Dear ExchangeDefender Clients, 

As you’ve come to expect from us over more than two decades, we’re open and ready to serve you 24/7. If there is anything we can do for you, please let us know at or just call us at 877-546-0316.

Our Orlando Headquarters has been closed to public since Thursday, March 19th. There is a county-wide curfew in effect starting tonight so we will not be accommodating visitors until further notice. Our data centers will also have restrictions on remote visits.

If you need any troubleshooting or maintenance related to your equipment, we will do our best to assist you, but physical access to assets will not be allowed until further notice.

While we regret that this inconveniences everyone involved, we want to assure you that we’ve got your back during this uncertain time. As Floridians we are accustomed to working remotely and we look forward to being as helpful as we possibly can be.

Please be safe and stay healthy, to keep current on our updates, please follow us on:


In other news, we have an upcoming webinar “ExchangeDefender Solutions Redefined” approaching on Tuesday, March 31st at 12:00 PM. Please join us to learn more about the new changes and expansions in our service portfolio. Register, click here.

ExchangeDefender Corporate Email Archiving is reliable, and affordable.

The age of information has certainly changed the way in which people from around the world interact and communicate with one another.  Businesses have been the hardest hit in trying to store and manage email communications that are critical to their organization.

A shocking 300+ billion emails are sent per day, with the average office employee receiving a shocking 130+ emails every day. The daily number continues to climb, so the question is: What can organizations do to successfully manage all of this data?

The Answer: Email Archiving for Business

Email Archiving solutions provide a systematic approach to storing email communications, both inbound and outbound email. ExchangeDefender Email Archiving provides encrypted, long-term storage, and email recovery. The solution also helps businesses achieve email compliance which requires organizations to be accountable and transparent by using a proper storage solution for their messages.

10 Reasons to get Email Archiving for your organization today!

1 – Immediate access all emails ever sent and received

2 – Automatic backup of all email communication

3 – Automatic backup of all contacts, calendar items, and other relevant data

4 – Achieve regulatory email compliance for HIPAA, GDPR, SOX, SEC and more

5 – Fast eDiscovery – speedy access to all emails to adhere to requests of information quickly

6 – Corporate email policy – Implementation and Monitoring

7 – Infinite storage of all email communications for 10 years or more

8 – Employee oversight – customize policies that are available organizational-wide to restrict the deleting of critical information

9 – Knowledge management – have oversight of what was sent, by whom, and when.

10 – IT productivity – significantly reduce mail server storage issues, in turn reducing additional server costs

Quickly access information about employee and end user communications with a simple eDiscovery search that can search on average, 10,000 inboxes at once. ExchangeDefender’s Email Archiving system takes all of your emails and stores them in a safe place, multiple times for redundancy. Of course, it is still possible to delete an email, but copies of those emails will be kept within the archiving system, which offers additional space storage to enhance your server capacity.

Keep business emails securely stored, with tamper-proof email archiving. ExchangeDefender Email Archiving provides encrypted, long-term storage, and email recovery.

Learn more about ExchangeDefender’s Email Archiving solution here.

The numbers are quite staggering for Microsoft – in a good way to mention, about 90% of all small business organizations use O365 as a critical application suite. The dependence on these cloud applications are great for productivity, but are not-so-great when it comes securing it.

Here are some quick facts:

25% of phishing emails bypass Office 365 Security

55% of employees admit to clicking on links they don’t recognize

58% of company (sensitive) data is stored in 365 documents.

Microsoft’s infamous cloud suite is known to have been under attack from hackers as they found O365 accounts to be easy targets due to the lack of security protocols.

Researchers from Barracuda Networks have found that hackers are targeting Microsoft Office 365 accounts with a worrying degree of success.

Forbes 2019 | Microsoft Office 365 Accounts Under Attack — What You Need To Know

ExchangeDefender’s solution – Cloud App Security

Protect Office 365 applications with advanced multi-layered security, and explore how our solution defends your digital workplace against cyber-threats.

ExchangeDefender’s enterprise-grade protection works to prevent data breaches, malware, phishing attempts, and account takeovers.

Our top security features to secure cloud applications include:

Data Security

  • 256-Bit encryption in-transit and at-rest data security
  • Detect and control accidental and/or malicious data leaks
  • Data loss prevention with customizable policies
  • Layered Redundancy – ensures secure email storage across multiple networks
  • Secure Servers
  • Two Factor Authentication / OTP
  • Pattern-based encryption
  • Multi-level Encryption policies

Threat Protection

  • Malicious Attachment Blocking
  • Anti-Phishing Policies
  • Protection against advanced malware and phishing attacks
  • Email domain, attachment, and links screening and quarantine
  • Malicious files and folders screening and quarantine
  • DMARC Domain Fraud Prevention
  • Whitelist/Blacklist Policies
  • Automatic Signature Disclaimer
  • Network Redundancy

Account Monitoring

  • 24/7 U.S based support
  • Real-time Reporting
  • Receive alerts via email/text when unusual activity is discovered
  • Full visibility into login locations, sharing and downloading activity
  • Detect and control unsanctioned applications with risky permission settings
  • Automatically prevent account takeovers with policy enforcement rules

ExchangeDefender’s cloud application security is vital to the modern business, ensuring advanced protection for the storing and sharing of critical data.

Our zero-trust solution provides O365 users immediate protection ensuring peace of mind for organizations who need to secure O365 – the application, the users, and the data that is stored within it.

To learn more about ExchangeDefender’s Cloud App Security Solution, click here.

ExchangeDefender announces it will be offering Support to third-party users.

One of the first announcements of 2020, covered during our most recent webinar , concerned support and our overall improvement of the platform that now serves a far wider audience than ever before.

We’re often asked to work with third parties, contracted or part time IT staff, client vendors, and everyone else that touches the email ecosystem.

Since we’re closer to our client’s email than even their own Outlook, we can help solve problems before anyone is even aware of them. Sometimes that requires us to work with 3rd parties and now we’re making that super easy, too. Just point your browser to:

Traditionally we’ve worked only with the IT Professionals part of the world (MSP, VAR, CIO) but as more business processes enter the world of email and DNS, we’re often working with external parties who need help with our platform but don’t necessarily work for an IT management company nor for our client. We’re still here to help, and we start through the help site.

What sort of issues do we expect to handle through this?

Compliance requests. RBL/SPAM delisting/whitelisting requests. Misc problems with delivery or configuration. CRM or platform integration issues. Development automation. IoT restrictions and alert delivery. Outlook amnesia. If it relies on ExchangeDefender, we’ll take a look at it. Just go to /help and we’ll find someone that can help.


Vlad Mazek



P.S. This is just one of the many enhancements you’ll be seeing this year. We’re going to make significant headway in self-management this year and our support will be on par with that.

The ExchangeDefender 2020 webinar was a success with partners tuning in to hear about new services arriving this year, click here to watch video.

ExchangeDefender’s CEO, Vlad Mazek hosted the recent talk in which he revealed to partners, the future of ExchangeDefender in 2020 when it came to its technologies and its client support services.

According to the webinar, there are five major areas of focus in which the company would like to strive for better this year, to include:

  1. ExchangeDefender would like to be the best when it comes to overall email security

    a. Clients are already aware of the true value of ExchangeDefender being at the top of its class within the IT industry for advanced email security.
    b. Our company will be investing more resources into developing even stronger security solutions with advanced security protocols to defend against tomorrow’s threats.
    c. We will be investing time into educating users on how to protect their data.

  2. Short circuit the problem escalation and resolution process

    a. ExchangeDefender is looking to improve the troubleshooting capabilities within the support portal to encourage self-service.
    b. Our company will also improve the resolution time by enabling users the ability to fix common email errors.
    c. On the backend, the developers are designing NEW ways to increase proactive monitoring, and reporting to identify issues before they become a problem.

  3. Re-structuring ExchangeDefender service offerings so that they make business sense.

    a. 2020 will usher in a new way to deliver our service offerings with the introduction of XD Service Plans.
    b. XD service plans were designed from our current client base, and the services that they are currently subscribed to with ExchangeDefender.
    c. These plans range from Email Security, Email Archiving, to a full Email Resilience suite that includes a curated selection of our top solutions.

  4. Be more available and responsive to quick questions and real-time millennial-talk

    a. ExchangeDefender realizes that although we have some of the fastest response times in the industry, there is always room for improvement.
    b. Summer 2020 is the expected release of the live support chat platform that is accessible inside of the portal where users experience problems
    c. We will also see a smart integration of XD support with partner notifications and escalations.

  5. Offer enhanced services and support for pain point items/services

    a. Generally, our company would like to become stronger in identifying pain points for our users both in our products, and with our support.
    b. To relieve these pain points, XD is looking to invest time and resources into creating a proper Knowledgebase / Documentation area that is segmented by the time of user – SP, Admins, and End users.

Join us for the last webinar of 2019 –

2019 has been a challenging, yet rewarding year for ExchangeDefender with the development, and full release of brand-new UI upgrades (Support and Admin), along with 20+ new features to maximize our profitable service portfolio.  

Our CEO Vlad Mazek will be leading an informative discussion about the most successful strategies in 2019. We’ve covered a lot about our strategy and it’s been refreshing to see so much adoption of the new services.

  • New ways that our partners are finding a way to win with ExchangeDefender,
  • Opportunities to protect and serve clients on Office 365/AWS/Google, and the new services we’re bringing out of beta in 2020.

Join us on Monday, December 23rd at Noon Est for our final webinar of the year. We’d love to share with you what we’ve learned, as our partners have grown their business to larger corporate contracts. 2019 was a year of progress and learning, and we’ve received a ton of experience with direct clients and would love to share our success strategies that you should be taking advantage of as well.

At ExchangeDefender we want you to be safe online. One of the biggest and best steps you can take towards that goal is to both protect your domain from being “spoofed” (forged by a spammer) and to block any such forgeries from arriving into your mailbox. 

About Spoofing  

Spammers and hackers routinely abuse domains that do not have a SPF or DKIM record. They configure their email software to use your domain name for a SPAM campaign or to launch sophisticated phishing attacks. If you’ve ever received an email from yourself, or from a forged government or corporate entity, you’ve been a victim of spoofing. If you’ve ever received thousands of rejections and delivery receipts for messages you never sent, you’ve been a victim of spoofing. Because so many domain owners do not take responsibility for their DNS configuration, this is the most widely abused mechanism.

Good news is, ExchangeDefender can help protect you from these attacks and brand misuse through implementation of SPF, DKIM, and our corporate policies.   

SPF (Sender Policy Framework)

ExchangeDefender uses SPF to verify that the email is coming from a source that your organization trusts to send messages. This is typically your email server, our email server, and sometimes a business application (like a hosted CRM) that sends email using your domain name. All others get rejected as forgeries. 

How do you setup your SPF record? Simply go to wherever your domain name is hosted (your name server) and add this TXT field to your zone. You may need assistance from your ISP, domain registrar, or whoever is actually running your name servers. If you don’t know who that is, or they are too difficult to use, ExchangeDefender will host your domain free of charge. The TXT record will not have a  hostname and the value should be set to the following:


Record type: TXT

Value: v=spf1 -all

DKIM (Domain Keys)

ExchangeDefender uses DKIM to validate automated digital signatures. We also sign messages for all customers that rely on ExchangeDefender to send outbound mail (pretty much everyone). This is a 2 step process similar to SPF. 

Step 1: Request public key

Go to and open a ticket requesting signatures of your outbound mail. Please specify which domains you wish to sign because each domain must have its own set of keys.

Step 2: Create a DKIM public record

Go to wherever your DNS is hosted and just like in SPF, create a DKIM record:

Hostname: default._domainkey

Record type: TXT

Value: v=DKIM1; k=rsa; s=email;  p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0SXzBGHoJcBVKyNEntvTiMtoSIH4uiuY6i5hzF47

Important: This is just an example. You will need to use your own public key generated in Step 1 and provided by us. Also, the value of the TXT record has to be on the same line, if there are any line breaks (if you copy it from an email or web page) please remove them.

Step 3: Update the ticket with us to test deployment

After the DNS record has been created for your domain, we will validate it and if configuration is valid we will start signing your outbound messages going through ExchangeDefender. 

After the DNS record has been created for your domain, we will validate it and if configuration is valid we will start signing your outbound messages going through ExchangeDefender. 

ExchangeDefender Policy 

While we encourage all of our clients to implement both SPF and DKIM, we understand that there are sometimes business scenario cases under which this is impossible. If you find yourself in this predicament you should immediately change where your name servers are hosted and take full control of your organizations identity online. But if that is still something you may not be able to do, ExchangeDefender can still protect you from phishing attacks and spoofing launched using your own domain name. If you’ve ever received email from yourself or from a colleague (but the email actually came from a server in Poland) then this setting will help you.

Go to and login as the domain administrator (username is your domain name). 

Click on Security Settings > Phishing
Under “Flag External Emails” click on Enable and then Save.

