ExchangeDefender SPAM Previews Coming this Fall
Nothing gets by our user base; We may have tipped our hat a little with the SQL upgrade and a test of the message previews showing up in the control panels this morning and… yes.. yes, we are bringing full message previews to the ExchangeDefender web interface this fall. This upgrade is scheduled to launch along with our AJAX interface upgrade and will give you the ability to highlight a message and click to view the body directly from the web site. You’ll then have an option to reply right there without waiting to deliver or trust the sender, or do any combination of the three.
The interface preview you may have seen overnight was just that – a preview – and will not officially become a feature until November/December timeline. We have another SQL maintenance interval scheduled for tonight and I figured I owed you an explanation for why there seems to be so much “maintenance” as of late.
Daily Report Breakfix
During our preparation for ExchangeDefender Administrator and Service Provider daily reports we discovered a big performance issue in our reporting engine, big enough to cause us to rewrite the affected code immediately and alter our database schema. During the new engine rollout the reporting functionality was not at 100% and not all users had their daily reports generated. If your daily reports are set to be generated between 3:30 AM EST and 5:30 AM EST, your report may not have been generated. The reporting engine optimization / bugfix did not affect intraday reports.
We are in process of slowly resending the daily reports, they will arrive today. If your users need a report and it has not been delivered to them yet please remember that you now have multiple options:
– You can resend their daily report through the control panel on demand (report sent out within 60 seconds)
– You can tell the users how to access the quarantines directly (easiest and most efficient way) via https://admin.exchangedefender.com
– You can let their SPAM czar go through their mail for them.
We are currently considering not offering SPAM digest reports to end users anymore. The amount of information we can offer via email is very limited and inefficient. We can provide far more information (and make the user far more productive) if they looked at the reports over the web and are considering generating daily and intraday reports with summary data only and a link to the web interface – if there is enough junk mail to warrant a review, the user will click and see all the email that is waiting for them. If it is not, at least we will spare the user the trouble of their Outlook hanging for 8 minutes while they try to open an email thats more than 2 Kb in size. You will of course be given an option of sending users daily/intraday email summaries or full digest reports, with the summary of course being the default. We figure this may not be the most popular decision with some users to please let us know if you have an opinion.
Got ConnectWise? Get ExchangeDefender with it!
We’re on the eve of the 3rd Annual ConnectWise Partner Summit and I’m proud to announce that ExchangeDefender fully integrates into ConnectWise’s Managed Mail sync as well as Management Report documents. Want to get it done tonight? It takes 5–10 minutes tops, just download this document and follow the directions:
Thats right, in 5–10 minutes you can have your ConnectWise deployment syncing up with ExchangeDefender and becoming a regular resident on your Management Reports.
Enjoy the conference, enjoy Tampa and enjoy the integration we now offer into your ConnectWise deployment.
New ExchangeDefender Reports! (Part 1)
New ExchangeDefender Reports are out! We have worked hard to bring the new reporting functionality to you and we hope you like the new information we are providing as well as what we are allowing you to remove from the report:
If you pardon the eraser tool you will notice that the layout of the reports has changed slightly and you will also notice some more information showing up in an unobtrusive way. So let’s look at the improvements:
- Summary Guide – Top right blue box “You are reading an email summary…” has been the most demanded feature by our customers and partners alike because it gives you single-click access to the ExchangeDefender portal. Click on the link to access your settings, searchable quarantines and more.
- Email Activity Stats – Directly above the SPAM quarantines. This new summary field is showing you the total activity during this reporting period and helps address those “we are not receiving any email” complaints that users tend to feel once ExchangeDefender comes to life.
- Warnings & Caveats – Bottom of the message. There are two warnings so let’s look at them carefully. “You chose to be notified of all SPAM quarantines.” is printed when you chose to receive full/complete SPAM reports. If you have a ton of email addresses and aliases it can get annoying to scroll down rows and rows of email addresses that never receive email just to see “No messages in this quarantine” so we gave you an option to suppress empty quarantine reports. Second warning is to let the user know that these reports do not include viruses, address book attacks, NDR storms, mailbox floods, mailbombs and other causual Internet annoyances. On a daily basis we only accept and process up to 80% of the inbound mail, most of the 20% being part of multiple RBLs or confirmed SPAM content. Majority of that 20% is dismissed anyhow!
