Improved SPAM Release Security: Quick Release
ExchangeDefender is giving users more power to lock down their valuable data. Now that ExchangeDefender handles business continuity and backups for M365/Gmail tenants there is even more information in ExchangeDefender that demands more flexibility with security policies. First, let’s talk about the upcoming feature that allows you to lock down your ExchangeDefender SPAM Quarantine Report activity.
Bit of background: ExchangeDefender Quarantine Reports are an immensely popular ExchangeDefender feature (coming up for an upgrade this spring btw!) that sends users a list of quarantined messages with a set schedule. Users tend to rarely look in Junk Items or review SPAM unless they are waiting for something so this is a cool feature that our users just love. Scroll down the list of quarantined messages and release or trust just by tapping the link. Super convenient, but does it meet your security requirements?
ExchangeDefender Quick Release feature now enables you to choose between convenience and a more secure release process. For many organizations, having the message released or get added to trusted senders with just a click is a huge time saver and user convenience. But if your Microsoft M365 / Gmail account gets compromised (which happens ALL the time) or you deploy a new security/business/CRM (mostly AI stuff) that scans links then this “convenience” can turn into an Inbox packed with SPAM messages that some hacker/service inadvertently released.
If this happens to you, know that ExchangeDefender can help with the “Secure Release” setting. By enforcing Secure Release, when the user clicks to release or trust a message they will be prompted to authenticate before they can release/trust the message. This way if you get hacked or install link scanning/crawling software in your tenant will not be able to access the messages without a password.
Now please, go setup your favorite authenticator app with ExchangeDefender MFA (next up, you can set it to be mandatory/required)
Webinar Digest 8/16: Unveiling 7 New Features in ExchangeDefender
Watch the full webinar episode >> Click here!
In a dynamic and informative session, our recent webinar shed light on the latest advancements in email management and security. Hosted on August 16th, participants gained a comprehensive understanding of key features and innovations that are set to reshape the way we interact with our email systems. Here’s a recap of the highlights from this engaging event:
1. Seamless Integration: LiveArchive Meets Inbox
A major focal point of the webinar was the integration of LiveArchive, our innovative business continuity solution, directly into the Inbox interface. This strategic move not only enhances user experience but also provides a streamlined pathway to essential features, ensuring business continuity even in the face of disruptions.
2. Long-Term Archiving Redefined: Introducing LiveArchive
Anticipation filled the virtual room as LiveArchive’s impending launch as a long-term archiving service was unveiled. Participants were introduced to this game-changing solution, designed to preserve crucial data over extended periods, elevating archiving capabilities to new heights.
3. Empowerment through Insights: Quarantine Email Reports
The introduction of Quarantine Email Reports was met with excitement. Attendees discovered how this addition empowers users with deeper insights into email management and security, enabling more informed decisions and improved communication management.
4. Crafting Policies with Precision: Enhanced Policy Creation
One of the webinar’s hands-on segments demonstrated the process of crafting allow policies for domains such as @xdreports.com and @xddiagnostics.com. This procedure showcased the delicate balance between streamlined communication and robust security measures.
5. File Sharing Made Effortless: WEBSHARE for Large Attachments
Participants were introduced to the upgraded support for large attachments through the WEBSHARE feature. This enhancement offers a more efficient and seamless method for sharing files within the platform, simplifying collaboration without compromising on security.
6. Simplified Security Configuration: Default Domain Security Policy Wizard
Navigating the complexities of security policies became a breeze as we explored the Default Domain Security Policy Wizard. Attendees gained a firsthand experience of how this user-friendly tool streamlines the configuration of essential security policies, ensuring a safer digital environment.
7. Unveiling Loopback Services: Insights and Applications
A deep dive into Loopback Services rounded off the webinar. From roundtrip latency testing to policy enforcement and delivery testing, participants gained insight into these multi-faceted services. Moreover, the critical role they play in phishing education and attack simulation highlighted their value in fortifying cybersecurity defenses.
