The MDaemon Messaging Server is a leader in email security using a layered approach offering proactive protection against email-borne threats of spam, viruses, malware, and phishing.
MDaemon includes a powerful spam filter, greylist processing, and features SpamAssassin 3, which uses a wide variety of local and network tests to identify spam signatures to make it harder for spammers to identify a single aspect that they can craft their messages to work around.
When combined with SecurityPlus for MDaemon, MDaemon provides inline Antivirus scanning that helps detect and reject viruses with the least amount of time and effort.
MDaemon supports the Secure Sockets Layer (SSL)/Transport Layer Security (TLS/StartTLS) protocol for SMTP, POP, and IMAP, and for WorldClient (MDaemon's Web-Based Email Client).
Controls what the MDaemon Messaging Server does when a message arrives at your mail server that is neither from nor to a local address.
SMTP Authentication provides an option requiring users to authenticate with a username and password when sending mail.
MDaemon's spam Filter supports Bayesian learning, which is a statistical process that can optionally be used to analyze spam and non-spam messages in order to increase the reliability of spam recognition over time. The spam filter can then increase or decrease a message's spam score based upon the results of its Bayesian comparison.
Reverse Lookups can detect spoofed email addresses and other threats. MDaemon can query DNS servers to check the validity of the domain names and addresses reported in the headers of incoming messages. Optionally, suspicious messages can be refused or have a special header inserted into them. Reverse Lookup data is also reported in the MDaemon logs.
A highly versatile and fully multi-threaded Content Filtering system makes it possible for you to customize server behavior based on the content of incoming and outgoing email messages. You can insert and delete message headers, add footers to messages, remove attachments, route copies to other users, cause an instant message to be sent to someone, run other programs, and much more.
Sender Policy Framework (SPF) is a security feature that identifies hosts that are authorized to send mail for a specific domain.
IP Shielding allows you to block mail from specific domains from unauthorized IP addresses. Any email server that is accepting email via SMTP is susceptible to being used by unknown users claiming to be a user at the local domain name to 'spoof' email out through the server. MDaemon's IP Shielding can stop this by specifying that when a user sends an email claiming to come from a specified domain name, that the IP address that user is using must be within a certain defined range. If you are running multiple domain names on your server, you can create one or more separate IP Shielding entries for each domain.
Backscatter occurs when spam or viruses send mail using a forged email address as the return path. This can lead to thousands of bogus delivery status notices (DSN), vacation and out-of-office messages, auto-responders, etc., ending up in the inbox. Backscatter Protection distinguishes between legitimate and unauthorized use of your email address in the MAIL FROM: return path. By protecting the return path, MDaemon can determine whether a certain class of messages (such as DSNs, vacation notices, and auto-responders) is valid or not.
Vouch By Reference (VBR) Certification provides a mechanism through which certification providers may vouch for the email messages sent by others. By adding an additional header to outgoing mail, it provides a simple way for certification providers to vouch for a particular sender without requiring the certification provider to sign (or even know about) any mail that is sent. To learn more about VBR and email certification view Alt-N Technologies' Email Certification.
MDaemon uses all methods of email authentication techniques including DomainKeys Identified Mail (DKIM), Sender Policy (SPF), and DMARC (Domain-Based Message Authentication, Reporting and Conformance) to help message recipients verify the authenticity of the sender. MDaemon also uses DKIM ADSP (Author Domain Signing Practices), which is an adjunct mechanism to aid in assessing messages that do not contain a DKIM signature for the domain used in the author's address (in the FROM: header). ADSP defines a record that can advertise whether a domain signs its outgoing mail as well as how other hosts can access that record.
The spam filer blacklist can be used to prevent unwanted mail from email addresses or entire domains. With MDaemon's spam filter blacklist, messages from blacklisted addresses will have their spam scores adjusted upward. By default, 100 points are added to the message's spam score.
Messages from addresses or domains on the Whitelist (by sender) or Whitelist (by recipient) will have their spam scores lowered by 100 points, by default. Messages from addresses or domains on the Whitelist (no filtering) will not be processed by the spam filter.
Spammers continue to hijack SMB / SME email accounts (similar to open relay hijacking) and use them to send hundreds or thousands of spam messages from unsuspecting users and businesses. Undetected, this has the potential of putting your company's IP address and domain name on a Realtime Blackhole List (RBL) or DNS Blackist (DNSBL). MDaemon's Dynamic Screening has been improved by adding a Hijacked Account Detection feature, which will detect, disable, and notify the IT administrator of accounts that send too many messages in a given timeframe. MDaemon allows the email administrator to configure settings for the number of messages and time (in minutes) to establish the parameters that best fit an organization's environment. You can set different message and timing thresholds depending on the source IP of the incoming connection. You can also set separate limits for connections from reserved IPs, local domain IPs, and all other IPs.
MDaemon's Spambot Detection feature tracks the originating IP address from which every return-path value (sender) uses over a period of time. If the same return-path is used by multiple IP addresses (more than can normally be expected) within a given period of time, then this typically indicates a possible spambot network is being used. When a spambot is detected, the connection is dropped and the sending address can optionally be blacklisted for a designated period of time.
With SMTP Screening (Dynamic DoS, Dictionary, and Brute Force Attack Detection and Prevention), you can automatically ban senders who connect more than a given number of times in a given time period, or ban senders who receive a given number of "Recipient unknown" errors. Frequent 'Recipient unknown' errors are often a clue that the sender is a spammer since they commonly attempt to send messages to outdated or incorrect addresses.
Dynamic Screening (Dynamic Authentication Failure Screening) can be configured to track authentication failures for all protocols, including SMTP, POP, IMAP, WorldClient, and ActiveSync (among others). After receiving a specified number of failed authentication attempts from a given IP address in a designated period of time, subsequent connections from the IP are blocked for a specified period of time.
The Dynamic Screening settings can be configured to notify the postmaster after a specified number of failed authentication attempts made by an account. The notifications that are sent to the postmaster have been updated to include the date, time, IP address, and protocol used, to make it easier to find and troubleshoot authentication failures. The MDaemon logs will display failed authentication attempts in this format: "Failed $PROTOCOL$ authentication attempt from $IP$ for "$EMAIL$""
Location Screening settings allow administrators to block incoming SMTP, POP, and IMAP connections from designated countries. This benefits businesses by allowing them to block messages from countries with which they do not do business, and provides an extra layer of spam protection when certain countries are known sources of spam.
Administrators can perform a variety of tasks via the Account Manager, such as adding or removing accounts, changing passwords, enabling or disabling accounts, configuring autoresponders, and much more.
The account listing in MDaemon's Account Manager can be filtered to show all accounts, or only accounts that match specific criteria. The account listing can also be filtered based on content in the Mailbox field, Real Name field, or Groups field. Other filtering options include the ability to display accounts based on their status, such as whether they are frozen, disabled, over quota, forwarding, or using an autoresponder.
Password controls allow administrators to maintain strong password policies in MDaemon (including a minimum length requirement), and to monitor weak password usage. Accounts can be temporarily assigned a weak password when the option to require the user to change his password has been enabled. MDaemon will display a pop-up warning, asking if you wish to temporarily store a weak password.
With simple push-button controls, administrators can require all accounts that have a weak password to change their passwords. Administrators can also generate and email a weak password report to any designated email address. The recipient of that report can then notify those users to change their passwords as needed.
MDaemon can also store mailbox passwords using non-reversible encryption. This protects the passwords from being decrypted by MDaemon, the administrator, or a possible attacker.
MDaemon's Health Check Utility will analyze all security-related settings and display a report of each feature that is not configured with the recommended setting. This report includes the name of the feature, the current setting for that feature, its recommended setting, and the GUI path to the setting. Administrators can select an entry in the report and click on "Set To Recommended" to re-configure the selected feature with the recommended setting, or by holding down CTRL or SHIFT, multiple items can be selected and re-configured simultaneously.
MDaemon supports "Let's Encrypt," a certificate authority service that uses an automated process to provide free certificates for Transport Layer Security (TLS) encryption for secure websites