Like all MDaemon releases, the developers at MDaemon Technologies continue to add new customer requested features and enhancements. Here is a quick overview of just some of the features end users and IT administrators will find helpful. A more comprehensive list of all new features and enhancements can be viewed in the MDaemon Messaging Server Release Notes.
Email Security - Check for Compromised Passwords
MDaemon can check a user's password against a compromised password list from a third-party service, and then prevent users from using passwords found on the list. If a user's password is present on the list it does not mean the account has been hacked. It means that the password has appeared in a data breach at some point. Published passwords may be used by hackers in dictionary attacks.
Email Security - MTA Strict Transport Security (MTA-STS)
MTA Strict Transport Security (MTA-STS) is a new internet standard that improves email security by requiring email to be sent to an authenticated server using good encryption between all connections through which the message passes. This helps prevent unauthorized message tampering while ensuring privacy and data integrity.
Email Security - RequireTLS
RequireTLS allows administrators to flag messages that must be sent using an encrypted (TLS) connection. Messages that cannot be sent via a TLS-encrypted connection will be bounced back to the sender rather than being sent without TLS. Like Strict Transport Security (STS), RequireTLS also protects against man-in-the-middle and encryption downgrade attacks.
Email Server - Per-host Authentication when Forwarding or Routing Mail
When forwarding, routing or collecting (dequeuing) mail, administrators can specify authentication settings for the host to which MDaemon is connecting. These settings can be applied to “Unknown Mail” processing, mailing list routing settings, forwarding or dequeuing settings for gateways, and forwarding settings for individual accounts.
Email Server - Clustering for Improved Protection Against System Interruptions
MDaemon's new clustering service enables administrators to set up multiple MDaemon servers in an Active/Active cluster. MDaemon synchronizes all configurations between servers, allowing multiple servers to service user accounts at the same time.>
Email Server - Authentication Failure Log>
The new Authentication Failure logging screen and corresponding log file allows administrators to track authentication failures for SMTP, IMAP and POP. The information includes the Protocol used, the Session ID so you can search other logs, the IP address of the offender, the raw Logon value that was used (sometimes this is an alias), the Account that matches the logon (or 'none' if no account matches), and a Notes field which may contain additional data when the attempt was made over SMTP.
Email Server - Deferred Message Queue
To help prevent message delivery delays caused by messages accumulating in the Inbound queue, MDaemon now has a dedicated queue for deferred messages. Messages that are placed in the Deferred queue will have the date they are scheduled to leave the queue encoded in their file names.
- MDaemon's Account Hijack Detection system can now track the number of times an account tries to send an email to an invalid recipient. If an account tries to send email to too many invalid recipients in a given time frame, MDaemon can freeze the account and then notify the administrator.
- A new option was added to MDaemon’s SMTP Authentication settings that disables authentication on the SMTP ports (25 and 465). This is useful in environments where all legitimate accounts are using the MSA port (587) or another port to submit authenticated mail.
- To help users identify potential phishing messages, MDaemon’s “From Header Screening” settings include an option that will change any email address found in the display name of an incoming message to match the actual email address found in the message’s From header.
- MDaemon's OpenPGP encryption now includes domain-wide encryption using a single key, and encryption based on receiving IP address.
- Macros are now supported in mailing list messages, allowing the message body to be personalized with the mailing list’s name or domain, or the full name or email address of the list member (if available).
- Administrators can configure a Do Not Disturb schedule for all users of a domain. During the Do Not Disturb schedule, MDaemon will still collect inbound mail, but users will not be able to check their email or send outbound mail.
- MDaemon’s archiving system has been improved, with new IN and OUT folders for senders and recipients. The new, dedicated “To Archive” queue allows messages placed in the queue (whether manually or via content filtering rules) to be archived. This is useful when an administrator wishes to archive only messages that meet specific criteria, rather than archiving all inbound and/or outbound messages. Also, an option was added to archive messages sent to public folder submission addresses.
- New features have been added to MDaemon’s Active Directory integration, including monitoring of Active Directory groups and improved handling of aliases. Also, several new fields are now supported in contact records within address books when they are added or modified in Active Directory.
- MDaemon’s Message Recall system has been improved. Users can now recall messages from other queues, or even from the Inboxes of other local users, even after any initial delivery delays during which messages are held in the Deferred queue. MDaemon will track the last 1000 messages sent through the server via authenticated sessions and process message recall requests for messages that were sent within the last 1000 messages. This allows users to recall messages directly from other local MDaemon users’ Inboxes after they have been delivered.