logo XD
logo Antler

April 2025

ExchangeDefender

When we launched our new user interface infrastructure, we did so that we could run ExchangeDefender at the cutting edge. By bringing all of our apps under one umbrella, we can now monitor and address bugs and performance issues in real-time.

The pace of development has really picked up, and when things are constantly improving, it’s important to keep everyone informed when issues get addressed and bugs get fixed. At https://admin.exchangedefender.com, when you log in as a Domain Administrator, you will now see a new Announcements button on the bottom right.

You can view our announcements on this screen (same content that is available on the login screen) and you can click on the Changelog to see our recent changes. This way you can see what is being added and fixed, and we can track it back to the original issue report.

We owe a huge thank you to our partners and clients for feature suggestions and bug-fix help last month, we are working hard to keep the web apps at the top security and industry standards because this is how people exchange sensitive information and we take great effort to make that easier and more secure.

General

In today’s increasingly remote work environment, teams often face challenges when sharing large files securely and efficiently. Traditional methods like email attachments or outdated file servers can be cumbersome and pose security risks. ExchangeDefender’s Web File Server (WFS) offers a solution tailored to these needs, facilitating seamless and secure collaboration across different locations.​

Challenges in Remote File Sharing

Remote teams frequently encounter issues such as:​

  • File Size Limitations: Email systems often restrict attachment sizes, making it difficult to share large documents.​

  • Security Concerns: Transferring sensitive information without robust security measures can lead to data breaches.​

  • Lack of Real-Time Collaboration: Without centralized platforms, coordinating on document edits and updates becomes challenging.

How ExchangeDefender WFS Addresses These Challenges

ExchangeDefender WFS is designed to overcome these obstacles by providing:​

  • Unlimited File Sharing and Storage: Users can upload and share files of any size without worrying about storage limits, ensuring that large documents like contracts or design files are easily accessible.​

  • Enhanced Security Features: With 128-bit SSL encryption, password protection, and auto-destruction capabilities, WFS ensures that sensitive data remains secure during transit and storage.​

  • User-Friendly Interface: The platform’s intuitive dashboard allows users to create document libraries, manage recipients, and track activity without requiring extensive training or IT support.

  • Real-Time Collaboration: Teams can work simultaneously on documents, with features like version control and activity logs keeping everyone informed of changes.

Real-World Application

A local real estate company, Orange Avenue Homes, utilizes ExchangeDefender WFS to share contracts between remote team members and clients. The platform’s ease of use and robust security features have streamlined their document management processes, enhancing overall productivity.​

For remote teams seeking a reliable and secure method to share large files, ExchangeDefender Web File Server offers a comprehensive solution. Its combination of unlimited storage, advanced security, and collaborative tools makes it an invaluable asset in today’s digital workspace.​

Explore more about ExchangeDefender Web File Server and how it can benefit your remote team at ExchangeDefender Web File Server.

General PRO TIPS

Phishing emails are deceptive messages designed to trick you into revealing personal information or installing malicious software. Reporting these emails helps protect your account and assists in improving Microsoft’s security measures. Here’s how you can report phishing emails in Outlook:​

For Outlook on the Web (Outlook.com):

  1. Sign In: Log into your Outlook.com account.​
  2. Select the Email: In your inbox, click the checkbox next to the phishing email you wish to report.​
  3. Report as Phishing:
    • At the top of the message list, click on the “Report” button.​
    • From the dropdown menu, select “Phishing”.
  4. Confirmation: The email will be moved to your Junk Email folder, and Microsoft will be notified to enhance their spam filters.​

For Outlook Desktop Application (Windows):

  1. Open Outlook: Launch the Outlook application on your computer.​
  2. Select the Email: In your inbox, click to highlight the phishing email.​
  3. Access the Report Feature:
    • Navigate to the “Home” tab in the ribbon at the top.​
    • Click on the “Report” button. If you don’t see this option, you may need to add the “Report Phishing” add-in:​
      • Click “Get Add-ins” in the ribbon.
      • Search for “Report Phishing” and click “Add.”
  4. Report as Phishing:
    • After adding the add-in, select the phishing email again.​
    • Click “Report” in the ribbon, then choose “Phishing.”​
  5. Confirmation: The email will be moved to your Junk Email folder, and Microsoft will receive a report to improve their spam filters.​

For Outlook Mobile App (iOS and Android):

  1. Open the App: Launch the Outlook app on your mobile device.​
  2. Select the Email: Tap on the phishing email to open it.​
  3. Access More Options:
    • Tap the three-dot menu (⋮) at the top right corner of the email.​Microsoft Support
  4. Report as Junk:
  5. Confirmation: The email will be moved to your Junk folder, and Microsoft will be notified to enhance their spam filters.​

Source: Microsoft Support

General Phishing

Email Spoofing is a deceptive tactic where attackers forge email headers to make messages appear as if they originate from trusted sources. This technique is commonly used in phishing attacks to deceive recipients into revealing sensitive information or downloading malicious software. Understanding how to analyze email headers can help you identify and protect against such fraudulent activities.​

What Are Email Headers?

