ExchangeDefender

We often get asked, “My email never got to the recipient or it ended up in their Junk/SPAM, how can I fix that?”

There are some MUST and some nice-to-have modifications you need to make to your organization and mail client (Outlook) to give your email the best chance of getting to your Inbox.

Your first step should be to look at Mail Log and Mail Error Log guide. These facilities will show you the actual error (or acceptance/message tracking you can provide to the recipient to determine the issue).

Must Haves
———-
The following features are required if you intend to send an email
on the Internet in 2023 and beyond:

1. SPF Record

You should deploy a restrictive SPF record that only includes organizations you send mail from. Make sure it ends in -all. This prevents spoofing.


2. DKIM Record

You should deploy a DKIM record, this indicates the message went through the appropriate network and has not been tampered with.


3. DMARC Record

You should deploy a DMARC record and review any rejections/problems. This is “a canary in the coal mine” that will alert you when there is an issue.


4. No External Forwards

You need to disable/remove external mail forwarding (user@ your domain forwarding mail to someone@gmail.com) and close any open relays/issues and any autoresponders/bouncers.

Nice to have
————
The following features are nice to have and will help you improve delivery.
This is a lot for smaller providers but it’s something we offer to our managed clients.

1. Separate marketing domain

DO NOT use your domain at Constant Contact, Mailchimp, etc, and also with your M365/Gmail services. Most email security providers will identify and treat the entire domain as bulk mail. Create a separate marketing/alerting domain if you send automated emails.

2. Simplify your email

Remove disclaimers, signature pictures, tracking pixels, and signature providers – if your email looks like a website it’s going to Junk. This is the least popular suggestion but if you want your email to get there drop the links and pictures.

3. Trim the thread

When replying or forwarding, delete all but the last part of the message. Each image, icon, and embedded element in the message increases the count and the likelihood that your message is SPAM.

4. No large pictures

All email security solutions look at the % of the message that is image vs. text. If you send a oneliner with a large image, it might end up in junk.

Lastly, simply ask your frequent contacts to add you to their allowed/trusted senders. This helps bypass any errors or problems with email security (which do happen!) on the receiving side but it does take some effort. When we sign up someone new they get a separate plain-text email asking them to either add the sender to allow list or forward the request to their admin (allow 174.136.31.16/28 and 207.210.228.192/28)

If none of this works, you have something that no other email provider
features – https://bypass.exchangedefender.com – try it today, helps with email
sending and receiving problems.


Modern email delivery has become complex in order to eliminate scams and minimize the impact of cyber threats. Unfortunately, those complexities can impact mail delivery: “I sent them an email and they never got it!!!”

First point the user to https://bypass.exchangedefender.com service that’s included with ExchangeDefender. Our users love it because they don’t have to wait on the tech issue to get sorted, they can send the mail right away (and it tends to have a far better delivery success rate because we strip everything that typically trips up SPAM and security filters).

Second, find the problem in the mail and error logs.

You can of course use our interactive mail log (tracing) search to locate the message and see where the problem may be. For larger tenants, we recommend downloading the logs so you can go through them faster on your PC:

ExchangeDefender can help identify the issue through our detailed Raw SMTP logs and Mail Error logs

Log access gives you raw access to everything we have on our backend but you get it faster (as our support doesn’t have access to your data including logs, and getting the access approved internally takes time).

If log analytics isn’t your thing please contact us about the ExchangeDefender Managed Service where you’ll have your own postmaster managing all these issues for you (service must be enrolled before requesting support).

Email delivery problems can be complex and at times out of your control. This is why we always first recommend going to bypass.exchangedefender.com (and ExchangeDefender Inbox) so you can actually do your work. After that, grab the logs and see what the problem is. As always, we’re happy to help!


Now and then Microsoft Defender will encounter something potentially dangerous when it’s processing your browsing activity. Most of the time it is just the URL of a site they’ve blacklisted.

Enter ExchangeDefender Phishing Firewall. We rewrite every URL going through our service to give our users an extra layer of security and prevent malware and phishing. If you’ve seen the xdref.com links in your email, that’s US keeping you from accidentally clicking on a legitimate link and getting a zero-day exploit compromising your PC. Well, Microsoft Defender looks at the same link and its contents and can flag an entire URL of your phishing firewall. Then you end up seeing this:

How do I get this resolved?

