Upcoming Changes to ExchangeDefender Whitelisting
We’re making massive changes to ExchangeDefender whitelisting policies that will make it easier (and safer) to allow trusted senders to bypass our SPAM filtering processes.
For 90% of you, this will just make whitelisting smoother and you don’t need to worry about the details.
For our system administrators and users who have grown infuriated with BATS (disposable email addresses) whitelisting, you’ll be thrilled to hear that we’ve launched a new white-listing service a few weeks ago that has been performing well enough in beta tests and will go into full production this week. The main issue we solved with the new technology is the management of bulk senders, but performance improvements alone and new features will be worth a look and full demonstration will be made during our next webinar.
The biggest problem with whitelisting, and an opening of an attack vector, is the prevalent use of BATS addresses. BAT, basic attention token, has become a standard tracking email address technology used by mass mail (bulk) senders. For example, the email address that the message was sent from appears to be: Vlad Mazek vlad@ownwebnow.com
However, that is often not the actual address – it’s just the pretty, friendly, display address that Outlook shows you. If you open the message, the message is usually from something like soap-2391-kwqw-399q-vlad=ownwebnow-com@massmailernode102.spammer.com
New ExchangeDefender whitelisting service will step in and ask the sender to instead whitelist the domain itself, in this case massmailernode102.spammer.com or even wider. spammer.com. This setting will be on by default.
We will also be introducing gateway whitelisting for our enterprise and Pro clients, which will allow you to whitelist common bulk mail organizations entirely. While we do not recommend it, we understand that for some organizations it’s easier to just whitelist all mail sent by Sendgrid, AmazonSES, Constant Contact, etc than to constantly evaluate which ones to permit on a case by case basis. This setting will be off by default.
Another often requested feature, that is tied to the launch of the new Whitelisting code, is the ability to provide one-click access to report and manage white-list entries. Every user that enables this feature is doing so to better control their blacklists, and this setting will be off by default. When turned on, all received messages will have a footer in the message allowing the user to launch a complaint when something that looks like SPAM has been allowed through. The footer will only be visible on inbound messages and all tracking code will be deleted in replies, forwards, or messages sent from ExchangeDefender to the Internet.
We are rolling in a few more features that will be announced during our next webinar in March. If there is something you’d really love to see, please let us know, all these features are based on user requests so keep them coming!
ExchangeDefender Advanced Threat Protection
Email is the most common security threat for all organizations, with 88% of companies suffering a data breach due to lack of proper email security protocols.
Email-based attacks affect the entire organization, not just the single user who clicked on the malicious link, or downloaded the virus-infected attachment. It takes just one harmful email to get past your defenses to cause critical damage throughout your organization.
What does Advanced Email Security mean for us?
ExchangeDefender Advanced Email Security provides the most secure email suite that protects against SPAM, viruses, malware, and phishing attacks. Compatible with all major email service providers – including Office 365, on-premise Exchange, and G-Suite for Business.
Our solution: ExchangeDefender Advanced Threat Protection
The Advanced Threat Protection helps defend users against threats hidden in emails, attachments, and links. It goes beyond the average business email protection; we even dare to say its stronger than Microsoft’s Advanced Threat Protection. See how we compare with their ATP, hint: we offer more security features than ever.
Our Top ATP Features:
Malicious Attachment Blocking
Protects against unknown malware and viruses, and provides zero-day protection to safeguard your messaging system.
Safe Links
Proactively protects your users from malicious URLs in an email message.
Anti-Phishing Policies
Checks incoming messages for indicators that a message might be a phishing attempt.
Real-time Reporting:
Real-time reporting that enable your security and compliance administrators to focus on high-priority issues, such as security attacks or increased suspicious activity.
Whitelist / Blacklist Policies
Email access control mechanism that allows email senders through, except for senders who have been denied access.
DMARC Domain Fraud Prevention
Protects your brand and the people who trust it from suspicious and infringing domains.
Click here to see full features
The powerful email security suite offers a multi-level protection against email-borne attacks, and also includes advanced threat protection features like Malicious Attachment Blocking, Anti-Phishing Policies, and Domain Fraud Prevention.
Learn more: Advanced Threat Protection
Every Business Email Needs Anti-Phishing Protection
What is Phishing?
In recent years, spear phishing attacks have been on the rise, and have costed American businesses millions of dollars per year in time and resources.
Phishing is a fraudulent attempt via email to obtain sensitive information like username, passwords and credit card details. This type of attack is tricky because the phishing email appears to be from a trustworthy entity like Netflix, or Apple for example.
Furthermore, the phishing email typically has a call to action, and directs the user to a website via a link within the email. This website then asks the user to update personal information – and boom, your information now is in the hands of hackers.
According to a recent study by Verizon (2019), over 80% of security compromises start with a spear phishing email. ExchangeDefender can help you eliminate spear phishing threats or just provide notifications to your users when they get tricked into clicking on a link leading somewhere dangerous.
The solution: ExchangeDefender Spear Phishing Protection
ExchangeDefender provides the most sophisticated and most comprehensive real-time protection from email phishing threats through ExchangeDefender Phishing Firewall, External Sender flagging, real-time databases of safe and dangerous sites, and flexible phishing content handling policies.
The Basics:
1. ExchangeDefender’s phishing protection works on every device that is wifi-enabled with the ability to receive email.
2. There is no download or installation required for the security feature.
3. Our email spear phishing protection enables you to whitelist and blacklist email addresses and domains.
Spear Phishing Protection Highlights:
Phishing Firewall
ExchangeDefender rewrites the URL of links in HTML emails and redirects you through our cloud filtering service that can alert or block threats you may inadvertently click on. (Learn More)
Flag External Emails
ExchangeDefender modifies the subject of messages received from outside of your organization, so nobody can ever mistake a message from external source or a coworker. ([EXTERNAL])
Blacklist / Whitelist
ExchangeDefender Phishing Firewall allows organizations, domains, groups, and users to maintain a list of safe and dangerous web sites, to which traffic should be allowed to pass or be blocked.
To learn more about ExchangeDefender’s Email Phishing protection and how it works, click here.
You can also explore our advanced email security suite that includes phishing protection, and so much more!
ExchangeDefender Live Archive offers businesses email outage protection
ExchangeDefender’s Live Archive solution offers uninterrupted access to live and archive email via the cloud. It enables organizations to access their email even when service disruptions occur, without customers knowing that there is an internal outage in progress.
The basics of Live Archive:
It’s Always On, and Running
Always have access to your email even during service interruptions.
It is Easy to Setup
Get up and running in minutes, there is no training required.
No Downloads Required
No software installations, no manual switches, and does not require management or maintenance.
It’s mobile friendly
Enjoy 24/7 access to your emails no matter where you go.
Live Archive is an enterprise-grade email continuity service that lets you resume work after a service interruption, or other technical malfunction.
Powered by our custom solutions in multiple data centers, LiveArchive delivers a vigorous and resourceful solution that is secure, and reliable! The best part of all is that – LiveArchive is always-on, constantly archiving your sent and received mail for up to one year. No maintenance or management to worry about in case of an outage. LiveArchive is continuously uploading your mail whether your system is up or not.
Live Archive Top Features:
Secure Servers
We offer email continuity using our secure standby servers to archive emails instantly.
Real Time Archiving
Live Archive is always on records emails in instantly powered by our mail systems with data center redundancy.
One Year Storage
Receive up to 1 year of inbound and outbound mail accessible via our LiveArchive website. If you’re looking for long-term storage for email compliance, see compliance archiving.
Active Sync
It allows for you to sync your contacts, calendars, appointments and everything else in Outlook. And gives you the option to search and manage those items.
So, How Does Live Archive Work?
It’s as simple as typing in livearchive.exchangedefender.com, or livearchive.us and logging on to your account using your credentials. You are able to send, receive, forward and search, any of the mail that you need which we have rescued for you. Our inbound and outbound servers are simply an in-between step to your email being sent; as it is going to and from your mailbox, your correspondence is being saved in our servers for you later.
ExchangeDefender Releases 2020 Strategy
The ExchangeDefender 2020 webinar was a success with partners tuning in to hear about new services arriving this year, click here to watch video.
ExchangeDefender’s CEO, Vlad Mazek hosted the recent talk in which he revealed to partners, the future of ExchangeDefender in 2020 when it came to its technologies and its client support services.
According to the webinar, there are five major areas of focus in which the company would like to strive for better this year, to include:
- ExchangeDefender would like to be the best when it comes to overall email security
a. Clients are already aware of the true value of ExchangeDefender being at the top of its class within the IT industry for advanced email security.
b. Our company will be investing more resources into developing even stronger security solutions with advanced security protocols to defend against tomorrow’s threats.
c. We will be investing time into educating users on how to protect their data. - Short circuit the problem escalation and resolution process
a. ExchangeDefender is looking to improve the troubleshooting capabilities within the support portal to encourage self-service.
b. Our company will also improve the resolution time by enabling users the ability to fix common email errors.
c. On the backend, the developers are designing NEW ways to increase proactive monitoring, and reporting to identify issues before they become a problem. - Re-structuring ExchangeDefender service offerings so that they make business sense.
a. 2020 will usher in a new way to deliver our service offerings with the introduction of XD Service Plans.
b. XD service plans were designed from our current client base, and the services that they are currently subscribed to with ExchangeDefender.
c. These plans range from Email Security, Email Archiving, to a full Email Resilience suite that includes a curated selection of our top solutions. - Be more available and responsive to quick questions and real-time millennial-talk
a. ExchangeDefender realizes that although we have some of the fastest response times in the industry, there is always room for improvement.
b. Summer 2020 is the expected release of the live support chat platform that is accessible inside of the portal where users experience problems
c. We will also see a smart integration of XD support with partner notifications and escalations. - Offer enhanced services and support for pain point items/services
a. Generally, our company would like to become stronger in identifying pain points for our users both in our products, and with our support.
b. To relieve these pain points, XD is looking to invest time and resources into creating a proper Knowledgebase / Documentation area that is segmented by the time of user – SP, Admins, and End users.
Webinar RECAP: Introducing Brand New Admin UI and New ExchangeDefender Services
On Wednesday, November 13th, I got the pleasure of introducing our partners and clients to several new services from ExchangeDefender:
– New ExchangeDefender UI for users
– New Wrkoo Calendar and Appointment Booking feature
– New Postmaster support service for Exchange/ExchangeDefender Pro
Our development team has been working like crazy to bring all these features to our clients and we’ve had a ton of beta testers enjoying both solutions for weeks with no major problems (but lot’s of feature requests that we look forward to adding to the product).
ExchangeDefender UI / UX Upgrade
Our current strategy is to make sure the ExchangeDefender service enters 2020 with the brand new UI across all login levels and services. All these new services are coming with improved security, more functionality, and are significantly faster.
Wrkoo Calendar & Appointment Booking
Our strategy of rolling some Wrkoo features to the ExchangeDefender client base continues with our calendar module. In addition to the Password Vault, which is also available free of charge to our ExchangeDefender Pro clients, Calendar and Appointment Booking modules will be available for free as they are key to our strategy of offering a full groupware solution by January 2020.
The calendaring option adds everything you’d expect from a modern calendar and appointment sharing application, but built for groups and businesses. A public appointment setting site is integrated, allowing web site visitors to request an appointment after seeing the available schedule – with Wrkoo handling all the collisions, registering users, setting up meetings and free/busy status.
In terms of scope, this is the largest non-ExchangeDefender to date and a requirement for our new groupware service. In terms of feature set and functionality, it significantly exceeds what is currently available.
Postmaster Support
ExchangeDefender has spent 2019 improving support and troubleshooting automation which has resulted in savings of thousands of hours and support requests. We’re stepping it up even further with a concierge service to help with message tracking, NDRs, and DNS-related email delivery problems.
The new site will help users automatically detect common problems with their setup or configuration. After collecting basic information, it will then be assigned to a case manager that can effectively work with sender, recipient, and other interested parties to resolve the problem.
In conclusion
Take a moment to watch the webinar. There is so much context and background to our strategy.
https://www.exchangedefender.com/media/XDUICalendar.mp4
As this is our last webinar for 2019, I wanted to personally thank you for all your business and your trust. We have worked like crazy this year to get these features to you before 2020 and in our opinion we are light years ahead of where we were at this time last year. I’m sure you can tell from the excitement in my voice that we believe these new features will be significant game changers for our partners and clients and we’ll continue working on developing solutions to the continuing challenges in security and in productivity.
Sincerely,
Vlad Mazek
CEO
ExchangeDefender
ExchangeDefender Phases Out “Essentials & Exchange Hosting Essentials” Services
Everyone on record by December 31st, 2019 will be grandfathered into the service.
You’ve got 45 more days to sign up for ExchangeDefender Essentials and Exchange Hosting Essentials in their current form with all the current benefits and features.
In 2020, we will start offering a new Essentials service that is more competitive with the entry level offerings from Microsoft, Google, etc.
New accounts will not be compatible with Office 365, Gmail, or other cloud based email services, a territory that ExchangeDefender Pro is far better suited for.
The service will be slightly more affordable but will no longer have options to add on Encryption, Web File Sharing, LiveArchive, Compliance Archive, corporate & MSP branding, and other enterprise-ish features. If these features are important to you and you have open leads, please make sure the orders are placed by Christmas.
Between the lines:
ExchangeDefender Essentials line has had a great run but over the past two years we’ve noticed a trend – clients are either going for the cheapest option, or they are signing up for all the bells and whistles that come with the Exchange and ExchangeDefender Pro line of services. The original intent behind Essentials was to create a “make it your own” version where companies that didn’t need Encryption or LiveArchive could save a few bucks and get an enterprise product that scaled with the organization as it’s demands grew.
We’re hoping that announcing the phasing out of the current licensing will give existing leads an incentive to get signed up and grandfather in the features at a discount.
ExchangeDefender vs. Hacked Exim/cPanel servers
ExchangeDefender has been seeing an elevated amount of malware originating from hacked Exim mail servers. While we tend to score those messages higher by default to keep our clients protected, one of our clients discovered a scenario in which a user could get a dangerous payload through our scanners (requires multiple manual steps and a sophisticated recipient with imaging software willing to go through multiple hoops). Which this is exceptionally unlikely, we wanted to address a few of the topics anyhow.
1. CIOs, MSPs, and Domain Administrators can manage attachment policies
If you go to https://admin.exchangedefender.com and login as the Domain Administrator, you can manage attachment policies under Configuration > Attachments. You can find more about ExchangeDefender configuration at https://www.exchangedefender.com/docs/domain#configuration
2. We do not deep-scan file system images (.iso/.img)
As a policy we do not deep scan .iso or .img file system images. The files themselves are scanned for both malware, viruses, and other parameters (for example, if someone renames a .exe to .img, or embeds malware in one we will still filter it out) but we will not mount file system images and go through each file inside. This is not a popular attack vector (requires multiple actions by the user and most will require Administrative access and specialized software) but it is technically possible.
3. You should implicitly distrust anyone on hacked Exim servers
ExchangeDefender cannot globally block Exim servers (because there is always going to be that one “business case scenario!!! we cannot block our $2 cPanel VPS!”) but if you can possibly block them – by all means do. While this is generally not necessary (ExchangeDefender maintains a proprietary list of pwn3d Exim servers and routinely moves them to SPAM or SureSPAM), it’s a good idea not to accept any mail from these servers at all.
4. You should implicitly junk SPF failures
Same as #3, it’s a really good idea if you have the luxury of not dealing with people that shouldn’t be running an email server. ExchangeDefender tracks SPF failures and notes them in the headers that can be used to aggressively filter out messages sent out from invalid ranges. Just look for a “Received-SPF: softfail” in the message headers.
Received-SPF: softfail (inboundXX.exchangedefender.com: domain of transitioning postmaster@gmail.com does not designate 67.82.55.11 as permitted sender)
What this means is that the organization has designated an IP range that legitimately relays messages, and this message came from an IP address outside of that range. 99.99999% of the time it’s a spammer. 0.00001% of the time it’s just a poorly configured server. It’s your choice to assess the risk and implement this if possible and we recommend it.
Finally, if you are actively monitoring security and communicating with your clients, we do manage a NOC site that logs major issues at https://www.anythingdown.com. If you’re one of our MSP or enterprise clients, you also have a branded version of this software free of charge at https://www.xdnoc.com that you can attach your domain name to and offer these alerts to your clients without copying and pasting around.We hope this helps and we appreciate your trust in keeping you safe online.
For more information, please see our ExchangeDefender Guide for Domain.
ExchangeDefender UI is a huge hit!
Last week we launched our new UI framework that will soon drive the primary user experience for all ExchangeDefender applications. The admin portal as a series of web pages that post to one another and remain in constant state of refresh is a thing of the past.
The new user interface is meant to deliver the full power of ExchangeDefender through a browser no matter what device you’re on. To say the new UI has been a hit would be a massive understatement. What we’ve heard the most is: “I love it, but…” and this post is here to give you a little tease about what is coming up next.
Saved, customized views
There are power users that want every bit of data and then there are basic users that are just trying to find a message – and we’ve gotten feedback from both. Good news, everyone will be happy with the addition of customized views:
The new SPAM quarantine interface will soon give you the ability to display only the columns you want, show you messages you’ve previously released, as well as showing you only the new messages. Everyone has a preference, and once you set it ExchangeDefender will remember it. Next time you come to the quarantine view, your settings will be automatically saved.
Send emails without having email open
We’ve covered the details of the product road map in our previous webinar but to put it succinctly, not everyone in the organization needs a full 50GB mailbox, and most people rarely use more than 10% of their Outlook – definitely not something worth $180/year. When we designed the new UI we did so with full confidence that one day soon ExchangeDefender will entirely replace fat client apps, and here is a little preview of that: you can now send messages directly from ExchangeDefender:
This “Send Mail” and “Send Encrypted Email” (for ExchangeDefender Encryption subscribers) shortcut will be available across the entire service because virtually every interaction ends up in a creation of something – an email response, a task (Hello Wrkoo!), a ticket, maybe even a calendar appointment – ExchangeDefender will be streamlining all of that and don’t worry, a copy of the message will be delivered to your mail server for compliance reasons.
Respond to email in real-time
One of the advantages you get with ExchangeDefender is the embedded phishing protection and security – things that would be designed to attack your Outlook or Gmail for example – will not be active in ExchangeDefender and will keep you safer by default. So if you got a sketchy message and you aren’t sure if it’s legitimate – or you no longer want the message sitting in your mailbox — you can reply directly from the ExchangeDefender message view.
You can also forward and print the message as well, eliminating the need to release or trust a sender that may not be reputable.
Goodbye tabs & sites
We want you to do what you have to do, but faster and without a ton of open tabs. The new Dashboard look is still evolving but here is a sneak peek:
The idea is to present everything you may want to see as far as your activity and the service metrics, but not forgetting what you actually come to ExchangeDefender to do – to communicate and collaborate securely. With that in mind, we’re adding “action tiles” throughout our services that highlight the most popular feature or two. If this was your first time using ExchangeDefender, what would you likely want to do? Check SPAM? Send an Encrypted message? Share a document library? Go through your archives or rely on business continuity because your server or email cloud went down?
We’ve got you covered.
P.S. 100% of these features have come to us by the means of the Feedback link from awesome users such as yourself. We’re a little different in the way we design software, Steve Jobs is long gone and we like to rely on our users and respond to the way you work rather than dictate how you should work. So please, tell us what more we can do and our marketing team will make a pitch to the product teams on your behalf.
Join us 11/13 for our New UI Upgrades & New Features webinar. Get exclusive access to the full design and functionality of the new admin user interface – register here: https://register.gotowebinar.com/register/6850325080298120461
Announcing ExchangeDefender Next Gen User Interface
We are thrilled to announce the launch of our new ExchangeDefender admin user interface, going live on Thursday, October 24th. Check it out:
Faster. New ExchangeDefender UI loads exponentially faster than the previous version and feels more like a desktop application than a constantly refreshing web page.
More intuitive. We’ve looked at how our clients actually use the product and we’ve made it much easier to get to the features that users utilize often. We’ve also placed the content front and center while placing all the controls on the same page, so ExchangeDefender will be a breeze to use even for someone that’s seeing it for the first time.
More mobile. No more apps, no more installations, no more add-in’s – we’ve built an application that works anywhere and exposes all the ExchangeDefender functionality on a single panel of glass.
Extensive. Our mission is to help our clients build an office that is secure first. To make that possible, the new UI is actually a framework that makes it easy for users to communicate and collaborate more securely. It also enables our partners to plug their apps into ExchangeDefender and deliver a more complete solution.
No operational change. New ExchangeDefender UI behaves and functions the same way as the old one, making it easier for those that don’t like change to seamlessly continue working in the new UI. We didn’t move your cheese. But we’ve made it much smoother and faster to access so we’re sure you’ll love saving time while you enjoy enhanced security.
Initially the user experience will not change at all – we intend to “soft launch” the new user interface and allow anyone that wants to check out the new stuff in production to do so on demand. We did not want to surprise/shock any of our users with a brand-new look and interface, not to mention without an extended production testing schedule. After about a month (tentatively scheduled for Thanksgiving) the new interface will replace the old one as the default. On Thursday, October 24th you’ll be able to check it out in production:
We’ll have a lot more on the new UI shortly.
Stay tuned for all the details, videos, documentation and so on becoming available soon!
If you’ve attended our more recent webinars, you’re aware of our wider strategy to help businesses build a more secure office. In fact, this UI framework is already in production on the next generation products we launched recently. We would urge everyone to attend our webinar on Wednesday, November 13th where we’ll showcase even more details about our aggressive road-map and all the new features that immediately enable users to communicate and work more efficiently and more securely.
ExchangeDefender UI Upgrades & New Features
Wednesday, Nov 13, Noon
https://attendee.gotowebinar.com/register/6850325080298120461