ExchangeDefender

The most profitable ExchangeDefender solutions for 2021 will certainly not surprise you. Most of us have had to change how we work, and where we work from, because of the covid-19 pandemic. These special circumstances have caused an increase in demand for some IT solutions over others. Our recent survey data shows that our top three most profitable solutions this year focus on data security, and business continuity.

ExchangeDefender PRO

ExchangeDefender PRO is our pride and joy of our entire service portfolio. It provides clients with advanced email security that protects their organization. ExchangeDefender PRO is compatible with all major email service providers, including Outlook and G-suite for business. Email-borne threats like SPAM, viruses, malware, phishing, spoofing, and more are prevented by our all-in-one email protection. 70% of our partners this year have indicated that selling email security features, like SPAM filtering, and Anti-Virus has made their IT business profitable.

Corporate Encryption

Keeping company, and client data safe has become the forefront of security solutions this year. Hackers are on the rise, and the need to secure information is more critical now than ever. ExchangeDefender Corporate Encryption is the second best-selling solution in our service portfolio this year. Encryption enables businesses to encrypt emails simply, and share documents safely from a secure portal, or inside of Outlook with a one-click encrypt option. A whopping 83% of our partners noted in the survey that they are currently selling ExchangeDefender Encryption, or have recently added the service to their MSP business.

Live Archive

Our rising star, Live Archive has been voted ‘rookie of the year’ for its email continuity benefits. ExchangeDefender Live Archive provides organizations with email outage protection, the ability to send and receive email during a service outage. The market demand has skyrocketed for businesses that require that company email be available at all times. The continuity solution is always on, provides real-time archiving, and includes up to one year of rolling storage. Partners took advantage of the high demand, and saw an increase of new clients ready to pay for the ability to prevent email outages as they work from home. The shocking low price for the service made it a no-brainer for businesses who need to keep their organization sending and receiving email without interruption.

As you have noticed, DMARC is quickly becoming a requirement for reliable email delivery. On November 1st, 2021 the ExchangeDefender network will only relay and support domain names in compliance with DMARC requirements. These standards help address the risk of having the domain hijacked, used in a phishing campaign, and destroyed sender reputation.

The process takes less than 5 minutes (it’s just two DNS records) and it will make sure your mail doesn’t bounce or end up in Junk.

If you know what you’re doing, here is a quick guide:
https://www.exchangedefender.com/docs/dmarc

If you would like us to do it for you, please submit your request:
https://www.exchangedefender.com/security-lockdown

For more info, please see below:

Blog: ExchangeDefender Security Compliance

Webinar: New Email Authorization Standards (20 min)

P.S. Now would also be a great time to review your user accounts and confirm everything is correct. After November 1st, we will only be able to relay mail for known users and domains that pass DMARC (SPF + DKIM) validation.

ExchangeDefender is helping our clients and partners comply with email validation & authorization requirements. DMARC (SPF + DKIM) help prevent unauthorized hijacking/spoofing of your domain name and are used by email services to separate legitimate email from SPAM.

We’ll offer assistance for SPF + DKIM

In order to assure reliable email delivery, ExchangeDefender is offering assistance with SPF + DKIM rollout from September 20th through October 20th. All domains must be brought to compliance by October 30th, 2021 in order to continue relaying mail through ExchangeDefender. We’ll even do it for you, for free.

For more information on our new email security standards, please see our DMARC webinar, and read our DMARC guide.

Every domain that uses ExchangeDefender to send or receive email is required to update their SPF and DKIM records. Failure to comply will result in having your email bounced.

How to get started:

Step 1: Contact your DNS Administrator

You will need to contact your DNS administrator or DNS hosting provider to create the following DNS records:

SPF Record
DNS Record Type: TXT
DNS Record Value: “v=spf1 include:proxy.exchangedefender.com -all”DKIM Record
DNS Record Type: TXT
DNS Record Hostname: default._domainkey
DNS Record Value: “v=DKIM1; k=rsa; s=email;  p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkMvl3dS3g9XbhxtD16tSx/l+s0cxVv73/NCHywH2HFED61k+orBj4QY96FJcUD7MOwmwjC7Igtz5P9fVOLFoMr+d8g8c5J5OIA8Xj2ap4jsEnSF3rRrCNJDxojPvtGA1+ENwGpheHtniZG/fgVguDL+M1zXNRsYTybzKwU49tmP4RyIFIC8NEV7jqrGSVWpQSXc12JlvmLQX1J5tdnWvTR7/NGOzyth0rYP1STKj1hHU9ZVN+x8VFiumlPdpDQBMn5Bzu/Cs6pzrSHJqGBcVer4mccpnCOX9bG3sR7wU6nDIv3rvwIlfBymylcZruJvjsXZAZaameUBpgGgmibpkwIDAQAB”

Step 2: Validate your DNS records

After the DNS records are published please validate them using public tools like MX Toolbox (https://mxtoolbox.com/SuperTool.aspx) or DMARC Analyzer (https://www.dmarcanalyzer.com/dkim/dkim-checker/). Until your DNS records validate, you are not in compliance and will have issues with email delivery.

Step 3: Turn on DKIM signing

After your DNS records have been published and validated, you will need to turn on DKIM signing. Go to https://admin.exchangedefender.com, login as Domain Administrator and go to Mail Flow -> DKIM Signature.

Finally, click on Accounts and confirm that all your email addresses are listed and associated with appropriate users.


We’d love to help, if you’d like us to take care of this for you free of charge please fill out this form:
https://www.exchangedefender.com/security-lockdown

email authorization webinar

Welcome to 2021: Comply with the industry security standards or your mail gets bounced.

Believe it or not, that’s the best case scenario: When you actually know your email wasn’t delivered.

Most of the time, though, your sender reputation is scored by internal/proprietary lists and the message is just moved to trash. Worst case scenarios – where hackers are using your domain and email address as impersonations (to launch attacks) or to fool internal employees.

ExchangeDefender has always provided technology and policies to help manage this, but few of our partners have fully adopted it. We have been seeing an escalation in attacks over the past year and it’s only a matter until these security gaps are exploited.

We don’t want to see that happen to you. It is important enough that we are willing to help tighten your security and deploy auth protocols on your behalf, free of charge. Only catch is, it has to be completed by October 31st, 2021.

Too good to be true? Tune into our webinar next Thursday to get the specifics about what needs to be done and how. We will be covering:

– Best practices for email deliverability
– Required DNS records for SPF & DKIM
– Review of domain security policies
– Email delivery troubleshooting

Please register for the webinar:

XD Security Standards Compliance
Thursday, September 16, 2021 (Noon EST)
https://attendee.gotowebinar.com/register/3868159289922543632

We cannot overstate the importance of getting this done. ExchangeDefender (and practically everyone else) will no longer relay mail beyond 2021 without valid email authorization DNS records in place. Don’t wait until December and face expensive consulting contracts, we can handle this for free now and it will take less than 10 minutes of your time. That is how committed we are to keeping you secure and your email arriving where you send it, in the Inbox, every time.

P.S. We strongly encourage you to attend the webinar live so you can ask questions. As DNS is not something we host/offer please keep in mind that our support team will not assist or troubleshoot DNS issues for you.

ExchangeDefender discusses latest new releases for mid year 2021.

This summer has been hot for ExchangeDefender, like really hot. Yes, we do live in sunny Orlando, but we’re raving about our newest releases. We have been focusing on making processes easier for both our partners and our clients. “Keep it simple, stupid.”, has been our motto and we hope that our new releases are a reflection of that mantra. The uncertainty and added stress that the pandemic has caused, is what inspired us to look inside of our company, how we offer our services, and support.

We created a Desktop SPAM manager.

To be fair, we created a desktop application to manage your SPAM about ten years ago. We retired it, and decided that we needed to design a new and improved management system. The ExchangeDefender Desktop SPAM Manager is a multi-platform app that works well with Windows, Mac, and Linux. It is designed to provide users SPAM notifications. The manager lets you know when there is SPAM waiting, and allows users a secure way to access, read, reply, and forward messages. Interested in getting desktop notifications? Please open a ticket at https://support.exchangedefender.com, and we’ll send you a link!

We added Starter kits to our Marketing Collateral.

Did you know that we have a special section on our website for Marketing collateral? (www.exchangedefender.com/marketing) This page features a collection of sales support tools to help our partners sell ExchangeDefender services. We recently designed Starter Kits that provide useful information on our solutions. Whether you are a new partner, or a veteran – Starter Kits contain valuable material that can be shared with prospective clients. If you are an active partner, marketing collateral is available to you for free. You can even get your sales documentation branded with your logo. Simply visit the Marketing page, and submit your request.

We were featured on CBS, FOX, and NBC news.

Recently, ExchangeDefender was showcased on several U.S news outlets for the surge of new partnerships we are experiencing. We believe that the rise of popularity for our partner program has been due to the Covid-19 pandemic. Managed Service Providers, like most other businesses, are searching for ways to lower their costs, and boost their service offerings. Our partner program is free, and has always been free with the confidence that our clients would be able to focus on building their business. ExchangeDefender hopes to build meaningful relationships with MSPs who are seeking to build their business, while keeping IT costs down. To read more about our latest news coverage, please click here.

Yes – it’s true! ExchangeDefender has recently been featured on several U.S news outlets on the surge of new partners we’ve been experiencing since the covid-19 pandemic. Discover what was showcased below, and to experience the actual news coverage, please click here.

Cybersecurity firm, ExchangeDefender gets surge of new partners

Managed Service Providers seek to lower costs, and broaden IT service offerings

ORLANDO, FLORIDA, UNITED STATES, July 14, 2021 /EINPresswire.com/ — Orlando-based cybersecurity firm, ExchangeDefender has been experiencing a surge of new partnerships with Managed Service Providers (MSPs) across the United States. The security company has been servicing clients via channel partners for 22 years, and currently empowers 3,000+ partners worldwide. The ExchangeDefender partner program is unique in the competitive IT industry because it is absolutely free – there are no sign-up fees, or licensing fees for qualifying MSPs.

The rapid increase of MSPs comes as a result of the firm’s no-money down partner program that boasts award-winning cloud technologies in security, compliance, and business continuity. Managed service providers are able to apply for the partner program within minutes, get approved within 24 hours, and get full access to ExchangeDefender solutions – all with no upfront costs required.

“We knew that getting back to normal business was going to be extremely challenging after COVID, and we wanted ExchangeDefender to be the affordable option for MSPs to be able to lower their costs, while maintaining high quality IT solutions for their clients.” Vlad Mazek, ExchangeDefender CEO

Post-pandemic will prove to be difficult for businesses to regain traction, and profitability. We hope to build meaningful partnerships with MSPs who are looking to grow their business, while minimizing unnecessary IT costs that they normally incur with much larger providers.

About ExchangeDefender

ExchangeDefender is a cybersecurity company headquartered in Orlando, Florida. We specialize in email security, compliance, and business continuity solutions. ExchangeDefender has been providing IT solutions via managed service providers around the world since 1998.


For more information on ExchangeDefender, or to join the ExchangeDefender partner program, please visit our website to apply now!

ExchangeDefender has been providing email security, compliance, and business continuity solutions via Managed Service Providers since 1998. We believe in offering our partners exciting opportunities to build their MSP businesses with IT solutions that are profitable, flexible, and custom to fit their client’s needs.

Build an award-winning service portfolio with no upfront costs.

ExchangeDefender’s cloud technologies are distributed exclusively through our partner channel. Our commitment to your success is at the core of all we do. Joining us means you’ll be able to offer the following IT services instantly:

Advanced Email Security

ExchangeDefender PRO is a multi-layered security suite that protects users against SPAM, viruses, malware, phishing attacks, and more. The email security solution is compatible with all major email service providers – including Office 365, on-premise Exchange, and G-Suite for Business.

Data Encryption

ExchangeDefender Corporate Encryption enables users to send and receive encrypted messages by email, url, or sms. It is easy for organizations to quickly adopt, and also includes advanced real-time reporting with analytics.

Email Archiving and Compliance

ExchangeDefender Compliance Archive provides long-term email archiving, with unlimited tamper-proof encrypted storage. It includes powerful eDiscovery search, and helps organizations achieve email compliance with regulatory requirements established by IRS, FINRA, HIPAA, SOX and SEC.

Email Outage Protection

Yes, that’s right – say goodbye to email outages. Plus, how many other service providers do you know that offer this type of email continuity solution? ExchangeDefender Live Archive enables users to send and receive email during service outages from Outlook and Gmail.

File Sharing with Unlimited Storage

ExchangeDefender Web File Server is a professional file sharing software that offers secure sharing, and management of information. Web file sharing makes it easy for teams to share documents without having to rely on email, or old file servers. Provide your clients with the oversight and security of their most precious asset, their data – for just a few dollars.

Managed Email Hosting

ExchangeDefender empowers our partners to offer a secure full-service email hosting solution using the latest Hosted Exchange. Partners are able to provide clients peace of mind with professional email that is managed, supported, and secured by email experts.


Become an ExchangeDefender partner today!

Membership is free, you can cancel at any time. Enjoy full access to all of our solutions within minutes after being approved! APPLY NOW

We have been working on something cool based on the feedback from our clients. It’s a multi-platform app (Windows, Mac, Linux) that reminds you to check your SPAM, and when you do the message is just one click away – making it just as productive as Outlook & Outlook Web App.

It’s also a lot more secure.

Our portal remains the #1 way clients interact with ExchangeDefender at https://admin.exchangedefender.com. Most people already have it bookmarked. But for those that need a little extra push, a reminder (every 5/15/30/60 minutes) that there is SPAM waiting, a desktop notification, a secure way to access, read/reply/forward/delete the message – for you we have the ExchangeDefender SPAM Manager app:

ExchangeDefender SPAM Manager App

If you have users relying on the legacy ExchangeDefender Quarantine Email Reports, this is it’s new secure version.

We are currently wrapping up beta testing the app across all three platforms, if you’d like to take a look please open a ticket at https://support.exchangedefender.com and we’ll send you the link!

ExchangeDefender is pleased to announce the launch of Advanced Features and Policies, available to all our clients at https://admin.exchangedefender.com. These advanced features are meant to help sophisticated IT personnel establish policies for unique business case scenarios, and better protect their clients from email threats.

Advanced Features & Policies features are available on the Domain Admin section of our administrative portal at https://admin.exchangedefender.com. All features are disabled by default, due to their complexity, and must be enabled by the Domain Admin.

ExchangeDefender Advanced Features & Policies

Note about support: ExchangeDefender technical support is available to assist with these features 24/7/365 at https://support.ExchangeDefender.com. We are always happy to help point our clients in the right direction when considering these features. We do not provide troubleshooting or policy analysis for these features, however, as many of these features will by design enable ExchangeDefender to override established IT security best practices. We don’t recommend them, we do not support them, but as always we will attempt to help out and secure the client.

Features at a glance:

Infected Attachments – This policy enables Domain Administrators to allow users direct access to infected or blocked email attachments.

Charset Blocking – This policy enables Domain Administrators to block emails with specific character sets from reaching the Inbox.

Bulk Mailer Policy – This policy enables Domain Administrators to override ExchangeDefender scanning for top 10 mass mailing networks (AmazonSES, MailChimp, Sendgrid, etc)

Display Name Block – This policy enables Domain Administrators to block messages with specific sender  names from reaching Inbox.

Secure Web Form – This policy enables ExchangeDefender Encryption clients to receive secure/encrypted messages from third parties.

All of these features were developed with the help of our partners and clients who were experiencing unique issues that ExchangeDefender and other cybersecurity solutions/devices do not address. The hackers are advancing faster than IT can cope and we hope some of these features are as helpful to you as they were to other clients of ours that just needed to “make things work” and ExchangeDefender is always easy to reach.

As we continue to build ExchangeDefender we anticipate to introduce more Advanced Settings that would enable Domain Administrators to build a more powerful security wrapper around their email experience. To get more information about these features please watch our last webinar (available at https://support.ExchangeDefender.com) where our CEO explains the motivation and implementation scenarios.

ExchangeDefender is proud to announce the successful rollout of the first phase of our OAUTH implementation across three of our major products: ExchangeDefender Mail Security (Admin Portal), Encryption and WebShare. Originally, our rollout was planned to be a massive shotgun change across all services which would have required users to reset their passwords, but users had to be aware of their current password. In December, we started to log and analyze the entry points users took into the application and found that a majority of users relied on “one-click” login methods like quarantine reports to access their portal and would then jump to other services like Encryption via the “quick links.” Armed with the aggregated analysis, we realized our previous deployment strategy would unfortunately lead to many users being unable to access their services as many users were never aware of their password, thus putting an additional strain on our partners. However, we also know that the current security method was not sustainable for the future.

Enter: Deployment 2.0.

We knew our login system had to be smarter, safer, but also flexible. We knew we needed to rethink a lot of our auxiliary entry points (like quarantine reports) as well as our main entry points to work together in tandem, instead of hard cutovers or independent, one off operations. For example, we needed to continue to allow the legacy password hashing style to be accepted during login, but in-line upgraded to our new hashing algorithm. There were a lot of technical difficulties to overcome as each product maintained its own login page (which many users would save in their browser credential store) and in some instances, had additional security features that do not exist in other products (such as IP restrictions and 2FA in admin, but not encryption or Webshare).

Even more complicated than individual service login logic, some services maintained a list of users who are external entities to the end user’s organization (think Webshare or encryption recipients), and in most cases, these external recipients aren’t in the ExchangeDefender eco system. Ultimately, we decided to allow ExchangeDefender users to continue using each service’s independent login screens for a few weeks before disabling the legacy functionality and hinting to users to click the OAUTH login button “Login with ExchangeDefender” (or even “Login with Google” or “Login with Microsoft” more details below).

Originally, our plan involved redirecting all users to the new login server, which unfortunately would be the Achilles heal of those users who relied on their browser credential store. Ultimately, we landed on a hybrid approach, using the flexibility of using different OAUTH grant styles depending on the application.

The Deployment Timeline

Feb 19th: Activate the new login system for Encryption and Webshare

Feb 21st: Activate the new login system for Admin

Feb 26th: Activate the new centralized navigation headers

Feb 27th: Activate “Login with ExchangeDefender/Google/Microsoft” button to Admin, Encryption and Webshare. Add warning notification to users about the incoming login changes.

Mar 6th: Disable legacy password grant from services, enforce “Login with ExchangeDefender” when a user attempts to login with a username and password on each services page.

Throughout the remaining quarters of 2021, we will continue to integrate the rest of our services into the new login system, including support.ExchangeDefender.com, Compliance Archive, LiveArchive. Time permitted, we also plan on releasing a few tools to improve end user experience such as our Outlook/OWA plugin, built from the ground up to manage quarantine and user whitelists.

New Features to Expect

1 – Integration with Google and Microsoft OAUTH: Users are now able to utilize Google and/or Microsoft as their login provider. Authenticated users will now see buttons to link their Google or Microsoft identity to their ExchangeDefender account. Once linked, users can utilize the “Login with Google” or “Login with Microsoft” buttons instead of inputting their ExchangeDefender credentials to login.

2 – Improved 2FA integration: Users are now able to integrate 2FA applications like Google Authenticator or Authy. To setup 2FA users should login to admin.exchangedefender.com and navigate to the Settings for their account. Please keep in mind that the enforcement of 2FA logins (when enabled by the user) will come with the March 6th deployment. We strongly encourage users to set up 2FA before the full activation of our new login system.

3 – Trusted Devices: Coupled with 2FA, users can elect to mark a device they’re logging in with as a trusted device. Once a device is marked trusted, subsequent logins using the same device will not be prompted for 2FA again for 3 months.

4 – Improved Remember Me: On our login server we improved the remember me functionality to allow users to remain authenticated for 7 days if selected during login.

5 – Login to one, access to all: Users who now login to admin, encryption or webshare will inherently be authenticated to all other services using the new login method. This list will grow as we continue integrating services into the new login system.

6 – Centralized Navigation: Users will see a consistent navigation system across all products utilizing the new login system. More importantly, navigation to other products is streamlined and consistent.

7 – External Integrations: While redesigning the login system, we also elected to start centralizing API endpoints in anticipation of allowing partners and external providers to design their own tools and solutions, backed by ExchangeDefender.