logo XD
logo Antler

ExchangeDefender Blog

Industry News

ExchangeDefender Real Time Blacklist Process Change Report

Change Synopsis:

ExchangeDefender has changed how our inbound nodes will handle emails delivered to our server when the sending server is on a Real Time Blacklist (RBL). Previously, RBL listings would cause emails to be rejected and not able to be delivered to the recipient (even if requested). Now, when a server is listed on a public RBL, the message will score high enough to classify as SURE SPAM instead of rejected back to the sender.

Changes to how ExchangeDefender handles Real Time Blacklisting (RBL) of the senders server will be visible to both the and MSP Customers.

Customer:

Customers with STORE / QUARANTINE see a dramatic increase of items in the SURE SPAM quarantine, including email quarantine reports.

Customers with TAG AND DELIVER will see a dramatic increase of sure spam items delivered to their inbox.

MSP:

MSPs will have two settings to control how RBL listings are handled with regards to matching whitelist rules. By default, whitelisted senders will override the RBL listing and will allow the scanner to ignore the RBL entry. MSPs will have an option within the domain’s phishing configuration with regards to handling whitelisted senders who wind up on an RBL.

Hosted Services Support

The full migration to Exchange 2016 has proved to be extremely challenging, but with much success we are managing to move ALL of our clients hosted with us to the new platform.

New changes have occurred to our Service Manager to best compliment the new migration. Below, you’ll find explanations and screenshots of what you’ll be seeing from now on.

You can access your service manager inside our support portal via support.ownwebnow.com

Service Manager (Exchange 2016)
  1. Clients must select the organization they would like to manage
  2. Once they select the organization, the list with all the domains mailboxes and distribution groups under that organization will be updated below
  3. It is possible to search for specific accounts or filter by domain
Navigating the Create button.

If you click the + Create button, a list with options will be displayed:

  • New organization
  • New mailbox
  • New domain

If you click on create organization, a pop-up window will be displayed where you would have to type the name of the organization and add as many domains as they need at once.

How to: Create a new organization

If you click on new mailbox, a pop-up window will be displayed where you would have to select the domain and then type all the information for each one of the mailboxes.

How to: Create a new mailbox (Exchange 2016)
Creating multiple domains has the same process as “new domain” (above)

Updates are as followed:

  • The list of accounts is now grouping the records by domain, and sorting them by the display name in ascending order, that way it makes it easier to find accounts when you have a lot.
  • From there you can change the password of multiple accounts at a time, create a distribution group based on your selection or add the accounts selected to existing distribution groups
  • You can also delete accounts

If you click on Manage, another view will be displayed with the information of the account selected. From there they can:

  • Update the information of their account
  • Reset their password
  • Create a forward rule
  • Add aliases
  • Configure their protocols
  • Add permission rules

From there, if they want to create new aliases they just have to click on the button +Add alias

How to: add an email alias

To add an alias they will have to pick a domain, and type the local part of the email (local part of the email is everything before the @) and the alias automatically will be displayed in the table .

To update their protocols they just have to click on the switches to turn them on/off and click on save.

How to: update your protocols

The permissions work pretty much the same way as aliases, with the exception that you have more options.

To add permissions, you must select the type of the permissions you would like to grant and the account (only accounts under your organization will be displayed that do not have a permission rule created for the same mailbox, that way there are no repeated permission rules for the same pair of mailboxes)

How to: Add new permissions

IMPORTANT CHANGES THAT COULD AFFECT THE USER’S EXPERIENCE:

  • In Hosted Legacy, you could create Distribution Groups with no members and add the members later. In Exchange 2016, there cannot be empty Distribution Groups, so the only way to create groups now is checking the boxes of multiple accounts (mailboxes), and clicking on the button “Create new group”.
  • In Hosted Legacy, there were no such thing as an “Organization”, in Exchange 2016 organizations were implemented to give our MSPs a way to group different entities like Domains, Mailboxes, Distribution Groups, etc under the same “Client’s structure” (organization), that way it will be for them to manage their clients since they have everything for each one of them in the same place.
  • In Exchange 2016 you can create three types of mailboxes: Regular, Shared or Room (an explanation of each will be provided later).
General

ExchangeDefender Corporate Email Archiving is reliable, and affordable.