In closing, the webinar provided an illuminating exploration of the evolving landscape of email management and security. Participants departed armed with knowledge and insights that will shape their strategies for more effective communication and enhanced protection. We extend our gratitude to all attendees for their active engagement and look forward to continually revolutionizing the way we interact with our digital communication systems.
Trusted sender keeps on ending up in SPAM
One of the most common complaints we get from our clients has to do with allow/whitelist policies and to make the long story short this happens because of the way your service provider configured ExchangeDefender. The long story, technical background, and best practices are outlined at https://www.exchangedefender.com/docs/whitelist. It usually sounds like this:
“I keep whitelisting this email address that sends me my OTP password / password reminder / login code / transaction confirmation / newsletter and they keep on ending up in SPAM!”
This happens for clients that configure ExchangeDefender to block email forgeries and spoofing.
You see, the email address that is showing up in ExchangeDefender and your Outlook/Gmail is not the actual email address that the message was sent from. Large volume emails (OTP, password reminders, notifications) are not sent by humans, they are computer generated and there is a random email address for every notification they sent out (so when/if it bounces they can track it).
These automated email addresses tend to have a long randomly generated identifier in them and generally look like this:
010001890676a389-ee862f60-d7ea-4ba1-a113-f16935e2afeb-000000@amazonses.com
But in your Outlook/Gmail the spoofed/faked email appears to have come from DoNotReply@someotpsite.cz which has the domain you trust and attempt to allow/whitelist. If you pull up the SMTP headers from the quarantined email you can see this email address in the envelope-from field:
Received: from inbound10.exchangedefender.com (65.99.255.114) by
owa.exchangedefenderdemo.com (10.10.10.5) with Microsoft SMTP Server (TLS) id 14.3.498.0;
Thu, 29 Jun 2023 05:23:03 -0400
Received-SPF: pass (inbound10.exchangedefender.com: domain of 010001890675c389-ee862f60-d7ea-4ba1-a113-f16935e2afeb-000000@amazonses.com designates 54.240.77.69 as permitted sender) receiver=inbound10.exchangedefender.com; client-ip=54.240.77.69; helo=a77-69.smtp-out.amazonses.com; envelope-from=010001890676a389-ee862f60-d7ea-4ba1-a113-f16935e2afeb-000000@amazonses.com; x-software=ExchangeDefender SPF;
Authentication-Results: inbound10.exchangedefender.com; dmarc=pass (p=quarantine dis=none) header.from=someotpsite.cz
Authentication-Results: inbound10.exchangedefender.com;
dkim=pass (1024-bit key) header.d=someotpsite.cz header.i=@someotpsite.cz header.b=”QPv3HP79″;
dkim=pass (1024-bit key) header.d=amazonses.com header.i=@amazonses.com header.b=”MsX8RGl7″
Received: from a77-69.smtp-out.amazonses.com (a77-69.smtp-out.amazonses.com
[54.240.77.69]) by inbound10.exchangedefender.com (8.14.7/8.14.7) with ESMTP
id 35T9M86a030204
<demo@exchangedefenderdemo.com>; Thu, 29 Jun 2023 05:22:09 -0400
From: <DoNotReply@someotpsite.cz>
To: <demo@exchangedefenderdemo.com>
Subject: ConnectWise Manage Security Code
…
Solving this issue requires your ExchangeDefender admin to decide how permissive they want to be of email forgeries and fakes. ExchangeDefender provides two ways to manage this in the ExchangeDefender Domain Admin app at https://admin.exchangedefender.com (see documentation)
Option 1: Allow email from the bulk email network
ExchangeDefender enables you to automatically pass through messages coming from specific bulk/spam mail providers. It’s located at https://admin.exchangedefender.com under Advanced Features > Bulk Mailer Policy:
In our example SMTP header the message came from AmazonSES so if you change the policy from Scan to Allow, ExchangeDefender will simply deliver these messages to your mailbox without quarantining it as a forgery/spoof (which it is).
