You may have picked up in the IT press recently that we're starting to see an industry-wide movement to a new, and importantly more secure, standard of SSL certificate.  Alt-N Technologies, developer of the Exchange alternative MDaemon Messaging Server have just announced they too are following this trend and stating they'll be replacing all end-point and intermediate server certificates with those based on the new SHA-2 algorithm. Important note: Alt-N will be moving to SHA-2 SSL certificates on January 20, 2015.

We recently needed to migrate our own internal MDaemon and SecurityGateway server to a new location. Luckily we often do this for customers and we have guides specifically written to help with this process. Migrating MDaemon Migrating SecurityGateway However one of the areas which we felt we haven't documented before is how to also migrate an existing SSL certificate that was being used by multiple services in these products.

This year in particular, I've seen an increasing number of users' email account credentials become compromised, which has allowed spammers free reign to use their mail server to send spam out to the Internet. The usual result is an overflowing outbound mail queue, thousands of bounce messages coming in and your server's IP address being blacklisted. The first thing to note is that if your company has an email server, you should assume that spammers will always be trying to hijack users' accounts by guessing their passwords. In this post I will run through a few simple pro-active settings checks that can reduce the chances of this happening and - in the unfortunate event that it does happen - can limit the resulting negative effects.

Over the last 24 hours we have seen a few instances where valid email from Outlook.com servers has been rejected by our customers MDaemon and SecurityGateway servers due to SPF record checks. The emails getting rejected do appear to be valid messages but have been arriving from an IP address not included in the sending servers SPF records. The common factor here is that all the sending domains are using outlook.com services.

If you're using Office 365, or one of the many hosted Exchange variants available today, you may be aware that MailStore has long been able to give you a complete and automatically synchronised off-site copy of your mail. I've always been happy recommending it as a solution, Office 365 outages happen so it is popular among our customers, however when my colleagues over in the German development team at MailStore let me know about their recent breakthrough in the latest version, I could immediately see the potential for hosted Exchange customers.

If you've recently made the move to MailStore version 9, it's entirely possible you'll be sat there wondering why on earth all of those archiving jobs you had set up can't be modified any more. You'll hopefully be pleased when I tell you it's not a mistake and nothing's gone dramatically wrong, it's just that MailStore are now adopting a new and far more efficient way of automating jobs that no longer needs the old Windows task scheduler method.

A new SSL vulnerability is doing the rounds this morning, known as POODLE, or Padding Oracle On Downgraded Legacy Encryption. POODLE is a newly disclosed vulnerability in the legacy SSL 3.0 protocol that could be exposing users of newer Transport Layer Security (TLS) encryption protocols to risk. If exploited, the POODLE flaw could potentially enable an attacker to access and read encrypted communications.

If you have recently upgraded to MailStore version 9 you may not be aware that the new maximum number of messages that an archive can contain has now been increased from 500,000 to  5,000,000 messages. If you are like me and you have found yourself with a collection of much smaller MailStore message archives it is now much easier to merge these together into a smaller number of larger archives.