Blog

The sheer amount of email that flows across the internet every day is staggering, but what's all too easy to overlook is just how insecure this form of communication actually is. Often email delivery is compared to traditional paper post in that there is an envelope containing a letter, there are senders and there are recipients. In reality, the comparison is much more similar to a postcard.

Microsoft Small Business Server was discontinued in 2013, leaving a real niche for MDaemon as lots of small businesses were forced to decide between "full blown" Exchange (as I like to call it) or the cloud and Office365. It's not a direct replacement - if you use all of Exchange's advanced features you'll most likely find something MDaemon won't do (shared custom category synchronisation springs to mind) and vice versa, but 95% of it's there. Some pretty competitive pricing and no database to go all skewiff at 4:55pm on a Friday afternoon make it an attractive proposition for smaller companies in particular.

If you're already backing up your email as part of a standard routine, you could be forgiven for thinking that adding archiving to the mix would needlessly be doubling up. I should mention at this point, if you're not doing anything at all, then you really need to be rectifying that situation rather than reading our blog (as nice as it is to have you).

We've just made the latest version of MailStore live on our site and if you, or perhaps your customers, are users of Google Apps, it's one I highly recommend you download. The ability to archive Google mail isn't completely new to MailStore, however in previous versions, each mailbox would need to be archived individually, requiring a separate archiving 'job' and manual entry (and ongoing maintenance) of username and password credentials. In version 9.1, the German developer have now made the whole process a breeze.

You may have picked up in the IT press recently that we're starting to see an industry-wide movement to a new, and importantly more secure, standard of SSL certificate.  Alt-N Technologies, developer of the Exchange alternative MDaemon Messaging Server have just announced they too are following this trend and stating they'll be replacing all end-point and intermediate server certificates with those based on the new SHA-2 algorithm. Important note: Alt-N will be moving to SHA-2 SSL certificates on January 20, 2015.

We recently needed to migrate our own internal MDaemon and SecurityGateway server to a new location. Luckily we often do this for customers and we have guides specifically written to help with this process. Migrating MDaemon Migrating SecurityGateway However one of the areas which we felt we haven't documented before is how to also migrate an existing SSL certificate that was being used by multiple services in these products.

This year in particular, I've seen an increasing number of users' email account credentials become compromised, which has allowed spammers free reign to use their mail server to send spam out to the Internet. The usual result is an overflowing outbound mail queue, thousands of bounce messages coming in and your server's IP address being blacklisted. The first thing to note is that if your company has an email server, you should assume that spammers will always be trying to hijack users' accounts by guessing their passwords. In this post I will run through a few simple pro-active settings checks that can reduce the chances of this happening and - in the unfortunate event that it does happen - can limit the resulting negative effects.

Over the last 24 hours we have seen a few instances where valid email from Outlook.com servers has been rejected by our customers MDaemon and SecurityGateway servers due to SPF record checks. The emails getting rejected do appear to be valid messages but have been arriving from an IP address not included in the sending servers SPF records. The common factor here is that all the sending domains are using outlook.com services.