Option 2: Choose a relaxed From: policy
This is a less secure option that will allow forgeries and effectively lowers your security level to that of M365/Office365 – and we strongly discourage you from doing that. However, if the client requires it you can get it done under Advanced Features > From: Policy:
Summary
If you’re seeing notification emails in your SPAM quarantine even though you’ve trusted the sender repeatedly, it’s doing so because the message is being spoofed and your admin has configured ExchangeDefender to block that activity. You can relax the security restrictions by choosing to either allow the bulk mail network or you can build your trust rules on the less-secure From: address.
Our team is always here to help but they aren’t allowed to guess without seeing the SMTP headers first – so if you ever run into an issue that you’d like us to take a look at grab the headers and provide them at https://support.exchangedefender.com and we’ll advise from there.
Troubleshooting Email Delivery with ExchangeDefender Logs
Modern email delivery has become complex in order to eliminate scams and minimize the impact of cyber threats. Unfortunately, those complexities can impact mail delivery: “I sent them an email and they never got it!!!”
First point the user to https://bypass.exchangedefender.com service that’s included with ExchangeDefender. Our users love it because they don’t have to wait on the tech issue to get sorted, they can send the mail right away (and it tends to have a far better delivery success rate because we strip everything that typically trips up SPAM and security filters).
Second, find the problem in the mail and error logs.
You can of course use our interactive mail log (tracing) search to locate the message and see where the problem may be. For larger tenants, we recommend downloading the logs so you can go through them faster on your PC:
ExchangeDefender can help identify the issue through our detailed Raw SMTP logs and Mail Error logs
Log access gives you raw access to everything we have on our backend but you get it faster (as our support doesn’t have access to your data including logs, and getting the access approved internally takes time).
If log analytics isn’t your thing please contact us about the ExchangeDefender Managed Service where you’ll have your own postmaster managing all these issues for you (service must be enrolled before requesting support).
Email delivery problems can be complex and at times out of your control. This is why we always first recommend going to bypass.exchangedefender.com (and ExchangeDefender Inbox) so you can actually do your work. After that, grab the logs and see what the problem is. As always, we’re happy to help!
Protect Your Privacy with Disposable Tracking Emails
Do you ever wonder who is selling your email address to marketing companies? Or do you ever sign up for services and sites while checking things out but don’t want to end up on every email they send until the end of time? Gave your email address for a 10% off discount? Used it with a sketchy parking lot?
We’ve all been there.
Wouldn’t it be nice to be able to come up with an address on a whim? I’m at Subway and they want my email:
“Yeah, that’s subway+vlad@exchangedefender.com“
ExchangeDefender now let’s you do this on a whim there is nothing to set up. Just add any tag+ to the front of your email address and that’s it. Yep, any text you can imagine. Tie it to a specific search like pi+orders+vlad@exchangedefender.com so you can create an Inbox filter rule and potentially automation based on the address alone.
Message is still subject to your security policies so if it’s safe it will come right to your inbox.
Yeah but how do I unsubscribe?
You can do the traditional click & pray that the unsubscribe site is 1) up and 2) works.
The cool thing about tracking emails is that they are integrated in admin.exchangedefender.com and you can see a report similar to the daily quarantine report. Here you can see who is sending messages to which disposable address.
ExchangeDefender shows you where the sender got your email address from and where your data may have been compromised or sold.
You have even more flexibility with the address. If you’re starting to get a lot of abuse at the address, just click on the <b>Stop</b> button and we’ll bounce any email sent to that address tag+ address.
Changed your mind? Hit play and the address will be reactivated as usual.
Inbox, your company email’s emergency plan
We just released a brand new email solution called ExchangeDefender Inbox. You may have seen the beta floating around. It’s official, the commercial product is here and we are absolutely delighted. Inbox is the result of a decades of email issues, and security mishaps.
It is a hybrid of both a standalone email and security all in one. That’s right, you can access your email, and your ExchangeDefender security all in a single pane.
Inbox, what is it?
ExchangeDefender Inbox is a modern and secure email platform that helps you work when your email stops working. It is a safe alternative to your Outlook and Gmail platforms. Inbox is meant to rescue you when your (primary) email goes down. It is your email’s backup plan when things go terribly wrong like email outages, technical difficulties, email delivery issues and so much more!
How does it work?
Inbox takes your email and actively makes copies of it. When email passes through ExchangeDefender, it makes it possible for you to access recent messages in real-time. It is a very cool feature because it works independently of your email hosting. So, if your Outlook goes down, you can simply login to your Inbox to send and receive email while experiencing service outages.
What can Inbox do?
I am so glad that you asked. It has so many features but here are the most noteworthy: you can send and receive email,
you can send secure encrypted messages, and you can bypass any security policy with Bypass. Imagine combining your email and security together for a safe, stress-free email experience!
ExchangeDefender Inbox is unlike any solution on the market. It is an enterprise-grade email continuity solution that saves the day when your email is down, or unreliable. Inbox is flexible in the sense that it has the ability to work as a standalone email, as well as with most email platforms like Outlook, Gmail, and Yahoo.
New Release: ExchangeDefender Inbox M365 Hybrid Solution
Huge and most demanded feature from our community has finally shipped.
No more PowerShell. No manual steps. It’s all automated.
When you create a mailbox on ExchangeDefender Inbox the service creates your users M365 account, enables mail forwarding, maps the email addresses correctly, updates routing and signing.
Anyone can manage Inbox with far fewer IT skills than are needed for the most basic of M365 deployments!
We’re seeing ExchangeDefender Inbox mailboxes used in companies with high turnover, in companies that are trying to save money (Inbox could save over $300 / employee every year!), for mailboxes that get a ton of traffic but are mostly for logging (necessary but rarely ever logged in), temps, external users that need email at that domain but shouldn’t be given an entire M365 license or be exposed to all the data you have on your M365.
So.. if you’ve been keeping your own Exchange server barely alive just for these types of use case that M365 isn’t ideal for (or worth the $), let’s have a call and save some of your IT budget!
How easy is it?
Login to your ExchangeDefender Inbox admin account and choose a tenant to create a user.
ExchangeDefender Inbox does all the heavy lifting under the hood instantly. Using a combination of Remote PowerShell, Microsoft Graph, and Microsoft’s API for Exchange/M365 we’re able to create the user, setup forwarding, update address books on both sides and keep everything in sync. The admin doesn’t have to deal with any of that, they just see that it’s done:
That’s all it takes to create a mailbox and share the domain with a M365 tenant in hybrid mode. Everyone is on the same domain, everyone has the same format email address, it’s practically the same thing but saves your organization up to 95% every month.
Everything on the backend is tracked and kept in compliance. Best part – we do not use delete statements anywhere so you never have to worry about ExchangeDefender Inbox creating problems and issues at M365.
Try Inbox today for free! Login to your ExchangeDefender Admin account to get started.
Top 5 ways Inbox can save you from an email disaster
We developed ExchangeDefender Inbox to save the day: In our large M365 practice we’re responsible for a ton of users and when there is a problem we have to solve it. We built Inbox as a way to mitigate the biggest M365 problems and we’ve delivered an affordable and secure way to keep email working. Here are the top five ways people are relying on ExchangeDefender Inbox every day:
1. During Outages
If M365 goes down, your ability to send and receive mail goes with it. While this is not a frequent occurence (once of twice a year so far), when it does happen it’s extremely expensive. With ExchangeDefender Inbox you just have to open a web browser and continue where you left off.
2. Working around problems
While total outages are not frequent, email issues are nearly constant. Email bounces, weird errors, missing attachments, service suspensions, billing problems – not a day goes by without some sort of an issue. With Inbox you can rely on bypass to work around bounces and you have a separate platform that is not affected by configuration or administrative work.
