July 2024

Over the past month we’ve been holding LiveArchive Workshop Series with clients who want to get LiveArchive deployed and staff trained in under 1 hour. It’s going well and the question we get the most is: “Will it work on Azure/Linode/Oracle/___?!” Yes, it works with ALL public and private clouds because it’s built on top of open source technology standards that everyone offers. In order to deploy LiveArchive you’d follow the same principles and steps outlined in our Cloud Backend Setup at Amazon AWS, Microsoft Azure, Oracle Cloud, Google Cloud (even if you host it yourself on your own network/hardware). All public clouds offer containerized services and the Docker containers that make up LiveArchive are mariadb:latest, minio/minio:latest, and exchangedefender/livearchive-webmail:latest.

Navigating IT Politics

Now that you know ExchangeDefender LiveArchive works on all the popular cloud providers, it’s time to pick one. Here are 3 things to keep in mind:

1) Your choice will typically be controlled by the clients existing infrastructure and vendor policies – if they are an all Microsoft shop you’ll likely be deploying LiveArchive on Microsoft Azure. Regardless of your choice of cloud vendor, you will still get the same LiveArchive performance and keep in mind that full source code for the entire stack is available here: https://github.com/exchangedefender/livearchive-webmail. Having access to the code gives you the ability to optimize, customize, and future-proof your setup.

2) You will need access to DNS. In order to deploy LiveArchive you will need to create a CNAME for the LiveArchive UI which is required in order to request an SSL certificate.

3) You will need to allow several network policies on your choice of public or private cloud. Specifically, you will need to allow tcp ports 80/443 for the web services and you will need to allow tcp ports 9000/3306 to our LiveArchive network so that we can store your messages and message metadata. Cost is also an important criteria for many organizations so we recommend researching cloud cost calculators

This way you can see who will give you the best bang for the buck currently vs. over time as your organization grows. If you’re trying to keep the costs to a minimum your best option is going to keep minio and MariaDB services self-hosted or on semi-dedicated/VPS/colo deployment and to only put the LiveArchive Web UI in the cloud.


We look forward to seeing you in our workshops, and keep in mind you can get it going in under 10 minutes just by following these steps!

Phishing scams and malware lurk everywhere online, even in emails. But fear not! Here at ExchangeDefender, our cybersecurity experts have compiled their best practices to keep you safe while browsing from email links:

1. Check Before You Click:

Hover over the link to see the actual URL. Does it match the text displayed? Mismatched text is a red flag!


2. Know the Sender:

Don’t click links from unknown senders. If it’s from someone you don’t recognize, contact the sender directly to confirm the email’s legitimacy.


3. Look Out for Lookalikes:

Be wary of emails with seemingly familiar sender addresses. Typos or slight variations can indicate a spoofing attempt.


4. Beware of Urgency:

Phishing emails often pressure you to act quickly. Take a breath, verify the sender, and don’t be afraid to delete suspicious emails.


5. When in Doubt, Throw it Out:

If you’re unsure about a link, err on the side of caution and delete the email. It’s better to be safe than sorry!


BONUS TIP: Enable strong spam filtering – tools like ExchangeDefender can significantly reduce phishing attempts reaching your inbox.

ExchangeDefender has been holding LiveArchive workshops for two weeks, helping our clients and partners setup a free backup and live archiving service for their domain. Everyone needs a backup, right? ExchangeDefender is the missing piece in your backup strategy, it lets your users access email messages in the meantime while the recovery is taking place.

ExchangeDefender LiveArchive is free and since you’re providing the storage, you can keep the archive indefinitely. ExchangeDefender LiveArchive is open source and you can count on it long after we’re gone. Plus the privacy stuff.

Preparing for the LiveArchive Workshop

Our goal with the ExchangeDefender LiveArchive Workshop is to help you set up your organization and be up and running by the end of the call.

It takes less than 4 minutes to configure LiveArchive start-to-finish. It takes about 90 extra seconds per domain if you’re setting up multiple clients.

Requirements for the workshop are a domain that is currently protected and configured with ExchangeDefender, access to the DNS control panel, and access to the Microsoft M365 admin (Exchange) site. This way the mail is already flowing in and out of the organization and all we need to assure is that traffic is properly replicating from your email infrastructure to your backup location.