Email headers are essential components of an email message that contain vital information about its origin, route, and authenticity. They include fields such as ‘From’, ‘To’, ‘Subject’, ‘Date’, and several others that provide a trail of the email’s journey from sender to recipient. While some of these fields are visible in your email client, many are hidden and can be viewed by accessing the email’s source or original message.

How to Access Email Headers:

  • Outlook: Open the email, click on “File,” then “Properties,” and view the “Internet headers” box.​

  • Gmail: Open the email, click on the three vertical dots next to the reply arrow, and select “Show original.”

  • Yahoo Mail: Open the email, click on the three horizontal dots, and select “View raw message.”​


Delivered-To: user@example.com
Received: by 2002:a17:902:5307:0:0:0:0 with SMTP id v7csp1452976ejw;
Wed, 03 Apr 2024 12:34:56 -0700 (PDT)
X-Received: by 2002:a1c:4b09:: with SMTP id g9mr1234567wma.67.1712172896123;
Wed, 03 Apr 2024 12:34:56 -0700 (PDT)
Return-Path: sender@domain.com
Received: from mail.domain.com (mail.domain.com. [123.45.67.89])
by mx.google.com with ESMTPS id b7si1234567qke.287.2024.04.03.12.34.56
for user@example.com
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 03 Apr 2024 12:34:56 -0700 (PDT)
Received-SPF: pass (google.com: domain of sender@domain.com designates 123.45.67.89 as permitted sender) client-ip=123.45.67.89;
Authentication-Results: mx.google.com;
dkim=pass header.i=@domain.com header.s=selector1 header.b=abcd1234;
spf=pass (google.com: domain of sender@domain.com designates 123.45.67.89 as permitted sender) smtp.mailfrom=sender@domain.com;
dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=domain.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=domain.com; s=selector1; t=1712172896;
bh=VYgWqzXb1q83L9efk9EtqvL7W0U=;
h=Date:From:To:Subject:Message-ID;
b=abcd1234efgh5678ijkl9012mnop3456qrstuvwx…
Date: Wed, 3 Apr 2024 12:34:56 -0700
From: Sender Name sender@domain.com
To: Recipient Name user@example.com
Message-ID: CAJ1234567890abcdefg@mail.domain.com
Subject: Important Update on Your Subscription
MIME-Version: 1.0
Content-Type: text/plain; charset=”UTF-8″
Content-Transfer-Encoding: 7bit

Key Email Header Fields to Examine:

  1. From: Indicates the sender’s email address. However, this field can be easily forged and should not be solely relied upon to verify the sender’s identity.​

  2. Reply-To: Specifies the email address to which replies should be sent. Discrepancies between the ‘From’ and ‘Reply-To’ addresses can be a red flag for spoofing.​

  3. Received: Shows the servers that handled the email during its transmission. By examining the sequence of ‘Received’ fields, you can trace the path the email took and identify anomalies.​

  4. Return-Path: Indicates where non-delivery receipts (bounces) are sent. A mismatch between the ‘Return-Path’ and ‘From’ addresses may suggest spoofing.

  5. Received-SPF: Displays the result of the Sender Policy Framework (SPF) check, which verifies if the email comes from an authorized server. A ‘Fail’ or ‘Softfail’ status can indicate potential spoofing.

Detecting Spoofed Emails:

  1. Examine the ‘Received’ Fields: Trace the email’s path by reviewing the ‘Received’ fields. Inconsistencies or unfamiliar server names can be indicators of spoofing.​

  2. Check SPF, DKIM, and DMARC Results: These authentication mechanisms help verify the legitimacy of the email. Failures or absence of these checks can be warning signs.​

  3. Analyze the ‘Return-Path’ and ‘Reply-To’ Fields: Ensure these fields match the ‘From’ address and are consistent with the sender’s domain.​

  4. Use Email Header Analysis Tools: Online tools like MxToolbox’s Email Header Analyzer can simplify the process by parsing headers and highlighting issues.

By understanding and analyzing email headers, you can better detect and prevent email spoofing attempts, thereby safeguarding your personal and organizational security.​ Need extra security? Try ExchangeDefender PRO for free!