After this setting is applied, all messages from your domain that were sent from outside of the ExchangeDefender network will go into the SureSPAM quarantine. Just tell users not to trust, whitelist, or release messages that are coming from your own domain because they are certainly not legitimate.Note: This is the option of last resort and will not stop hackers or spammers from abusing your domain for phishing, spamming, or hacking. However, it will stop those messages from arriving directly into your users mailbox. If you already have a valid SPF record (with -all, not ~all) and DKIM in production, this setting is not necessary as ExchangeDefender will automatically reject messages that fail SPF/DKIM validation.

If you have any questions or concerns about ExchangeDefender and implementation of SPF, DKIM, or phishing policies please feel free to contact us.

We will be moving new outbound infrastructure into production. The new infrastructure will be used as the platform to provide ExchangeDefender NextGen services.Our outbound network is massively redundant and there will be no outages. If you are currently scoping to individual servers, please remember that we do not support that configuration and that you must use outbound(-jr, -xd, -corporate, -auth) as your smarthost.

Wednesday & Thursday
October 23-24, 2019
10PM – 2AM EST

No impact on SLA or performance

Outbound network Dallas
Outbound network Los AngelesServices affected:
outbound, outbound-jr, outbound-corporate, outbound-auth

Description of work:
Migration of mail queues to new infrastructure, announcing new servers from the outbound IP ranges.

Our last webinar announced our strategy for expanding the level of protection we offer to our ExchangeDefender users that goes far beyond just email. Our three-pronged approach will now include software, services, and training. We are best known for our email security service “ExchangeDefender” but as the email threats escalate in frequency and evolve in complexity, it is time to add a software component.

Over the past decade we have been developing Wrkoo (codename: “Shockey Monkey”), a business management solution centered around helpdesk and service delivery. As that product has grown to better manage accountability and task tracking, it became a perfect solution for us to use to help our ExchangeDefender users be more secure. Specifically, ExchangeDefender knows about your preferences and security policies – Wrkoo has the capabilities to help your entire organization work better together to create a more secure environment. You will see this distinction and the advantage in action later this week when we announce the Password Vault.

Our implementation is very simple and straight-forward. Every ExchangeDefender Pro protected organization will get it’s own Wrkoo portal (ex: absolutely free of charge. All the users in ExchangeDefender will automatically be added to the Wrkoo portal and same login credentials will work on both sites.

As we add business-level features that help improve user security, they will be available via portal under the Shortcuts dropdown (same place you find your Web File Server, LiveArchive, ComplianceArchive, Encryption, etc) as well as via direct login to the Wrkoo portal. This will help our clients quickly navigate between their files, passwords, archives, and all other services.

ExchangeDefender admin portal has been designed from the standpoint of email security and corporate policy enforcement and it is very quick, efficient, and easy to use. Once you look at securing your business beyond just SPAM filtering, things get complex and importance shifts to communication, training, and overall awareness. These are the areas that Wrkoo shines at through its calendars, tasks, tickets/cases/issues, knowledge base, and the ability to help the entire organization communicate and be on the same page. It really is a perfect medium to help everyone in your business manage their information in a more secure and practical user -friendly way.

Our mission remains the same: to keep you safe online. As the threats evolve and management of compliance, reporting, audits, and training becomes more complicated – our solution is there to help you scale and address those issues without spending more money. ExchangeDefender and Wrkoo are here to make that possible.

We have listened to our partners and decided to redesign our invoicing system so it works better for our partners. One of the many benefits of having both Wrkoo and ExchangeDefender teams working together, (more details in our next webinar on September 10th, 2019) is that we can take great ideas from all sorts of businesses and adapt them to serve our IT partners better. Specifically, new ExchangeDefender invoices will be grouped by client:

This will give you a clear indication of how many services each client is subscribed to, what type, amount, etc. For deeper dives by your CPA, you can filter and group by service and client so you can get exactly what you’re looking for (by default everything is sorted alphabetically, by the client):

And for the full details, just tap the title:

We’ll shortly be adding the ability to move services around, adjust titles, and for even more functionality as well as branding options you will have the ability to customize literally everything in your own Wrkoo portal.

Wrkoo and ExchangeDefender teams have been rolling out new features, listening to our partners needs, and you’re going to start seeing a lot of new features that result from that one-of-a-kind collaborative effort.

The best news though – as this is just a taste of what is coming – you’ll have to tune into our webinar on September 10th at NOON EDT. Trust us, you’re going to love what we’ve got coming!