LiveArchive Storage Checklist

ExchangeDefender LiveArchive consists of 3 major components:

1) LiveArchive UI – Beautiful minimalist webmail interface for your email archive
2) LiveArchive S3 Storage – S3 object storage backend to store your messages
3) LiveArchive DB – MariaDB SQL database backend for email metadata and customization



Option 1: Amazon AWS Services

For the sake of keeping it affordable and easy, we recommend deploying LiveArchive on Amazon Web Services. You can get started with Amazon EC2/Lightsail, S3, and RDS/MariaDB and the documentation for the process is here: https://exchangedefender.com/docs/livearchive-cloud-backend

Option 2: Amazon Lightsail

If you’re looking to do more than the basics, deploying the whole docker stack in Amazon Lightsail or EC2 instance is recommended. Before you get to the workshop, set up a Lightsail instance running the latest Ubuntu Linux version you’re comfortable with. Fire it up, update it, assign it a static IP address, and point an A host record at it.

During the workshop we will deploy LiveArchive both ways so you can see the entire process but if you wish to have it deployed make sure you have your environment set up and updated before we get started. By the time the hour is up, your LiveArchive will be protecting your data for as long as you wish to store it.


Learn how to effortlessly set up, optimize, and maximize your investment with expert guidance. Our workshops cover everything from pricing to configuration.

Don’t miss out on this opportunity to master Live Archive Backup! Reserve your spot now for Tuesday or Thursday workshops at 11 AM or 3 PM starting July 16th-September 3rd 2024!

Open a ticket at https://support.exchangedefender.com and let us know which date and time works for you. Space is very limited so please claim your spot fast!!

Over the next seven weeks, ExchangeDefender will hold interactive zoom workshops to help everyone set up their LiveArchive.

Thanks to the many of you who took our LiveArchive survey. We share your excitement and the opportunities LiveArchive presents to our users and want you to have it for your organization. Thank you for sharing tips for what works to get your team on board. We’ve been able to design a workshop that will cover all the bases and have your product deployed by the time the hour is up!

Open a ticket at https://support.exchangedefender.com and let us know which date and time works for you. Space is very limited so please claim your spot fast!!

Workshops will be presented over zoom and will be interactive, allowing you to ask questions and even help with your setup. Here is a brief overview:

  • LiveArchive Deployment Checklist
  • LiveArchive Deployment Scenario
  • LiveArchive Deployment Walkthrough
  • DNS and security setup

Requirements for the workshop:

  • Domain must be currently protected and configured with ExchangeDefender
  • Domain DNS zone management access (confirm MFA)
  • Microsoft M365 Administrator access (confirm MFA)

This FREE LiveArchive workshop simplifies everything! Get clear pricing, expert deployment guidance, and perfect configuration – all within an hour. Everyone in your organization gains immediate access to long-term email archives, including live incoming emails. Skip the confusing documentation and sign up now – spots are limited!

In today’s digital world, software security is paramount. Malicious actors are constantly searching for vulnerabilities in applications to steal data, disrupt operations, or launch cyberattacks like the recent auto industry software cyberattack on CDJR. To stay ahead of the curve, businesses need a robust security strategy that includes fuzz testing, also known as fuzzing.

What is Fuzzing?

Fuzzing is a software testing technique that involves feeding a program invalid, random, or malformed data as inputs. The goal is to see how the program reacts to unexpected inputs and uncover potential bugs and vulnerabilities. Imagine testing a lock by trying different keys. Fuzzing is like trying random objects, not just keys, to see if they open the lock (the program) in unexpected ways.

How Does Fuzzing Work?

A fuzzer, a specialized tool, automates the fuzzing process. It takes a program as input and generates a vast number of test cases with various types of invalid data. Ideally, the program will crash or exhibit abnormal behavior when encountering this unexpected input. This abnormal behavior indicates a potential bug or vulnerability that needs to be addressed.

Benefits of Fuzzing for Businesses

  • Uncovers Hidden Bugs: Fuzzing can find bugs that traditional testing methods might miss, especially those related to unexpected user inputs or external data sources.

  • Improves Software Robustness: By identifying and fixing vulnerabilities, fuzzing helps make programs more resistant to cyberattacks and data breaches. Proactive patching of these vulnerabilities minimizes the risk of costly security incidents.

  • Automation: Fuzzing tools can be automated, making it a relatively cost-effective way to test software compared to manual methods.