- Branding – Background, messages and logo are now brandable. If you are a service provider you can make this your own!
That’s all for the user facing problems! Stay tuned for the Administrator reports tomorrow!
Note: We addressed a bug in the reports that did not print a header message for the SureSPAM category. If you received a report prior to 8 AM EST on Monday, September 17th, you would have noticed your SPAM and SureSPAM bundled together.. After 8 AM EST you will see both quarantine contents broken down individually.
Alert: ExchangeDefender bounce notifications
We have received some reports of certain users emails bouncing on receipt. We are currently looking into the problem and will update the advisory shortly.
Update: 1:19 PM EST: Problem solved, 100% of the accounts are now online.
Update: 1:53 PM EST: ExchangeDefender has been reloaded and refreshed to assure absolutely everything is working perfectly. We have taken off administrative console access offline for the moment to determine the cause of network configuration failure. As mentioned in the 1:19 PM update, everything should be working perfectly fine and there should be no bounces.
Update: 2:16 PM EST: Notified ExchangeDefender administrators, updated trouble tickets and the recovery effort to deliver 800+/20+ inbound/outbound messages continues. This was a minor (albeit catastrophic) error in the ExchangeDefender network configuration that affected a small portion of our customer base but due to the distributed nature of the system it may have affected just about everyone. As a precaution, we have temporarily taken administrative interfaces offline to determine how this happened in the first place. Again, network, performance and system are at 100% at the moment with no known issues.
Update: 2:28 PM EST: Cause of network failure identified, fixed. Moving to the testing phase, control panels are still offline. 1/4 of the bounced messages have been recovered and delivered to the end users.
Update: 3:19 PM EST: Everything is still working perfectly fine. Our team is decrypting messages from the standby spool and dropping the messages by hand into the delivery queue. All “bounced” messages will still be delivered. Thanks to the technology behind LiveArchive, we are able to cache delivery so in case of bounces, like today, we can still manually drop the message into your mail server.
Update: 4:46 PM EST: Everything is back to normal, all external bounced mail has been delivered, 100% service restored and administrative control panels are restored as well.
ExchangeDefender: Back to Normal
The following message was sent as a part of the daily and intraday reports ExchangeDefender provides to users that choose the quarantine their mail:
You may have noticed that more SPAM messages than usual have gotten to your inbox between Thursday and Saturday of last week. This was an isolated case related to our software updates which have been designed to prevent future issues.
We are seeing a change in the way threats are delivered. Spammers used to rely on small text messages and links to their sites in the past, today they are using attachments, images, PDF files and other dangerous content to get your attention. We have kept up with them and minimized your exposure but as the SPAM problem evolves and becomes more threatening we found it neccessary to both increase the size of our network and the way we process messages.
Everything should be back to normal and you should be seeing less SPAM than you ever have before. Our network and software improvements have been training for a few days and were put in full effect at roughly midnight GMT.
Thank you for your patience and we’re sorry for any inconvenience the increased amount of SPAM may have caused you. During the software upgrade we still filtered out over 99.7% of all inbound mail but with the increasing number of SPAM operations even that small 0.3% of non-filtered mail can result in a dozen or more messages that got through.
We’re seeing a significant change in the way SPAM is being designed, delivered and spread. Where in the past we could simply rely on virus scanners and RBLs the future of threats and SPAM has gone to the new level.
Over the past month we have quadrupled the size of ExchangeDefender both in physical assets and bandwidth and have rewritten major parts of the system in expectation of worse SPAM problems in the future. The transition to the new engine, new systems, new networks and new software has been tough on us and on our customers but it has prepared us all for whats coming.
On behalf of the whole team thank you for your patience with the transition and problems that came up during August. If it helps in any way, we will be refunding all the ExchangeDefender fees for August. Even though our performance was well within the SLA (service level agreement) we believe in providing excellent service and you should expect no less from us.
