New policy on ExchangeDefender activations and billing

We are implementing two new policies and processes for ExchangeDefender activations and billing. Some of these have been with the service for a while but since we didn’t enforce them we have opened ourselves and our partners to abuse.

One of our long standing policies is to have a 1-to-1 mapping of all valid e-mail addresses. Every e-mail address on your server that receives email must be on ExchangeDefender as well. This allows us to lock down your server to valid recipients only and thereby reduce a lot of traffic that really shouldn’t exist in the first place.

Going forward, all new ExchangeDefender accounts will be locked down to valid recipients only. Messages sent to non-existent accounts will be rejected with the following error:  “550 ExchangeDefender does not protect this email address (directory harvesting attack rejected)”. If a valid recipient notices this error, make sure you add their account to ExchangeDefender.

Every 20th of the month a new accounts summary will be sent to you so you can adjust your billing for the new accounts that have been created that month. This will allow us all to be in sync with the accounting.

New domains will have their activations provisioned and created within four hours (previously 24). If you choose to do your activations yourself please keep in mind that your ExchangeDefender deployment will be locked down immediately, so do not point the MX record until you have created your users accounts.

In ExchangeDefender 4.0 slated for 2nd Q of 2008, the activations will be immediate and we are also working on a server agent that will keep the server in sync with the ExchangeDefender network eliminating double data entry.