Security Menu

MDaemon is equipped with an extensive suite of security features and controls. Click Security on MDaemon's menu bar to reach the following security features:

AntiVirus SecurityPlus for MDaemon can help you stop email-borne computer viruses by providing the highest level of integrated protection available for MDaemon customers. It will catch, quarantine, repair, and/or remove any email message found to contain any virus. For MDaemon PRO users, SecurityPlus also contains a feature called Outbreak Protection, which can be used to protect you from certain spam, phishing, and virus outbreaks that can sometimes be missed by the other traditional, content and signature-based security measures.

Content Filter a highly versatile and fully multi-threaded Content Filtering system makes it possible for you to customize server behavior based on the content of incoming and outgoing email messages. You can insert and delete message headers, add footers to messages, remove attachments, route copies to other users, cause an instant message to be sent to someone, run other programs, and much more.

Spam Filter uses spam filtering technology to heuristically examine email messages in order to compute a "score". This score is used to determine the likelihood of a message being spam. Based on that determination the server can then take certain actions such as refusing or flagging the message. See also: Spam Traps

·	DNS Black Lists allows you to specify several DNS blacklisting services that will be checked each time someone tries to send a message to your server. If the connecting IP has been blacklisted by any one of these hosts, the message will be refused.

·	Relay Control used to control what MDaemon will do when a message arrives at your mail server that is neither from nor to a local address.

·	IP Shield if a domain name specified in this list attempts to connect to your server, its IP address must match the one that you have assigned to it.

·	SMTP Authentication used for setting several options that denote how MDaemon will behave when a user sending a message to MDaemon has or has not been authenticated first.

Reverse Lookup MDaemon can query DNS servers to check the validity of the domain names and addresses reported during incoming messages. Controls on this screen can be used to cause suspicious messages to be refused or a special header inserted into them. Reverse Lookup data will also be reported in the MDaemon logs.

·	POP Before SMTP the controls on this screen are used to require each user to first access his or her mailbox before being allowed to send a message through MDaemon, thus authenticating that the user is a valid account holder and allowed to use the mail system.

·	Trusted Hosts domain names and IP addresses that will be considered as exceptions to the relay rules listed on the Relay Control screen.

SPF/Sender ID All domains publish MX records to identify the machines that may receive mail for them, but this doesn't identify the locations allowed to send mail for them. Sender Policy Framework (SPF) and Sender ID is a means by which domains can also publish "reverse MX" records to identify those locations authorized to send messages.

DomainKeys and DomainKeys Identified Mail DomainKeys (DK) and DomainKeys Identified Mail (DKIM) are email verification systems that can be utilized to prevent spoofing. They can also be used to ensure the integrity of incoming messages, ensuring that the message hasn't been tampered with between the time it left the sender's mail server and arrived at yours. This is accomplished by using an encrypted public/private key pairs system. Outgoing messages are signed using a private key and incoming messages have their signatures verified by testing them with the public key published on the sender's DNS server.

Certification Message Certification is a process by which one entity vouches for or "certifies" the good email conduct of another entity. The Certification feature is beneficial because it can help ensure that messages will not be erroneously or needlessly subjected to unwarranted spam filter analysis. It can also help lower the resources required to process each message.

·	Address Blacklist lists addresses that are not allowed to send mail traffic through your server.

·	IP Screen used to designate IP addresses from which you will allow or refuse connections to your server.

·	Host Screen used to designate hosts (domain names) from which you will allow or refuse connections to your server.

Dynamic Screen using the Dynamic Screening feature, MDaemon can track the behavior of sending servers to identify suspicious activity and then respond accordingly. For example, you can temporarily ban an IP address from future connections to your server once a specified number of "unknown recipient" errors occur during the mail connection from that IP address.

·	SSL & TLS MDaemon supports the Secure Sockets Layer (SSL) protocol for SMTP, POP, and IMAP, and for WorldClient's web server. SSL is the standard method for securing server/client Internet communications.

Backscatter Protection "Backscatter" refers to response messages that your users receive to emails that they never sent. This occurs when spam messages or messages sent by viruses contain a Return-Path address that is forged. Backscatter Protection helps prevent this by ensuring that only legitimate Delivery Status Notifications and auto responders get delivered to your accounts, by using a private key hashing method to generate and insert a special time-sensitive code into the Return-Path address of your users' outgoing messages.

Bandwidth Throttling the Bandwidth Throttling feature makes it possible for you to police the consumption of bandwidth used by MDaemon. You can control the rate at which sessions or services progress, setting different rates for each of MDaemon's major services on a per-domain basis, including the Default and Extra Domains and the Domain Gateways.

Tarpitting makes it possible for you to deliberately slow down a connection once a specified number of RCPT commands have been received from a message's sender. This is to discourage spammers from trying to send unsolicited bulk email to you. The assumption behind this technique is that if takes spammers an inordinately long period of time to send each message then that will discourage them from trying to do so again in the future.

Greylisting Greylisting is a spam-fighting technique that exploits the fact that SMTP servers retry delivery of any message that receives a temporary (i.e. "try again later") error code. Using this technique, when a message arrives from a non-white listed or otherwise previously unknown sender, its sender, recipient, and sending server's IP address will be logged and then the message will be refused by Greylisting with a temporary error code during the SMTP session. Then, when the legitimate servers attempt to deliver the messages again a few minutes later, they will be accepted. Because spammers do not typically make further delivery attempts, Greylisting can significantly help to reduce the amount of spam your users receive.

HashCash HashCash is a "proof of work" system that is both an anti-spam tool and a Denial of Service countermeasure similar to an electronic form of postage. Using the HashCash system MDaemon can mint HashCash stamps, which are in effect "paid for" with CPU processing time rather than actual currency. A HashCash stamp is inserted into an outgoing message's headers and then verified by the recipient's email server and weighed according to the value of the stamp. Stamped messages are more likely to be legitimate and can therefore be passed through the receiving server's anti-spam systems.

·	LAN IPs use this screen to list IP addresses that reside on your LAN (local area network). These IP addresses are therefore treated as local traffic for the purposes of bandwidth throttling, and may be exempt from various other security and spam prevention restrictions.

·	Site Policy used for creating a site policy to be transmitted to sending servers at the beginning of every SMTP mail session. An example of a common site policy is, "This server does not relay."