Since this URL is exclusively used by you and your clients, make sure you’re using ExchangeDefender Outbound Service to route outbound mail (our outbound service strips all the xdref.com URLs).

Next, please report the problem with the URL to Microsoft at this location:

https://security.microsoft.com/reportsubmission?viewid=url

How do I fix it?

There are two ways to solve this problem within your tenant at Microsoft 365. The fastest way is with PowerShell:

New-TenantAllowBlockListItems -ListType Url -Allow -Entries ~xdref.com~ -NoExpiration

The more user-friendly way to allow the URL is through the Microsoft Defender Portal at the following URL (make sure you’re logged in first):

https://security.microsoft.com/tenantAllowBlockList

Microsoft tends to move its security components around a lot so if the URL changes login to the Microsoft 365 Defender Portal and go to: Policies & Rules> Threat Policies > Rules section > Tenant Allow/Block Lists.

To learn more about Microsoft Defender and how to manage its security policies on this topic please see the following KB article.

Tip: ExchangeDefender recommends executing this process when the client is onboarded, but it will work at any time.


We’ve set the email world on fire with ExchangeDefender Inbox, it is officially our most popular service. Hardly a surprise, given how it saves people $ on IT and email at a time when almost everyone is looking to make the most out of their budget. Or as one of our clients put it:

“This Inbox business is giving me a second life for Christmas – I’ve contacted everyone that said no to Office365 in the past year and I’m winning them!”

IT Tech Consulting

With that in mind, here are top 5 ways to illustrate how ExchangeDefender Inbox is a great way to control IT costs

Low cost

It’s a no brainer, $3 for Inbox with ExchangeDefender security included is a lot less than the average $20+ most M365 clients are spending.

No “up front” pre payment

Almost everyone quotes a low monthly price – but only if you pay up front, for 12 months, right now. ExchangeDefender Inbox is a month-to-month service and you can cancel it at any time.

No additional software licensing $$$

With big business email comes big business spending since big platforms come with poor security, no backups (read the TOS/AUP people!), and management UI + tools change all the time. With ExchangeDefender Inbox your only external cost is your annual domain registration.

Lower support & deployment costs

ExchangeDefender Inbox integrates with your existing infrastructure so there is no DNS work, no onboarding, no extensive training. You’ll never have to deal with permissions, distribution group memberships, Public Folders issues – not to mention that power users are largely going to more powerful cloud offerings for cloud and collaboration so why are you spending your IT budget in a slow 90s app?

No client software licensing costs

You won’t have to go to the app store for us nor do you need an entire office suite for retail, manufacturing, farm, students, or any role that comes with an iPad. Just open the default mail app that comes for free on your device, enter your credentials, and you’re done!


Fun fact

We’re not even half way through December and you’ve made ExchangeDefender Inbox our #1 service. We cannot thank you enough for that and we hope you’re excited about the roadmap we shared in our recent webinar.

Now is the time to talk to your clients about ExchangeDefender Inbox. If the IT budget is tight, we’re the solution you need to talk about right now. Don’t be surprised you’re not getting much interest for expensive email – everyone is pitching it and clients have already said no to it for a myriad of reasons. For those that are looking to get lean, to be more secure while spending far less, Inbox is the way.

Looking for marketing collateral? Great! (Download the brochure) for Inbox today!

Recently we blogged about ExchangeDefender Project: Inbox and we got a good amount of interest in the beta and just as many questions. We wanted to address the biggest one: What’s the difference between LiveArchive and this Inbox.

Pictured: ExchangeDefender Inbox inside the admin portal on a laptop.

The biggest difference is that Inbox is intended to be used as a primary user mailbox, while LiveArchive is meant as a failover for a user whose mailbox is elsewhere (Exchange, M365, Gmail, etc)

Vlad Mazek, CEO of ExchangeDefender

LiveArchive is a great service to rely on when something goes wrong – Inbox on the other hand is meant to be used all the time. LiveArchive is solely a web mail service – Inbox enables you to connect Outlook or mobile devices to it. LiveArchive is a separate web service to which users usually forget credentials or only login when things go down – Inbox is integrated in the admin app and is accessible one click away from the SPAM Quarantines that our users access daily.

They are both great solutions to different IT challenges: LiveArchive for when things go wrong, Inbox for everyday email use. Inbox has one other massive advantage to it that we’ll announce later this fall.

