDefender realizes that although we have some of the fastest response times in the industry, there is always room for improvement.
    b. Summer 2020 is the expected release of the live support chat platform that is accessible inside of the portal where users experience problems
    c. We will also see a smart integration of XD support with partner notifications and escalations.

  5. Offer enhanced services and support for pain point items/services

    a. Generally, our company would like to become stronger in identifying pain points for our users both in our products, and with our support.
    b. To relieve these pain points, XD is looking to invest time and resources into creating a proper Knowledgebase / Documentation area that is segmented by the time of user – SP, Admins, and End users.

On Wednesday, November 13th, I got the pleasure of introducing our partners and clients to several new services from ExchangeDefender:

– New ExchangeDefender UI for users
– New Wrkoo Calendar and Appointment Booking feature
– New Postmaster support service for Exchange/ExchangeDefender Pro

Our development team has been working like crazy to bring all these features to our clients and we’ve had a ton of beta testers enjoying both solutions for weeks with no major problems (but lot’s of feature requests that we look forward to adding to the product).

ExchangeDefender UI / UX Upgrade

Our current strategy is to make sure the ExchangeDefender service enters 2020 with the brand new UI across all login levels and services. All these new services are coming with improved security, more functionality, and are significantly faster.

Wrkoo Calendar & Appointment Booking

Our strategy of rolling some Wrkoo features to the ExchangeDefender client base continues with our calendar module. In addition to the Password Vault, which is also available free of charge to our ExchangeDefender Pro clients, Calendar and Appointment Booking modules will be available for free as they are key to our strategy of offering a full groupware solution by January 2020.

The calendaring option adds everything you’d expect from a modern calendar and appointment sharing application, but built for groups and businesses. A public appointment setting site is integrated, allowing web site visitors to request an appointment after seeing the available schedule – with Wrkoo handling all the collisions, registering users, setting up meetings and free/busy status.

In terms of scope, this is the largest non-ExchangeDefender to date and a requirement for our new groupware service. In terms of feature set and functionality, it significantly exceeds what is currently available.

Postmaster Support

ExchangeDefender has spent 2019 improving support and troubleshooting automation which has resulted in savings of thousands of hours and support requests. We’re stepping it up even further with a concierge service to help with message tracking, NDRs, and DNS-related email delivery problems.

The new site will help users automatically detect common problems with their setup or configuration. After collecting basic information, it will then be assigned to a case manager that can effectively work with sender, recipient, and other interested parties to resolve the problem.

In conclusion

Take a moment to watch the webinar. There is so much context and background to our strategy.

As this is our last webinar for 2019, I wanted to personally thank you for all your business and your trust. We have worked like crazy this year to get these features to you before 2020 and in our opinion we are light years ahead of where we were at this time last year. I’m sure you can tell from the excitement in my voice that we believe these new features will be significant game changers for our partners and clients and we’ll continue working on developing solutions to the continuing challenges in security and in productivity.

Vlad Mazek

Everyone on record by December 31st, 2019 will be grandfathered into the service.

You’ve got 45 more days to sign up for ExchangeDefender Essentials and Exchange Hosting Essentials in their current form with all the current benefits and features.

In 2020, we will start offering a new Essentials service that is more competitive with the entry level offerings from Microsoft, Google, etc.

New accounts will not be compatible with Office 365, Gmail, or other cloud based email services, a territory that ExchangeDefender Pro is far better suited for.

The service will be slightly more affordable but will no longer have options to add on Encryption, Web File Sharing, LiveArchive, Compliance Archive, corporate & MSP branding, and other enterprise-ish features. If these features are important to you and you have open leads, please make sure the orders are placed by Christmas.

Between the lines:

ExchangeDefender Essentials line has had a great run but over the past two years we’ve noticed a trend – clients are either going for the cheapest option, or they are signing up for all the bells and whistles that come with the Exchange and ExchangeDefender Pro line of services. The original intent behind Essentials was to create a “make it your own” version where companies that didn’t need Encryption or LiveArchive could save a few bucks and get an enterprise product that scaled with the organization as it’s demands grew.

We’re hoping that announcing the phasing out of the current licensing will give existing leads an incentive to get signed up and grandfather in the features at a discount.

ExchangeDefender has been seeing an elevated amount of malware originating from hacked Exim mail servers. While we tend to score those messages higher by default to keep our clients protected, one of our clients discovered a scenario in which a user could get a dangerous payload through our scanners (requires multiple manual steps and a sophisticated recipient with imaging software willing to go through multiple hoops). Which this is exceptionally unlikely, we wanted to address a few of the topics anyhow.

1. CIOs, MSPs, and Domain Administrators can manage attachment policies

If you go to and login as the Domain Administrator, you can manage attachment policies under Configuration > Attachments. You can find more about ExchangeDefender configuration at

2. We do not deep-scan file system images (.iso/.img)

As a policy we do not deep scan .iso or .img file system images. The files themselves are scanned for both malware, viruses, and other parameters (for example, if someone renames a .exe to .img, or embeds malware in one we will still filter it out) but we will not mount file system images and go through each file inside. This is not a popular attack vector (requires multiple actions by the user and most will require Administrative access and specialized software) but it is technically possible.