The age of information has certainly changed the way in which people from around the world interact and communicate with one another.  Businesses have been the hardest hit in trying to store and manage email communications that are critical to their organization.

A shocking 300+ billion emails are sent per day, with the average office employee receiving a shocking 130+ emails every day. The daily number continues to climb, so the question is: What can organizations do to successfully manage all of this data?

The Answer: Email Archiving for Business

Email Archiving solutions provide a systematic approach to storing email communications, both inbound and outbound email. ExchangeDefender Email Archiving provides encrypted, long-term storage, and email recovery. The solution also helps businesses achieve email compliance which requires organizations to be accountable and transparent by using a proper storage solution for their messages.

10 Reasons to get Email Archiving for your organization today!

1 – Immediate access all emails ever sent and received

2 – Automatic backup of all email communication

3 – Automatic backup of all contacts, calendar items, and other relevant data

4 – Achieve regulatory email compliance for HIPAA, GDPR, SOX, SEC and more

5 – Fast eDiscovery – speedy access to all emails to adhere to requests of information quickly

6 – Corporate email policy – Implementation and Monitoring

7 – Infinite storage of all email communications for 10 years or more

8 – Employee oversight – customize policies that are available organizational-wide to restrict the deleting of critical information

9 – Knowledge management – have oversight of what was sent, by whom, and when.

10 – IT productivity – significantly reduce mail server storage issues, in turn reducing additional server costs

Quickly access information about employee and end user communications with a simple eDiscovery search that can search on average, 10,000 inboxes at once. ExchangeDefender’s Email Archiving system takes all of your emails and stores them in a safe place, multiple times for redundancy. Of course, it is still possible to delete an email, but copies of those emails will be kept within the archiving system, which offers additional space storage to enhance your server capacity.

Keep business emails securely stored, with tamper-proof email archiving. ExchangeDefender Email Archiving provides encrypted, long-term storage, and email recovery.

Learn more about ExchangeDefender’s Email Archiving solution here.

ExchangeDefender

ExchangeDefender to update White-listing Protocols

We’re making massive changes to ExchangeDefender whitelisting policies that will make it easier (and safer) to allow trusted senders to bypass our SPAM filtering processes.

For 90% of you, this will just make whitelisting smoother and you don’t need to worry about the details.

For our system administrators and users who have grown infuriated with BATS (disposable email addresses) whitelisting, you’ll be thrilled to hear that we’ve launched a new white-listing service a few weeks ago that has been performing well enough in beta tests and will go into full production this week. The main issue we solved with the new technology is the management of bulk senders, but performance improvements alone and new features will be worth a look and full demonstration will be made during our next webinar.

The biggest problem with whitelisting, and an opening of an attack vector, is the prevalent use of BATS addresses. BAT, basic attention token, has become a standard tracking email address technology used by mass mail (bulk) senders. For example, the email address that the message was sent from appears to be: Vlad Mazek vlad@ownwebnow.com

However, that is often not the actual address – it’s just the pretty, friendly, display address that Outlook shows you. If you open the message, the message is usually from something like soap-2391-kwqw-399q-vlad=ownwebnow-com@massmailernode102.spammer.com

New ExchangeDefender whitelisting service will step in and ask the sender to instead whitelist the domain itself, in this case massmailernode102.spammer.com or even wider. spammer.com. This setting will be on by default.

We will also be introducing gateway whitelisting for our enterprise and Pro clients, which will allow you to whitelist common bulk mail organizations entirely. While we do not recommend it, we understand that for some organizations it’s easier to just whitelist all mail sent by Sendgrid, AmazonSES, Constant Contact, etc than to constantly evaluate which ones to permit on a case by case basis. This setting will be off by default.