We expect to offer both with ExchangeDefender Pro to reduce support traffic (clients mail tracking requests caused by mail server issues: “It’s in the Inbox”) and because everything in IT can fail and it’s always prudent to have a failover/backup with LiveArchive.


We would like to invite our clients, partners, and enterprise users to a closed beta of Project: Inboxan affordable email solution that can be used as a standalone solution or in hybrid mode with M365 and G Suite.

If you are interested, please email client.services@exchangedefender.com along with a domain name you will be using for the beta test.

Our CEO recently held a webinar explaining the strategy behind this new service and it has been evolving ever since based on market feedback. Simply put, there is a huge market for affordable mailboxes that still meet the high end security and business requirements like top of the line email security, SSO, IMAP/Outlook/Mobile access, and still use the same domain name as the more expensive Exchange or Gmail office suites.

For an overwhelming majority of users within larger organizations, email is an absolute necessity but the average cost of $150/year/employee is putting a strain on IT budgets. Furthermore, the projected slowdown in the economy will make our clients more cautious about their IT spending. Our models show a trend of more users being mobile-first (with remote work being mobile-only) and a growth of service-related mailboxes is creating an opportunity to help us improve our clients security while reducing their service bill.

If this sounds like a winning opportunity for your business or your clients we hope you’ll join us in building something new and awesome. Those that help us out will enjoy the service for free for a while but we have a limited number of spots depending on industry and seat count so if you’re even remotely interested please email us as soon as possible.


We’re moving things around a little to make the platform easier to use and to expose more of the ExchangeDefender security settings. The threats are only getting worse and we need to be more flexible in order to protect you.

Over the next few blog posts we will be introducing you to a more polished ExchangeDefender look as we consider user feedback and change around the overall user experience. It’s no secret that we’ve been making ExchangeDefender friendlier and friendlier and I can’t wait to reveal why… soon.

In the meantime, allow me to introduce you to the ExchangeDefender Advanced Settings. These settings are controlled under the Domain Administrator section of https://admin.exchangedefender.com:

ExchangeDefender helps bridge the need for security and productivity: If the security tool is too convoluted, takes too many clicks, features lots of paragraphs instead of intuitive controls — it’s simple to see why casual users get their security compromised and experience nothing but frustration just trying to get to their email.

We’re changing all that and look forward to introducing you to the new ExchangeDefender shortly.

Data encryption used to be optional, but not anymore. In the past, when we referred to encryption, we thought of hi-tech industries with high profile secrets. Encryption is the digital process of taking regular text, like your email or sms messages, and creating an unreadable “code” to protect the plain text. This proven method ensures the confidentiality of the original text. Now, your local small business, and local educational institutions require added security to protect their data from being hacked.

Education industry is a prime target for hackers

Surprised? We’re not. The education industry consists of services from pre-kindergarten all the way to post-secondary institutions. It comprises of organizations that provide lessons and training on a wide array of subjects.  These institutions, (both private and public) include K-12 schools, colleges and universities, and job training centers. Can you imagine the large volumes of sensitive data that the education industry holds? Every one you know, including yourself has received some form of education, and therefore have submitted personal information that can be stolen by hackers. The most common forms of information students and staff must submit include: DOB, social security number, home addresses, medical records, and more!

Current struggles that schools face

The biggest challenge that institutions face today is the ability to protect students and staff information. The sheer volume of data that a single school incurs in a single academic year is astronomical. Right now, the industry is lacking the security tools needed to store, and manage sensitive information.

The education sector is finding it hard to comply with the biggest data security mandates, FERPA, and HITECH.  FERPA or (Family Educational Rights and Privacy Act) is a federal law that gives parents the right to access their children’s education records. HITECH is The Health Information Technology for Economic and Clinical Health Act, which has to do with the use of electronic health records. This mandate protects educational institutions from penalties from lost or stolen data if they can prove that their data was encrypted prior to a breach.

From an internal perspective, one could assume that the adoption of an institution-wide policy mandating the use of encryption would be difficult, and time-consuming. In the past this may be true, but modern encryption is now cloud-based, and is easy-to-use making a full adoption fast and painless.  

The next big challenge is cost. Most schools have a budget for the year that determines what services they can afford. Before, having encryption involved physical disks and hardware making it extremely costly. However, the strongest encryption software products today are available online with no pricey overhead, or storage restrictions.