3. You should implicitly distrust anyone on hacked Exim servers

ExchangeDefender cannot globally block Exim servers (because there is always going to be that one “business case scenario!!! we cannot block our $2 cPanel VPS!”) but if you can possibly block them – by all means do. While this is generally not necessary (ExchangeDefender maintains a proprietary list of pwn3d Exim servers and routinely moves them to SPAM or SureSPAM), it’s a good idea not to accept any mail from these servers at all.

4. You should implicitly junk SPF failures

Same as #3, it’s a really good idea if you have the luxury of not dealing with people that shouldn’t be running an email server. ExchangeDefender tracks SPF failures and notes them in the headers that can be used to aggressively filter out messages sent out from invalid ranges. Just look for a “Received-SPF: softfail” in the message headers.

Received-SPF: softfail ( domain of transitioning does not designate as permitted sender)

What this means is that the organization has designated an IP range that legitimately relays messages, and this message came from an IP address outside of that range. 99.99999% of the time it’s a spammer. 0.00001% of the time it’s just a poorly configured server. It’s your choice to assess the risk and implement this if possible and we recommend it.

Finally, if you are actively monitoring security and communicating with your clients, we do manage a NOC site that logs major issues at If you’re one of our MSP or enterprise clients, you also have a branded version of this software free of charge at that you can attach your domain name to and offer these alerts to your clients without copying and pasting around.We hope this helps and we appreciate your trust in keeping you safe online.

For more information, please see our ExchangeDefender Guide for Domain.

Last week we launched our new UI framework that will soon drive the primary user experience for all ExchangeDefender applications. The admin portal as a series of web pages that post to one another and remain in constant state of refresh is a thing of the past.

The new user interface is meant to deliver the full power of ExchangeDefender through a browser no matter what device you’re on. To say the new UI has been a hit would be a massive understatement. What we’ve heard the most is: “I love it, but…” and this post is here to give you a little tease about what is coming up next.

Saved, customized views

There are power users that want every bit of data and then there are basic users that are just trying to find a message – and we’ve gotten feedback from both. Good news, everyone will be happy with the addition of customized views:

The new SPAM quarantine interface will soon give you the ability to display only the columns you want, show you messages you’ve previously released, as well as showing you only the new messages. Everyone has a preference, and once you set it ExchangeDefender will remember it. Next time you come to the quarantine view, your settings will be automatically saved.

Send emails without having email open

We’ve covered the details of the product road map in our previous webinar but to put it succinctly, not everyone in the organization needs a full 50GB mailbox, and most people rarely use more than 10% of their Outlook – definitely not something worth $180/year. When we designed the new UI we did so with full confidence that one day soon ExchangeDefender will entirely replace fat client apps, and here is a little preview of that: you can now send messages directly from ExchangeDefender:

This “Send Mail” and “Send Encrypted Email” (for ExchangeDefender Encryption subscribers) shortcut will be available across the entire service because virtually every interaction ends up in a creation of something – an email response, a task (Hello Wrkoo!), a ticket, maybe even a calendar appointment – ExchangeDefender will be streamlining all of that and don’t worry, a copy of the message will be delivered to your mail server for compliance reasons.

Respond to email in real-time

One of the advantages you get with ExchangeDefender is the embedded phishing protection and security – things that would be designed to attack your Outlook or Gmail for example – will not be active in ExchangeDefender and will keep you safer by default. So if you got a sketchy message and you aren’t sure if it’s legitimate – or you no longer want the message sitting in your mailbox — you can reply directly from the ExchangeDefender message view.

You can also forward and print the message as well, eliminating the need to release or trust a sender that may not be reputable.

Goodbye tabs & sites

We want you to do what you have to do, but faster and without a ton of open tabs. The new Dashboard look is still evolving but here is a sneak peek:

The idea is to present everything you may want to see as far as your activity and the service metrics, but not forgetting what you actually come to ExchangeDefender to do – to communicate and collaborate securely. With that in mind, we’re adding “action tiles” throughout our services that highlight the most popular feature or two. If this was your first time using ExchangeDefender, what would you likely want to do? Check SPAM? Send an Encrypted message? Share a document library? Go through your archives or rely on business continuity because your server or email cloud went down?

We’ve got you covered.

P.S. 100% of these features have come to us by the means of the Feedback link from awesome users such as yourself. We’re a little different in the way we design software, Steve Jobs is long gone and we like to rely on our users and respond to the way you work rather than dictate how you should work.  So please, tell us what more we can do and our marketing team will make a pitch to the product teams on your behalf.  

Join us 11/13 for our New UI Upgrades & New Features webinar. Get exclusive access to the full design and functionality of the new admin user interface – register here: