How to kill SPAM without using ExchangeDefender
65% of all emails sent are spam, what’s the solution?
At ExchangeDefender we kill SPAM for a living. We spend a ton of time and energy identifying, filtering, and destroying junk mail. If you’ve ever wondered how you could make your email experience better, even without the massive layered security that ExchangeDefender provides, these are the steps you could take today:
1. Configure strict SPF/DKIM DNS records
SPF and DKIM (DMARC) can help you protect your domain name from being used in SPAM mailbombs. Spammers will often use real email addresses and domains to send forged “spoofed” email messages and SPF/DKIM provide a mechanism for identifying which email server/platform you use. By setting up an SPF/DKIM you can tell places that are receiving email from your domain what to do if the message wasn’t actually sent from you. If your inbox is full of email bounces and non-delivery receipts, someone is using your email address to send junk mail and an SPF/DKIM record will practically eliminate bouncebacks.
2. Get rid of generic email aliases
At ExchangeDefender we manually process SPAM complaints from our customers – that’s how we train our system to eliminate messages that otherwise make it through because they are legitimate in every way we can automatically process them. The number one way to get a ton of annoying email that may be on the borderine between legitimate commercial mail and an unsolicited one: generic email aliases. If you get info@, sales@, admin@ or so on, you are painting a giant bullseye on your Inbox and practically begging to be spammed.
3. Unsubscribe from newsletters
I know, I know, everyone that has your email address supports CAN-SPAM , would never send you unsolicited mail, would never sell their client list… and even if you believe all those lies most of the time, people still get hacked. All the time! As do their ISPs and infrastructure along the way. If you want to reduce the amount of junk mail you deal with, simply reduce the number of places that have your email address. Simple!
4. Don’t click on everything in your Inbox
Sometimes SPAM gets through. Sometimes dangerous stuff from your friends and colleagues gets forwarded around. Sometimes your antivirus isn’t up to date. Sometimes the firewall virus protection is misconfigured our expired. Things happen: none are a good excuse for the simplest thing you can do: avoid clicking on anything in messages that look or seem suspicious.
5. Do not blindly whitelist major ISPs
The second biggest source of SPAM complaints at ExchangeDefender is actually completely self-inflicted: people whitelist major email providers and wonder why blatant junk mail keeps on “slipping through” as whitelisted. Go through your whitelist entries in Outlook, etc and make sure you aren’t whitelisting Gmail, Outlook, Yahoo, Verizon, AT&T, Hotmail or any of the widely used and abused email domains. Spammers know your email admin doesn’t want to deal with complaints about messages you’re getting from these platforms so they treat them more leniently – so spammers simply abuse them.
It’s really that simple – following these steps will cut your junk mail pile in half within a day. If you want to reduce it to less than 1%, ExchangeDefender is here for you for less than a buck a month or you can layer it and add more protection if you need it because time is money: but no amount of technology and automation can replace just a little bit of common sense.
Federal Trade Commission
CAN-SPAM Act: A Compliance Guide for Business
The official website of the Federal Trade Commission, protecting America’s consumers for over 100 years.
XD Service Manager Beta Release
We are very excited to announce the launch of the new XD Service Manager that will allow our partners and their clients a much friendlier way to manage their Exchange services. This is a complete rewrite of the code – frontend and backend – and we’ve taken all the feedback and made the beast much friendlier both for smaller accounts as well as for enterprise clients with tons of users to manage directly. The goal was to entirely remove the IT department and “the PowerShell guy” from the equation and put power user tools at your disposal to quickly and effectively make changes on the mass scale.
But first, the frontend – full rewrite – with new responsive UI and controls. Previous jQuery UI that has been hacked, tweaked and kicked along for years is being replaced by this UI that will work as well on the desktop as it does on any mobile device:
Navigation is in line with typical modern design you’ve seen in many other web applications with ability to filter, scope, search and quickly apply changes to multiple accounts.
Actions are context-based, meaning you will not be refreshing the entire page in order to get search results or do quick changes on multiple accounts. We’ve fully extended the Exchange feature set in the new UI giving you the ability to centrally manage all aspects of your Exchange service without having to go back and forth between different screens or modules (so in that regard, it’s even easier to deal with than an Exchange management console)
Finally, and perhaps most importantly, the new service is very end-user friendly. While 90% of the feature requests for the new service manager came from our power users that expressed a lot of frustration with the speed and accessibility of the portal, we needed to recognize the reality of who manages IT in 2018 – it’s no longer the IT guy or the IT department – users want to be able to take control of their public folders, distribution groups, forwarding, password resets and so on – so our design had to take that into account as well:
As you can tell, the new Service Manager is far friendlier and uses the same wizard approach in the end-user mode that they are likely very familiar with. Because we’ve done very strict implementation on the backend (with all the regulations we are now responsible for), it’s virtually impossible for them to make a mistake. Unfortunately for some of our unskilled IT folks this means no more “Password1” or “NoSPAM” or “Princess1!” as a password going forward but everyone will be experiencing far fewer problems as a result of it.
Better reporting as well – you’ll be able to get the full overview of configuration, who uses what, where they are at and so on.
The new Service Manager goes into Beta next week (last week of March 2018) and will run in parallel with the existing Service Manager (on the same site as https://support.ownwebnow.com) as we get more feedback from our entire user base – so don’t worry about this springing up on you as a surprise. You will see the new link on the Dashboard and will have the ability to access the new infrastructure from there. Both will continue to work for at least a month.
This is also the new UI framework for Shockey Monkey: which we have been working on for a year now. The same infrastructure, MVC, UI and upgraded backend are going to be driving ExchangeDefender, SM, XD and all other services which means that you’ll very soon be managing everything from the same look and feel that will be extended to your site as well. What it ultimately means is that the new UI will follow your branding and your color schemes and no matter where in the ExchangeDefender universe your client ends up, they will be dealing directly with your brand.
And we’ll be there in a live chat to provide support and help them out with every service.
Thereby ultimately managing the entire communications, collaboration and business management platform end-to-end. Very exciting times ahead!
-Vlad
CEO, ExchangeDefender
Attachment download: New Service Manager Partner Guide (pdf).
XD Bug Fixes / Updates
Hey guys,
Over the past two weeks we’ve been fixing some of the little bugs and initiating some error trapping to improve the overall experience within Exchange Defender. We’ve been focusing on error trapping the account creation stage, making it easier to set up accounts correctly, and other stuff of that nature.
Updates:
• Account creation will now check for aliases before submitting, if an alias for the email address you are trying to create already exists and is tied to another account it will notify you of an issue. We’ve also configured it to check Distribution Groups, External Contacts and everything else to avoid having problems such as those pop up on account creation.
• All columns in the Service Manager are sort-able by their names, email addresses, domains.
• The Distribution Group tab now alphabetizes the list of users to make it easier to search through and search for users that are added or need to be added. The list is divided, the top of the list is email addresses added to the user group and the bottom of the list has External Contacts that have been added to the Distribution Group (each one is organized alphabetically).
• We fixed a bug with the CC Expiration Date for card holders using the year 2020. It would revert the CC Expiration date to show 2018.
• The Spam Quarantine for users now has a few options to make checking, deleting, or approving spam easier. It also has had some visibility tweaks / improvements to the message description format.
• We’ve gone through and fixed some of the errant CSS Style errors that were prevalent on some of our lesser used webpages and fixed some of the branding issues that existed on some of the pages in the admin portal.
LocalCloud – Update
Today I’ve published an update for LocalCloud, which addresses a few issues that would result in a failure to upload a file. This issue would only occur under certain conditions and was only prevalent in large files It’s turns out this was a result of a known bug inside the .NET framework and how it handles event notifications for the filing system. In addition to resolving this bug, I’ve also implemented a few performance enhancements that should make the application run smoother.
Download: http://www.exchangedefender.com/software/XDStorage.exe
If you’re running a previous version make sure to uninstall it first. However, we’ve upgraded to a new installation platform and all future updates will be patched automatically.
Several months ago we added the LocalCloud feature set into our ExchangeDefender mobile application for both the iPhone and Android. Now you have the ability to access your files from your desktop, mobile workstation and practically any mobile device!
If you have never heard of LocalCloud, it’s a cloud based storage solution for documents. It recognizes multiple file types and is 100% compatible with office applications. You can share documents between computers and even allow other individuals access to your files. With multiple access points comes great responsibility, for this we have access control. This feature allows you or another individual to “check-out” files to prevent accidental overwrites while the data is exchanged in the cloud.
Hosted Exchange – Configuration Checker
Throughout the day we receive hundreds of requests for new services and existing account modifications. Luckily we automated this process from a very early stage and this helped to prevent 99% of account provisioning errors. Believe it or not, there was once a time where everything was processed manually!
However on occasion when there is a hiccup, then it’s simple a matter of locating the source of the issue. While issues on our end are rather easy to diagnose and fix, it’s not always as simple on the partner’s side. There can be a handful of issues that can arise if the account is not properly configured or contains an invalid parameter.
This is why we’ve implemented a well overdue feature integrated directly inside the service manager. If you select the drop down box next to any Hosted Exchange account, you will see a new option called “Check Configuration”.
After selecting this option you will be brought directly to the “Check Configuration” page. It will automatically populate the email address from the previous screen and run the initial check. Also keep in mind that you are able to test other accounts without leaving this page.
It will perform several checks including: Syntax, Server Location, Provisioning, MX Record, Autodiscover and validates that the account is protected by ExchangeDefender. In the event an issue arises you have the option to either “Email” or “Open Ticket” which will automatically include the onscreen results.
We believe that solving the issue promptly makes for a better long term relationship. So if there are any features or adjustments we can make to help smooth the transaction between you and your clients, don’t hesitate to let us know! Our support staff eagerly awaits the opportunity to speak with you about how we can continue to improve our process!
ExchangeDefender – Licensing (Enhanced)
Over the years we’ve always had a desire to increase the aspects of reporting in several areas. However due to time restraints and prioritizing our efforts towards ensuring we made our platform completely stable and continuing to provide a rock solid solution, we had to defer until later.
This has been the case for the last few years. We all worked insane hours to ensure that everyone had an awesome product, that they would be proud to call their own! Now we are enjoying the fruits of our labor and focusing on creating more of the eye popping visual features that will really help showcase our product!
As a result, I’m proud to showcase one of our latest ExchangeDefender features.
While signed in as a (Service Provider) account, you can view the licensing page located under: Licensing->Management. Here you could see the total seat count for the desired domain at a glance. We’ve expanded this to also include the ability to list each individual account under the domains. This is a toggle-able option that is off by default to help limit the initial page load for those who don’t want the extra information.
Not only that, you also have the ability to save and download a PDF of the current view. This has been highly requested by several users as to provide them the ability to keep archived copies of their seat counts each month for financial records. Other users have simply expressed the need to print these reports, which we have also implemented with one click access.
Lastly we understand that our partner’s clients also like to be kept in the loop about their spam information from time to time. Listed next to every domain is the ability to view and print the current SPAM statistics for that account. All of this information is simply one click away, quick and easy access to the information your clients want to see!
Stay tuned we’re working on even more exciting features to help ease the load of bringing a new client on-board and continuing to manage that account!
Outlook Add-In (New Features)
Over the past few weeks, we’ve improved some core functionality inside of our Outlook SMTP Security Platform. We’ve reviewed customer feedback on a few issues, features requests and overall usability. In addition to the software improvements, we’ve introduced a new feature available to all ExchangeDefender Pro customers (not available in Essentials).
This new feature is called the Robot Filter. The feature allows for automatic processing of newsletters into a sub folder within your inbox. Messages that are deemed to match the extensive rule set are quickly processed and sent to this folder.
This works for existing (unread) messages and new messages that arrive after Outlook has been launched. Also if you come across a message that was missed, you can use the “Flag Robot” button to report that sender and catch future messages. Now when you come into work, you don’t have to spend hours going through your daily newsletters. However these messages will still exist perfectly save inside of the Robot Filter folder to be reviewed at your convenience. In the event you locate a message that you don’t want flagged, you may click the button that says “Always Inbox” to have the rules skip the designated sender.