Why ExchangeDefender Recommends Fuzzing

At ExchangeDefender, we understand the importance of comprehensive email security. Malicious actors often target email systems with phishing attacks and malware-laden attachments. Fuzz testing email security solutions helps ensure they can withstand these attacks and protect your organization’s data.

Combining Fuzzing with Other Security Measures

While fuzzing is a valuable tool, it’s not a silver bullet. A layered security approach is crucial for optimal protection. Here are some additional security measures to consider:

By combining fuzz testing with other security measures, businesses can significantly improve their software’s robustness and create a more secure email environment.


Ready to Learn More?

ExchangeDefender offers a comprehensive suite of email security solutions designed to protect your organization from evolving cyber threats. Contact us today to learn more about how we can help you safeguard your email data!

Cybersecurity threats seem to be everywhere these days, from phishing scams in your inbox to malware lurking in the downloads you click. But what if there was a way to fight fire with fire, using artificial intelligence (AI) to outsmart cybercriminals? Believe it or not, AI is becoming a powerful tool in the cybersecurity arsenal. Here are 3 ways AI is working to keep you safe online:

1. Training Champions: Simulating the Bad Guys

Think about a world where cybersecurity professionals could practice their skills against realistic cyberattacks, that look real enough to fool anyone. Well, that world exists thanks to AI! Generative AI can create convincing simulations of cyber threats, allowing security experts to hone their detection and response skills in a safe, controlled environment. The more they practice against these “fake” attacks, the better equipped they’ll be to stop the real ones that come your way.

2. Phishing Emails? No Problem! AI Spots the Fakes

Phishing emails are a classic trick used by cybercriminals to steal your personal information. But AI is making it harder for these emails to slip through the cracks. AI can be trained to identify the subtle clues in a fake email, like unusual phrasing or suspicious sender addresses. By constantly analyzing emails and learning from new phishing attempts, AI helps keep your inbox safe from these deceptive messages.

3. Digital Neighborhood Watch for Unusual Activity

Imagine your computer network as a bustling neighborhood. Normally, things follow a predictable pattern – emails flow in and out, websites are accessed, and data travels along its usual routes. But what if a stranger showed up, acting strangely? AI can monitor your network traffic and learn what “normal” activity looks like. Then, if something unusual happens, like a sudden surge in data or a suspicious connection attempt, AI can raise the alarm. By constantly watching for anomalies, AI helps identify potential cyberattacks before they can cause any damage.

As AI continues to evolve, it will likely play an even greater role in keeping us safe online. So next time you see an article about a cyber threat, remember that there’s a whole team of AI warriors working behind the scenes to keep you protected!

The rise of remote work has transformed the way we operate. While it offers flexibility and convenience, it also introduces new security challenges. One of the biggest concerns is keeping sensitive business communications secure, especially when employees access email from personal devices and unsecured networks.

This is where ExchangeDefender Corporate Email Encryption comes in. It acts as a powerful shield, safeguarding your confidential information even when emails travel outside your company network. Here’s how encryption helps overcome remote work security challenges:

Protection Against Data Breaches

Encrypted emails are rendered unreadable to anyone who doesn’t have the decryption key. This minimizes the risk of data breaches even if a device is lost, stolen, or hacked.

Compliance Made Easy

Many industries have strict data security regulations. Encryption ensures compliance with data privacy laws like HIPAA, GDPR, and PCI DSS, giving you peace of mind.

Secure Communication Across Devices

Employees can access and send encrypted emails from any device, whether it’s a work computer, a laptop at a coffee shop, or even a personal phone. Encryption ensures sensitive information remains secure regardless of location or device.

ExchangeDefender Corporate Email Encryption
offers additional benefits like:

  • Easy Integration: The service seamlessly integrates with existing email systems, requiring minimal disruption to your workflow.

  • User-Friendly Experience: Both senders and recipients can use encryption easily, without needing extensive technical knowledge.

  • Advanced Features: The service offers features like pattern matching and lexicon-based encryption for comprehensive data protection.


By implementing ExchangeDefender Corporate Email Encryption, you can empower your remote workforce to collaborate securely, while safeguarding your business from costly data breaches and ensuring compliance with regulations.

Ready to learn more? Visit ExchangeDefender today to explore how Corporate Email Encryption can take your remote work security to the next level! Link to ExchangeDefender Corporate Email Encryption