Another often requested feature, that is tied to the launch of the new Whitelisting code, is the ability to provide one-click access to report and manage white-list entries. Every user that enables this feature is doing so to better control their blacklists, and this setting will be off by default. When turned on, all received messages will have a footer in the message allowing the user to launch a complaint when something that looks like SPAM has been allowed through. The footer will only be visible on inbound messages and all tracking code will be deleted in replies, forwards, or messages sent from ExchangeDefender to the Internet.

We are rolling in a few more features that will be announced during our next webinar in March. If there is something you’d really love to see, please let us know, all these features are based on user requests so keep them coming!

General Product Features

The numbers are quite staggering for Microsoft – in a good way to mention, about 90% of all small business organizations use O365 as a critical application suite. The dependence on these cloud applications are great for productivity, but are not-so-great when it comes securing it.

Here are some quick facts:

25% of phishing emails bypass Office 365 Security

55% of employees admit to clicking on links they don’t recognize

58% of company (sensitive) data is stored in 365 documents.

Microsoft’s infamous cloud suite is known to have been under attack from hackers as they found O365 accounts to be easy targets due to the lack of security protocols.

Researchers from Barracuda Networks have found that hackers are targeting Microsoft Office 365 accounts with a worrying degree of success.

Forbes 2019 | Microsoft Office 365 Accounts Under Attack — What You Need To Know

ExchangeDefender’s solution – Cloud App Security

Protect Office 365 applications with advanced multi-layered security, and explore how our solution defends your digital workplace against cyber-threats.

ExchangeDefender’s enterprise-grade protection works to prevent data breaches, malware, phishing attempts, and account takeovers.

Our top security features to secure cloud applications include:

Data Security

  • 256-Bit encryption in-transit and at-rest data security
  • Detect and control accidental and/or malicious data leaks
  • Data loss prevention with customizable policies
  • Layered Redundancy – ensures secure email storage across multiple networks
  • Secure Servers
  • Two Factor Authentication / OTP
  • Pattern-based encryption
  • Multi-level Encryption policies

Threat Protection

  • Malicious Attachment Blocking
  • Anti-Phishing Policies
  • Protection against advanced malware and phishing attacks
  • Email domain, attachment, and links screening and quarantine
  • Malicious files and folders screening and quarantine
  • DMARC Domain Fraud Prevention
  • Whitelist/Blacklist Policies
  • Automatic Signature Disclaimer
  • Network Redundancy

Account Monitoring

  • 24/7 U.S based support
  • Real-time Reporting
  • Receive alerts via email/text when unusual activity is discovered
  • Full visibility into login locations, sharing and downloading activity
  • Detect and control unsanctioned applications with risky permission settings
  • Automatically prevent account takeovers with policy enforcement rules

ExchangeDefender’s cloud application security is vital to the modern business, ensuring advanced protection for the storing and sharing of critical data.

Our zero-trust solution provides O365 users immediate protection ensuring peace of mind for organizations who need to secure O365 – the application, the users, and the data that is stored within it.

To learn more about ExchangeDefender’s Cloud App Security Solution, click here.

Product Features

It was 1985 when the File Transfer Protocol (FTP) was standardized to enable users to access and transfer data securely between computers. Gone are the days of physically handing those manila file folders to your co-workers over the top of your cubicle.

Key File Sharing Facts:

83% of employees say they waste time every day tracking, sharing, or finding the correct version of a file.

55% of employees have used their personal email to transfer business documents.

By 2022, more than half enterprises will rely on a content collaboration platform.

What is ExchangeDefender Web File Sharing?

ExchangeDefender Web File Sharing was designed to provide easy-to-use file sharing that also embraced corporate needs to access control, encryption and content expiration.

As the information we exchange with our peers and clients grows in size and includes rich content like video and music, the complexity and bandwidth demand of traditional file sharing protocols is starting to limit our ability to share content easily and securely. ExchangeDefender Web File Sharing enables you to do just that and provides scalability and flexibility without additional licensing fees.

Top Features:

100GB File Storage per user
100 Gb of secure storage is available per user.

Unlimited Documents
Add unlimited documents per library.

Unlimited Libraries
Add as many file libraries as you need.

