MDaemon provides comprehensive protection against spam, viruses, phishing, spoofing and unauthorised relaying and access. Technologies include SpamAssassin anti-spam, Kaspersky anti-virus, Commtouch Recurrent Pattern Detection, SSL encryption, tarpitting, DNS based look-up checks, DKIM message signing and verification, SPF/Sender-ID source validation, greylisting, host and sender screening, and Backscatter bounce address tag validation (BATV).
Sophisticated AntiVirus Protection*
MDaemon's SecurityPlus plug-in adds a powerful anti-virus engine developed by industry leader Kaspersky Lab. This accurately detects email-borne viruses and malware quarantining and notifying as required. Additionally, 'inline scanning' during each SMTP session, effectively stops malicious emails before they've been accepted by your email server and daily automated virus signature updates ensure an excellent level of protection is maintained without hassle.
* This feature requires the SecurityPlus plug-in which is licenced seperately
SpamAssassin based Spam Filtering
MDaemon includes a powerful spam filter, greylist processing, and features SpamAssassin 3, which uses a wide variety of local and network tests to identify spam signatures to make it harder for spammers to identify a single aspect that they can craft their messages to work around.
Zero-Hour™ Outbreak Protection*
Outbreak Protection applies real-time pattern analysis checks against inbound email, providing much more timely protection against new fast spreading viruses and spam than traditional filter and signature based solutions that require detection, analysis and updates.
* This feature requires MDaemon Pro and the SecurityPlus plug-in which is licenced seperately
SSL and TLS
MDaemon supports the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol for SMTP, POP, and IMAP, and for MDaemon's WorldClient webmail server.
Controls what the MDaemon Messaging Server does when a message arrives at your mail server that is neither from nor to a local address.
SMTP Authentication provides an option requiring users to authenticate with a username and password when sending mail.
MDaemon's spam Filter supports Bayesian learning, which is a statistical process that can optionally be used to analyze spam and non-spam messages in order to increase the reliability of spam recognition over time. The spam filter can then increase or decrease a message's spam score based upon the results of its Bayesian comparison.
MDaemon can query DNS servers to check the validity of the domain names and addresses reported in the headers of incoming messages. Optionally, suspicious messages can be refused or have a special header inserted into them. Reverse Lookup data is also reported in the MDaemon logs.
A highly versatile and fully multi-threaded Content Filtering system makes it possible for you to customize server behavior based on the content of incoming and outgoing email messages. You can insert and delete message headers, add footers to messages, remove attachments, route copies to other users, cause an instant message to be sent to someone, run other programs, and much more.
IP Shielding allows you to block mail from specific domains from unauthorized IP addresses. Any email server that is accepting email via SMTP is susceptible to being used by unknown users claiming to be a user at the local domain name to 'spoof' email out through the server. MDaemon's IP Shielding can stop this by specifying that when a user sends an email claiming to come from a specified domain name, that the IP address that user is using must be within a certain defined range. If you are running multiple domain names on your server, you can create one or more separate IP Shielding entries for each domain.
Backscatter occurs when spam or viruses send mail using a forged email address as the return path. This can lead to thousands of bogus delivery status notices (DSN), vacation and out-of-office messages, auto-responders, etc., ending up in the inbox. Backscatter Protection distinguishes between legitimate and unauthorized use of your email address in the MAIL FROM: return path. By protecting the return path, MDaemon can determine whether a certain class of messages (such as DSNs, vacation notices, and auto-responders) is valid or not.
Vouch By Reference (VBR) Certification
Vouch By Reference (VBR) Certification provides a mechanism through which certification providers may vouch for the email messages sent by others. By adding an additional header to outgoing mail, it provides a simple way for certification providers to vouch for a particular sender without requiring the certification provider to sign (or even know about) any mail that is sent.
MDaemon uses all methods of email authentication techniques including DomainKeys, DomainKeys Identified Mail (DKIM), Sender Policy Framework (SPF), and Sender ID to help message recipients verify the authenticity of the sender. MDaemon also uses DKIM ADSP (Author Domain Signing Practices), which is an adjunct mechanism to aid in assessing messages that do not contain a DKIM signature for the domain used in the author's address (in the FROM: header). ADSP defines a record that can advertise whether a domain signs its outgoing mail as well as how other hosts can access that record.
Spam Filter Blacklist
The spam filer blacklist can be used to prevent unwanted mail from email addresses or entire domains. With MDaemon's spam filter blacklist, messages from blacklisted addresses will have their spam scores adjusted upward. By default, 100 points are added to the message's spam score.
With Dynamic Screening, you can automatically ban senders who connect more than a given number of times in a given time period, or ban senders who receive a given number of "Recipient unknown" errors. Frequent ‘Recipient unknown' errors are often a clue that the sender is a spammer since they commonly attempt to send messages to outdated or incorrect addresses.
Additional Security Features
- Host screening and IP screening
- Dynamic DoS, dictionary, and brute force attack detection and prevention
- HashCash and scriptable content filtering
- Attachment restriction and attachment compression
- LDAP and Minger recipient verification