Big benefits from encryption awaiting Education sector

Every school, and training center should be rushing to use encryption. There are many benefits that could solve Education’s biggest data security challenges. Firstly, encryption enables secure, and compliant communications between educators, students, and parents. It would offer a secure method to share sensitive information, and would provide seamless collaboration.

Second, an encryption software would ensure data privacy. It enables schools to fully comply with current security mandates. Educators can create custom encryption policies that ensure that student data privacy is met by triggering encryption mechanisms automatically.

Using encryption would enable schools to have full visibility of all information being shared, read, forwarded etc. Educators can get instant confirmation alerts when students or parents access encrypted messages. The detailed reporting would satisfy both the FERPA and HITECH directives for educational institutions. 

Orlando, Florida – Smaller businesses can now secure their employees, email, and data for less than $5 a day. Orlando’s top cybersecurity provider, ExchangeDefender has just launched affordable cybersecurity services for small business via its sister company – 365 Defender. Dubbed the “original email experts”, 365 Defender protects businesses against data leaks and email threats like SPAM, phishing, spoofing, malware, and much more!


9 out of every 10 cyber-attacks start with just a simple email. Over half of all U.S businesses lack proper security, making them an easy target for cyber-attacks. 365 Defender is designed to offer SMBs the ability to protect themselves without having a hefty IT budget.

We are a small business ourselves. We know that most SMBs don’t have a big budget for IT, or cybersecurity. This is why we leveraged ExchangeDefender technologies and expertise to create reasonable options via 365 Defender.”
ExchangeDefender CEO, Vlad Mazek

Service offerings range from Email Security for Outlook and Gmail, to Encryption software that can send secure messages to emails, urls, and text messages. The monthly fees are small business friendly with the cheapest service being just $3 per user, per month. There is no yearly contract commitment, giving businesses complete flexibility to satisfy their ever-changing IT needs.

To learn more about 365 Defender, and to subscribe to a service plan, please visit our website www.365defender.com. Get a free 14-day trial for your business today!


365 Defender is owned and powered by cybersecurity leader, ExchangeDefender. ExchangeDefender specializes in providing email and data security to enterprise since 1997. Headquartered in Orlando, Florida – the IT firm has just launched service plans for small business in hopes of keeping companies safe regardless of their size and budget.

Recently, Cybernews reached out to ExchangeDefender CEO, Vlad Mazek to learn more about how we keep businesses safe from cyber-attacks using top of the line security solutions. The informative discussion centers around the topic of cybersecurity, and what that means for the modern business.

With the recent rise in phishing attacks, it is smart to double-check if it’s really your coworker that emailed you.

By now, it’s probably hard to find an Internet user who has never received emails from someone claiming to be a long-lost relative who wants to share their fortune. While the majority of us are familiar with this type of malware, phishing attacks shouldn’t be underestimated. Nowadays, when threat actors start to include more personal details, posing as coworkers or even bosses, staying vigilant is key.

To discuss the topic of cybersecurity and phishing prevention, we reached out to Vlad Mazek, the CEO of ExchangeDefender, a company eliminating email threats before they even reach your inbox.

ExchangeDefender has been providing various security solutions for more than 2 decades. What was your journey like throughout the years?

We originally started ExchangeDefender to improve the reliability of our Microsoft Exchange servers by offloading all the security tools to a more scalable infrastructure. Over the years we’ve expanded our security portfolio to protect other email servers, as well as deliver more secure ways to rely on common office tasks such as file sharing, collaboration, and compliance.

Can you tell us a little bit about what you do? What are the main problems you help solve?

We used to say “We kill SPAM for a living” and to this day we simply eliminate common threats that lead to security compromises and service outages by providing email encryption, long-term archiving & eDiscovery.

We make it easier to rely on email for secure and reliable communication; which we do by keeping potentially dangerous content away from your webmail, mailbox, desktop, or phone. Simply put, we make it easy to get things done more securely.

What technologies do you use to detect and stop threats in their tracks?

We primarily rely on our internal early warning system which tracks unusual activity from known threat actors. Because of our size and client base, we often have the luxury of being among the first to be targeted which helps us identify safe and unsafe developments before they go “viral”.

We also participate in many proprietary, open-source, and data/intel sharing projects that help raise the security profile of everyone involved.