Large File Limit Capacity
Upload files up to 250Mb in size.

Unlimited Recipients & Groups
Add as many recipients and groups as you need.

Full Reporting
Full reports for all portal activity.

>> See full features

You Can Quickly Create Libraries for Easy Document Sharing and Collaboration.

ExchangeDefender Web File Sharing makes it easy to quickly share a ton of large files without relying on email, clunky file servers, or cloud services primarily designed for file sync.

Reviewing New Documents, Uploads and Comments are a Breeze

View and manage documents in your library, set automatic expiration, and get email notifications when new files are added by your coworkers, or downloaded by your clients.

Control Access and Content Shareability

WFS offers features like password-protect, invite-only, public vs. private links, and more to ensure the security of the business information being shared.

Get setup in seconds.

Our solution provides a single dashboard that makes team collaboration easy, secure, and accessible 24/7.

To learn more about ExchangeDefender’s Web File Sharing solution, click here.

ExchangeDefender Product Features

Email is the most common security threat for all organizations, with 88% of companies suffering a data breach due to lack of proper email security protocols.

Email-based attacks affect the entire organization, not just the single user who clicked on the malicious link, or downloaded the virus-infected attachment. It takes just one harmful email to get past your defenses to cause critical damage throughout your organization. 

What does Advanced Email Security mean for us?

ExchangeDefender Advanced Email Security provides the most secure email suite that protects against SPAM, viruses, malware, and phishing attacks. Compatible with all major email service providers – including Office 365, on-premise Exchange, and G-Suite for Business.

Our solution: ExchangeDefender Advanced Threat Protection

The Advanced Threat Protection helps defend users against threats hidden in emails, attachments, and links. It goes beyond the average business email protection; we even dare to say its stronger than Microsoft’s Advanced Threat Protection. See how we compare with their ATP, hint: we offer more security features than ever.

Our Top ATP Features:

Malicious Attachment Blocking

Protects against unknown malware and viruses, and provides zero-day protection to safeguard your messaging system.

Safe Links

Proactively protects your users from malicious URLs in an email message.

Anti-Phishing Policies

Checks incoming messages for indicators that a message might be a phishing attempt.

Real-time Reporting:

Real-time reporting that enable your security and compliance administrators to focus on high-priority issues, such as security attacks or increased suspicious activity.

Whitelist / Blacklist Policies

Email access control mechanism that allows email senders through, except for senders who have been denied access.

DMARC Domain Fraud Prevention

Protects your brand and the people who trust it from suspicious and infringing domains.

Click here to see full features

The powerful email security suite offers a multi-level protection against email-borne attacks, and also includes advanced threat protection features like Malicious Attachment Blocking, Anti-Phishing Policies, and Domain Fraud Prevention. 

Learn more: Advanced Threat Protection

ExchangeDefender Security

What is Phishing?

In recent years, spear phishing attacks have been on the rise, and have costed American businesses millions of dollars per year in time and resources.

Phishing is a fraudulent attempt via email to obtain sensitive information like username, passwords and credit card details. This type of attack is tricky because the phishing email appears to be from a trustworthy entity like Netflix, or Apple for example.

Furthermore, the phishing email typically has a call to action, and directs the user to a website via a link within the email. This website then asks the user to update personal information – and boom, your information now is in the hands of hackers.  

According to a recent study by Verizon (2019), over 80% of security compromises start with a spear phishing email. ExchangeDefender can help you eliminate spear phishing threats or just provide notifications to your users when they get tricked into clicking on a link leading somewhere dangerous.

The solution: ExchangeDefender Spear Phishing Protection

ExchangeDefender provides the most sophisticated and most comprehensive real-time protection from email phishing threats through ExchangeDefender Phishing Firewall, External Sender flagging, real-time databases of safe and dangerous sites, and flexible phishing content handling policies.

