{"id":3310,"date":"2020-02-18T14:04:59","date_gmt":"2020-02-18T19:04:59","guid":{"rendered":"https:\/\/www.exchangedefender.com\/blog\/?p=3310"},"modified":"2020-02-19T09:48:17","modified_gmt":"2020-02-19T14:48:17","slug":"upcoming-changes-to-exchangedefender-white-listing","status":"publish","type":"post","link":"https:\/\/www.exchangedefender.com\/blog\/2020\/02\/upcoming-changes-to-exchangedefender-white-listing\/","title":{"rendered":"Upcoming Changes to ExchangeDefender Whitelisting"},"content":{"rendered":"\n
<\/div>\n\n\n\n
\"\"
ExchangeDefender to update White-listing Protocols <\/figcaption><\/figure><\/div>\n\n\n\n

We\u2019re making massive changes to ExchangeDefender whitelisting policies that will make it easier (and safer) to allow trusted senders to bypass our SPAM filtering processes. <\/p>\n\n\n\n

For 90% of you, this will just make whitelisting smoother\nand you don\u2019t need to worry about the details.<\/p>\n\n\n\n

For our system administrators and users who have grown infuriated with BATS (disposable email addresses) whitelisting, you\u2019ll be thrilled to hear that we\u2019ve launched a new white-listing service a few weeks ago that has been performing well enough in beta tests and will go into full production this week. The main issue we solved with the new technology is the management of bulk senders, but performance improvements alone and new features will be worth a look and full demonstration will be made during our next webinar.<\/p>\n\n\n\n

<\/div>\n\n\n\n
\n\n\n\n
<\/div>\n\n\n\n

The biggest problem with whitelisting, and an opening of an attack vector, is the prevalent use of BATS addresses. BAT, basic attention token, has become a standard tracking email address technology used by mass mail (bulk) senders. For example, the email address that the message was sent from appears to be: Vlad Mazek vlad@ownwebnow.com<\/a><\/h4>\n\n\n\n

However, that is often not the actual address \u2013 it\u2019s just the pretty, friendly, display address that Outlook shows you. If you open the message, the message is usually from something like soap-2391-kwqw-399q-vlad=ownwebnow-com@massmailernode102.spammer.com<\/a><\/h4>\n\n\n\n
<\/div>\n\n\n\n
\n\n\n\n
<\/div>\n\n\n\n

New ExchangeDefender whitelisting service will step in and ask the sender to instead whitelist the domain itself, in this case massmailernode102.spammer.com or even wider. spammer.com. This setting will be on<\/strong> by default.<\/em><\/p>\n\n\n\n

We will also be introducing gateway whitelisting for our enterprise and Pro clients, which will allow you to whitelist common bulk mail organizations entirely. While we do not recommend it, we understand that for some organizations it\u2019s easier to just whitelist all mail sent by Sendgrid, AmazonSES, Constant Contact, etc than to constantly evaluate which ones to permit on a case by case basis. This setting will be off<\/strong> by default<\/em>.<\/p>\n\n\n\n

Another often requested feature, that is tied to the launch of the new Whitelisting code, is the ability to provide one-click access to report and manage white-list entries. Every user that enables this feature is doing so to better control their blacklists, and this setting will be off<\/strong> by default.<\/em> When turned on, all received messages will have a footer in the message allowing the user to launch a complaint when something that looks like SPAM has been allowed through. The footer will only be visible on inbound messages and all tracking code will be deleted in replies, forwards, or messages sent from ExchangeDefender to the Internet.<\/p>\n\n\n\n

We are rolling in a few more features that will be announced\nduring our next webinar in March. If there is something you\u2019d really love to\nsee, please let us know, all these features are based on user requests so keep\nthem coming!<\/p>\n","protected":false},"excerpt":{"rendered":"

[…]<\/p>\n","protected":false},"author":50,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[127],"class_list":["post-3310","post","type-post","status-publish","format-standard","hentry","category-exchangedefender","tag-whitelist-whitelisting"],"_links":{"self":[{"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/posts\/3310","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/users\/50"}],"replies":[{"embeddable":true,"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/comments?post=3310"}],"version-history":[{"count":18,"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/posts\/3310\/revisions"}],"predecessor-version":[{"id":3330,"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/posts\/3310\/revisions\/3330"}],"wp:attachment":[{"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/media?parent=3310"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/categories?post=3310"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/tags?post=3310"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}