Sincerely,
Vladimir Mazek
CEO, Own Web Now Corp
ExchangeDefender Detours
Expect some delays in mail delivery starting at about 11 AM EST today. We are adding new servers, new switches, new bandwidth and more routes to our data centers and as we scale each network we will need to refresh configuration and shut that particular load balancer down.
The delays will not be significant and should not be uniform. No mail will be dropped or deleted nor will mail “sit” on the network while we are moving it up. We are taking this opportunity of a really light few days before the holiday to further improve our network and expand our offering (something which you will hear about very, very shortly!)
New SPAM Reports hit Inboxes today!
New SPAM reports for daily and intraday activity are already hitting our customers inboxes today. We have taken so much feedback from our customer base on these reports and taken every bit we could to help improve them. Among notable options, SPAM reports are now:
- Brandable – Your background color, your colors, your corporate identity and product name in both From: and every line that otherwise mentions ExchangeDefender
- Flexible schedule – Reports can be delivered at any 30 minute interval and are adjusted for your home time zone as well as your date format options (m/d/y, d/m/y)
- Daily and Intraday – Daily reports outline past 24 hours of quarantined mail, intraday show only mail since the last report.
- Custom Message – Reports can be branded with a custom message: Alert your customers and users about network events, new services or just general announcements.
Every level of ExchangeDefender user (administrator, service provider, end user) can manage their SPAM report settings and administrators and service providers can now override all settings for all users under their control. Some best practices are to remember not to set intraday reports to run earlier in the day than the daily reports. Also keep in mind that it can take a few minutes for the reports to be generated because they are prepared in realtime.
Finally, remember that daily reports are a great user self-management tools but should not be used as the primary SPAM management option. Create a shortcut to ExchangeDefender instead. To do so, right click on the destktop, select new Shortcut, type in
https://admin.exchangedefender.com/login.php?
username=theirusername&password=theirpassword
Change theirusername and theirpassword values and they’ll have realtime, searchable access to their SPAM quarantines. Enjoy!
Alert: In order to adjust for the reports around the world everyone will receive multiple reports today (one at 9AM EST, and one at their scheduled time). Starting tomorrow you will only see the reports scheduled at your preset time.
ExchangeDefender Mail Delays & Non-receipts
I am writing this blog post to address the issue of ExchangeDefender mail receipt delays or mail simply not arriving at all. Nearly three weeks after we have implemented the new networks, and nearly a month after we have notified all our ExchangeDefender customer administrators we are still fighting with the ad-hoc issues related to delayed mail, mail that was not received, mail that was received hours later.
In 100% of the cases the issue was the recipient policy on the target mail server. Please, please, please make sure you have added the following IP address blocks in order to allow our new servers to relay mail to you:
64.182.140.0/24
64.182.139.0/24
If you do not allow those IP address ranges access to your network the system will not bounce the messages. Instead, our intelligent routing system will route messages internally to the server that is able to establish a connection with you. This system, however, was not designed to handle sysadmin apathy but instead to respond to major interruptions in the Internet backbone. If a system is unable to deliver the message directly to the server it reattempts every 15 minutes. After the first hour it sends a broadcast message asking other networks to see if they can establish a route and receive the SMTP banner. If the connection can be established the message is routed to that server and then delivered. By not having the proper IP address restrictions in place you are forcing your inbound mail to be put through our DR scenario which is automatic but time consuming.
Please, either do not use IP restrictions at all or update them properly. For a little more positive note, tune in later tonight when we’ll announce our new email SPAM reports.
ExchangeDefender Network Status Update
I wanted to offer you an interim update on the status of ExchangeDefender network and codebase. As I mentioned on Friday, we have brought the platform back to normal and since then we have not had any even unusual events (sans a few DDoS attacks which are common against large networks). All our data centers are performing well, now at 11:56 AM which is our peak time we are running at 38% network utilization and 61% system utilization meaning we can sustain twice the load without seeing any effects on the network itself.
All the issues that have been reported over the past week or so have been resolved and we have not had any reports of additional problems since. Now, back to features….