Today sees the latest point release in the roadmap of German developer MailStore, and in addition to a long list of fixes there are a couple of interesting new developments which have caught our collective Zen Software eye. Version 9.2's 'juicy bits' that I'll talk a little more about in this post include:
  • Independence from the Windows scheduler
  • A great new synchronisation feature for users of Office 365
  • Better handling of large search results in the MailStore clients
  • Support for the new 64-bit version of MDaemon

With the EoL deadline for Windows Server 2003 fast approaching, decisions over operating system upgrades and in particular, whether or not to stick with Microsoft Exchange, are currently high up on the agenda for many small businesses. For alternatives to Exchange such as MDaemon Messaging Server (voted number one alternative by 'Spiceheads') now is the time to shine. With that in mind, we're running a flash sale for one month to give you a wee incentive to take a look at MDaemon for yourself and to download the free 30-day trial.

To the unfamiliar, the 'Reverse Lookup' might sound like something you'd see in one of Tom Daley's diving routines. However in email and DNS terms, it's an essential security check which can dramatically reduce the amount of spam you're seeing. It's also one of those many tricky DNS areas that causes confusion so I hope this post will help demystify it a little.

In order for any users to log in to email archiving software MailStore Server, a local 'MailStore' user account needs to exist. You could simply just manually create users, entering usernames and passwords individually. However for any installation with more than a handful of users, as you can probably imagine, that can soon end up becoming a pain. For this reason, MailStore includes the directory services feature to synchronise local accounts with an external user list which is what I'm going to cover in this post.

The sheer amount of email that flows across the internet every day is staggering, but what's all too easy to overlook is just how insecure this form of communication actually is. Often email delivery is compared to traditional paper post in that there is an envelope containing a letter, there are senders and there are recipients. In reality, the comparison is much more similar to a postcard.

Microsoft Small Business Server was discontinued in 2013, leaving a real niche for MDaemon as lots of small businesses were forced to decide between "full blown" Exchange (as I like to call it) or the cloud and Office365. It's not a direct replacement - if you use all of Exchange's advanced features you'll most likely find something MDaemon won't do (shared custom category synchronisation springs to mind) and vice versa, but 95% of it's there. Some pretty competitive pricing and no database to go all skewiff at 4:55pm on a Friday afternoon make it an attractive proposition for smaller companies in particular.

You may have picked up in the IT press recently that we're starting to see an industry-wide movement to a new, and importantly more secure, standard of SSL certificate.  Alt-N Technologies, developer of the Exchange alternative MDaemon Messaging Server have just announced they too are following this trend and stating they'll be replacing all end-point and intermediate server certificates with those based on the new SHA-2 algorithm. Important note: Alt-N will be moving to SHA-2 SSL certificates on January 20, 2015.

We recently needed to migrate our own internal MDaemon and SecurityGateway server to a new location. Luckily we often do this for customers and we have guides specifically written to help with this process. Migrating MDaemon Migrating SecurityGateway However one of the areas which we felt we haven't documented before is how to also migrate an existing SSL certificate that was being used by multiple services in these products.

This year in particular, I've seen an increasing number of users' email account credentials become compromised, which has allowed spammers free reign to use their mail server to send spam out to the Internet. The usual result is an overflowing outbound mail queue, thousands of bounce messages coming in and your server's IP address being blacklisted. The first thing to note is that if your company has an email server, you should assume that spammers will always be trying to hijack users' accounts by guessing their passwords. In this post I will run through a few simple pro-active settings checks that can reduce the chances of this happening and - in the unfortunate event that it does happen - can limit the resulting negative effects.