3. BYOD + Mobile workforce
Most of the modern workforce doesn’t sit behind top of the line PC with a ton of ram – we’re seeing more work done on mobile devices, tablets, even Chromebooks. If you want a near turnkey email operation for users you don’t want to have access to your M365 side, ExchangeDefender Inbox is a far more affordable and efficient solution (plus it works out the box with no software to purchase)
4. Permanent mailbox
Let’s face it, most mailboxes are used to store alerts, notifications, and SPAM. ExchangeDefender Inbox enables you to move those mailboxes and not flood your shared mailboxes, logs, and tenant with non-actionable email. If your device or browser is constantly timing out and you have multiple mailboxes open, ExchangeDefender Inbox will make them all move smoother.
5. Configuration problems
We saved the best for last. Every day security vendors are publishing new ways to fight fraud, and email systems require extensive upkeep. If you’re innundated with issues related to email delivery – “I never got their email, they never got my email, why was this one delayed / deleted” – try using our response: “Did you check the ExchangeDefender Inbox?” Fact is, most email delivery issues are minor and tend to resolve themselves automatically but if you run a business you can hardly afford to wait: Inbox to the rescue.
Go for ExchangeDefender Inbox, visit www.exchangedefender.com/INBOX
ExchangeDefender Inbox is rapidly becoming our #1 service and we’d love to hear how you’re using it. If you have any feedback please send us an email at inbox@exchangedefender.com and we’ll put in a good word with Santa about getting you some ExchangeDefender swag.
What’s the difference between LiveArchive and Inbox?
Recently we blogged about ExchangeDefender Project: Inbox and we got a good amount of interest in the beta and just as many questions. We wanted to address the biggest one: What’s the difference between LiveArchive and this Inbox.
The biggest difference is that Inbox is intended to be used as a primary user mailbox, while LiveArchive is meant as a failover for a user whose mailbox is elsewhere (Exchange, M365, Gmail, etc)
Vlad Mazek, CEO of ExchangeDefender
LiveArchive is a great service to rely on when something goes wrong – Inbox on the other hand is meant to be used all the time. LiveArchive is solely a web mail service – Inbox enables you to connect Outlook or mobile devices to it. LiveArchive is a separate web service to which users usually forget credentials or only login when things go down – Inbox is integrated in the admin app and is accessible one click away from the SPAM Quarantines that our users access daily.
They are both great solutions to different IT challenges: LiveArchive for when things go wrong, Inbox for everyday email use. Inbox has one other massive advantage to it that we’ll announce later this fall.
We expect to offer both with ExchangeDefender Pro to reduce support traffic (clients mail tracking requests caused by mail server issues: “It’s in the Inbox”) and because everything in IT can fail and it’s always prudent to have a failover/backup with LiveArchive.
Introducing ExchangeDefender Inbox
Cybersecurity tops the list of IT concerns and spending, with email still being the most popular service with users and hackers alike: over 90% of compromises start with an email. If that sounds familiar you’ve undoubtedly had to deal with new email authorization standards, user training, troubleshooting mail flow, trying to figure out why email to or from certain people is bouncing, reconciling it all with new IT trends, cyber-insurance requirements, marketing. In a nutshell, email security is still a challenge and users just want something that works.
We’ve reimagined what the email security should look like in 2022 and we cannot wait to show it off:
ExchangeDefender Inbox Webinar
Wed, Sep 28, Noon EST
https://attendee.gotowebinar.com/register/1111619875721771023
We hope you can join us for the webinar and see just how we’ve integrated all the ExchangeDefender security and productivity services to give users a single panel of glass to make email work for them even when they have issues with email. Can’t wait till next Wednesday? Shoot us a ticket at support.exchangedefender.com and ask us to enable it for you today!
ExchangeDefender Inbox combines over two decades of email security experience with the modern, mobile-first world of countless email issues. It enables our clients to get things done with email security and work through all the issues without involving IT. Users want a quick and reliable email platform that just works – work around SPAM filters, around SPF/DKIM policies, around bounces – all while leveraging email encryption to protect sensitive data. The service has been enormously popular with our enterprise clients and now we’re bringing it to all ExchangeDefender users – see you next Wednesday!