The Basics:

1. ExchangeDefender’s phishing protection works on every device that is wifi-enabled with the ability to receive email.

2. There is no download or installation required for the security feature.

3. Our email spear phishing protection enables you to whitelist and blacklist email addresses and domains.

Spear Phishing Protection Highlights:

Phishing Firewall

ExchangeDefender rewrites the URL of links in HTML emails and redirects you through our cloud filtering service that can alert or block threats you may inadvertently click on. (Learn More)

Flag External Emails

ExchangeDefender modifies the subject of messages received from outside of your organization, so nobody can ever mistake a message from external source or a coworker. ([EXTERNAL])

Blacklist / Whitelist

ExchangeDefender Phishing Firewall allows organizations, domains, groups, and users to maintain a list of safe and dangerous web sites, to which traffic should be allowed to pass or be blocked.

To learn more about ExchangeDefender’s Email Phishing protection and how it works, click here.

You can also explore our advanced email security suite that includes phishing protection, and so much more!

ExchangeDefender Product Features

ExchangeDefender’s Live Archive solution offers uninterrupted access to live and archive email via the cloud. It enables organizations to access their email even when service disruptions occur, without customers knowing that there is an internal outage in progress.

The basics of Live Archive:

It’s Always On, and Running
Always have access to your email even during service interruptions.

It is Easy to Setup
Get up and running in minutes, there is no training required.

No Downloads Required
No software installations, no manual switches, and does not require management or maintenance.

It’s mobile friendly
Enjoy 24/7 access to your emails no matter where you go.

Live Archive is an enterprise-grade email continuity service that lets you resume work after a service interruption, or other technical malfunction.

Powered by our custom solutions in multiple data centers, LiveArchive delivers a vigorous and resourceful solution that is secure, and reliable! The best part of all is that – LiveArchive is always-on, constantly archiving your sent and received mail for up to one year. No maintenance or management to worry about in case of an outage. LiveArchive is continuously uploading your mail whether your system is up or not.

Live Archive Top Features:

Secure Servers

We offer email continuity using our secure standby servers to archive emails instantly.

Real Time Archiving

Live Archive is always on records emails in instantly powered by our mail systems with data center redundancy.

One Year Storage

Receive up to 1 year of inbound and outbound mail accessible via our LiveArchive website. If you’re looking for long-term storage for email compliance, see compliance archiving.

Active Sync

It allows for you to sync your contacts, calendars, appointments and everything else in Outlook. And gives you the option to search and manage those items.

So, How Does Live Archive Work?

It’s as simple as typing in livearchive.exchangedefender.com, or livearchive.us and logging on to your account using your credentials. You are able to send, receive, forward and search, any of the mail that you need which we have rescued for you. Our inbound and outbound servers are simply an in-between step to your email being sent; as it is going to and from your mailbox, your correspondence is being saved in our servers for you later.

General

ExchangeDefender announces it will be offering Support to third-party users.

One of the first announcements of 2020, covered during our most recent webinar , concerned support and our overall improvement of the platform that now serves a far wider audience than ever before.

We’re often asked to work with third parties, contracted or part time IT staff, client vendors, and everyone else that touches the email ecosystem.

Since we’re closer to our client’s email than even their own Outlook, we can help solve problems before anyone is even aware of them. Sometimes that requires us to work with 3rd parties and now we’re making that super easy, too. Just point your browser to:

https://ExchangeDefender.com/help

Traditionally we’ve worked only with the IT Professionals part of the world (MSP, VAR, CIO) but as more business processes enter the world of email and DNS, we’re often working with external parties who need help with our platform but don’t necessarily work for an IT management company nor for our client. We’re still here to help, and we start through the help site.

What sort of issues do we expect to handle through this?

Compliance requests. RBL/SPAM delisting/whitelisting requests. Misc problems with delivery or configuration. CRM or platform integration issues. Development automation. IoT restrictions and alert delivery. Outlook amnesia. If it relies on ExchangeDefender, we’ll take a look at it. Just go to /help and we’ll find someone that can help.

Sincerely,

Vlad Mazek

CEO

ExchangeDefender

P.S. This is just one of the many enhancements you’ll be seeing this year. We’re going to make significant headway in self-management this year and our support will be on par with that.