You may also use the “Report Spam” anywhere inside of your inbox to quickly flag a message and submit the headers to us for improved filter results.
Use our product and if your not happy tell us how to improve, that’s all we ask!
Your feedback shapes our future developments, so tell us what you need.
Mobile – XD Business Communicator
XD Business Communicator is one of our latest additions to our mobile software suite. Extending the functionality and portability of our ExchangeDefender product line, this app keeps your connected!
Quarantine
You have the ability to manage your SPAM & SURESPAM quarantines. You can view each message in real time with a life preview pulled directly from our secure network. In the event you come across a message that has been caught by mistake, you can release the message for delivery. You also have the ability to whitelist (trust) a sender to ensure future mail delivery from that specified contact.
Encryption
Another useful feature packaged within the mobile application is the ability to generate an e-mail message ready for encryption. This feature will start a new message with [Encrypt] prepended to the subject line. This will ensure the message is sent through our encryption mail delivery channels. The only thing left for you to do is enter the recipient and message body and hit send.
LiveArchive
In the event of a catastrophic failure and your mail server is down or inaccessible, you have direct access to your live archive account. By clicking the button labeled Livearchive you will be signed directly into your business continuity account. This provides a quick and workable solution in the event of an emergency!
2FA
This feature is one of our newest additions. If you have 2FA enabled on your ExchangeDefender profile, this will allow you to generate a one-time use authentication code to access your account. Upon attempting to sign-in to your online profile, you will be prompted for the 2FA code which will be available on this mobile device. Those who required increased security, this is the feature that will help bring that comfort home!
About
We’re constantly providing updates to our applications. The about page display general information about the application and information about what’s changed between software revisions.
SMTP Security Outlook 2010, 2013 & Desktop Client – Major Update
Today we’ve published an update to the Outlook 2010, 2013 and Desktop Client SMTP Security application. This update addresses several bugs, performance issues and even a few feature requests!
- We’ve added the ability to view and manage alias accounts. (See Figure 1)
- An issue where the submission of multiple spam messages at once has been fixed.
- Messages submitted as SPAM are now sent to the “Junk” folder.
- Fixed several performance issues relating to “Hanging” or “Freezing”.
- We’ve fixed the issue that was causing the “Add-In” tab to be renamed.
- We’ve added the ability to disable the automatic refresh cycle. (See Figure 2)
- Fixed an issue that was causing compliance messages to not populate.
- Fixed an issue that caused the quick links to not work correctly. (See Figure 3)
If you currently have the add-in installed, simply close and re-launch outlook. If you had our most recent version previously, the add-in should automatically update. However, if you notice that an automatic update did not occur, simply uninstall the old version and obtain the latest version.
Downloads
Figure 1 – Ability to view and manage alias accounts.
You alias accounts will populate in this list in the order of the main account, then followed by domain and users alphabetically.
Figure 2 – Ability to disable automatic refresh intervals.
You now have the option to disable the automatic synchronization.
Figure 3 – Fixed an issue that caused the quick links to not work correctly.
Clicking this link will sign you into your web management console automatically!
Compliance Archive – Improved Searching!
Over the last month we have been in the process of improving the architecture behind Compliance Archive. Your information has already been migrated into this new compliance standard and we were able to do this with very little noticeable downtime. The main reason for this improvement was to help enhance database performance and finally be able to offer advance searching and audit reports.
To give you an idea, on the old architecture an advanced report would take roughly 20-30 minutes and would typically time out due to (multiple refreshes) or a user’s browser becoming unresponsive. So before we built the GUI to allow for these searches, we had to get this under control.
Now with the new system not only do searches come back typically within 3-4 minutes, they are scheduled jobs. So you type in your search, submit your criteria and either wait or check back once they have finished. The best part is, you can REPEAT your searches once they’ve finished! So let’s say you’re required to perform the same mundane search once a month, now you can with only a few clicks!