How did the pandemic affect the cybersecurity landscape? Were there any new features added to your services?

Pandemic actually improved the security landscape for our clients because they suddenly had to shift to a remote work model which inherently came with more stringent security requirements and more awareness for security policies and secure collaboration.

We noticed a significant shift from traditional office communication methods to SMS/TXT and we moved quickly to make all of our services SMS-aware. Mobile phones have become a security identification token, a mobile presence device, and far too often a failover computer. That’s why we invested heavily in extending our services to meet our clients’ needs to go beyond just sending email messages.

What sectors (for example, financial, healthcare, etc.) do you think should put extra attention towards email security?

The best way to answer this question is to think like a hacker because for them it’s not personal, it’s business.

Organizations get compromised for one of two reasons:

  1. They have assets (data) that are valuable
  2. They have a reputation that is valuable

If you have a lot of valuable data or a trustworthy relationship with your clients, you’re a valuable target regardless of your industry. It would be difficult to hack a financial institution because they have dedicated IT and security teams, go through routine audits, and can respond to threats quickly. Compare that to a small CPA firm that uses standard tools and an antivirus bundle that came with their PC.

When it comes to cyber threats carried out via email, what are the most common ones?

Email is the most popular way to get cyber threats into an organization, according to a recent study over 90% of security compromises started with email and it has not changed significantly in the past few years: the #1 cyber threat is from spear phishing. Spear phishing is a practice of forging the identity of the sender and the look of the email to something the recipient would find trustworthy enough to click on. What has changed significantly is the end goal of spear phishing:

  1. Deployment of RAT (Remote Access Trojan) software
  2. Theft of PII (personally identifiable information)
  3. Theft of security credentials

This list actually flipped in the last two years mostly due to the sophistication of RAT software that can give an attacker access to the entire network instead of just a single PC or cloud account. The latest variants target UEFI bios which keep the threat in place even after you get rid of the infected hard drives. As these threats evolve, they also highlight other security issues on the network which makes them difficult to remove and require constant monitoring.

With so many teams working remotely nowadays, what are the best practices when it comes to secure file sharing?

The single most important recent advancement in overall IT security that really deserves wider adoption is the use of MFA/2FA/OTP: multi-factor authentication that requires secondary verification before accessing any sensitive system or information. Working remotely, outside of a managed network and access to IT staff, creates a new universe of security threats that should be mitigated by:

  1. Deploying & requiring MFA for access
  2. Deploying a more aggressive backup and imaging solution
  3. Controlling and reducing the attack surface (by limiting access only to required web sites & services)

Besides secure collaboration solutions, what other security measures do you think modern companies should invest in?

You are probably already spending too much on overlapping, redundant, and underutilized security solutions.

The best security investment you can make today is to get an audit of your existing security portfolio and its integration. Being secure doesn’t come simply from paying for a security software/service license – it has to be properly integrated, configured, and monitored in order to truly keep users away from dangerous content. Due to the chronic lack of security focus and the habit of deprioritizing security for the sake of end-user comfort, many organizations find themselves in a perilous situation with cyber insurance demands.

We are seeing organizations getting compromised not because they don’t have security solutions or adequate training but because they don’t take the time to properly and fully implement the security solutions they are already paying for. An overwhelming majority of ExchangeDefender subscribers rely on less than 30% of the security features they already pay for.

Can you give us a sneak peek into some of your future plans for ExchangeDefender?

Our biggest technical investment for 2022/2023 is to make it possible to access external content (email attachments, files, messages, sites & services) in a secure online sandbox environment where dangerous content wouldn’t even have a chance to reach the user’s desktop, phone, or network.

Our biggest investment is in the area of security audits and assessments. While there is always a shiny new tool or service that promises better security, our data indicates that it’s rarely the lack of a tool, and more often the lack of proper deployment and management of sensitive information that leads to a security compromise.

We’ve helped countless businesses that have been compromised over the years and it usually comes down to neglect of security processes combined with a lack of a plan to respond and recover from a hack. Our future plans are to help organizations change that scenario because cybersecurity isn’t something you buy, it’s something you do.

To celebrate the launch of our new small business service plans, we are currently offering 30-day free trials for any service. Interested in ExchangeDefender? Please visit www.exchangedefender.com/business to request your free trial today!