Welcome to MDaemon Technologies' Suggestion Box
Listening to our customers is more than part of our mission statement, it is part of our culture. Do you have an idea that can improve our products or process? Please share it with us!
36 results found
-
Outlook Plug-in or Method to Send to SpamLearn and NonSpamLearn
Need an Outlook Plug-in or some easy method for users to send spam that has reached their inbox to send messages to the provided SpamLearn@ address. Likewise there needs to be an easy method to use the NonSpamLearn@. As another user posted, there is no option to flag these on the quaratine views. What is particularly disturbing is that there is no documented procedure for users to flag delivered messages as spam that I can see.
12 votesHello Paul,
Thank you for providing your feedback and ideas. We will look into improving the ability to classify messages as spam or non spam for future versions.
Thanks,
Arron -
Security Gateway - sending statistics report with domain name included
Security Gateway sends statistics reports and only mentions the server name. If you have one domain to monitor then this is no issue. Monitoring multiple domains as administrator it would be nice to see which domain the report is about.
In my case, I monitor multiple domains but only have one administrator selected so I get a per domain report.
In this case you can see which domain needs attention most.2 votesHello,
Thank you for your suggestion. We will look into adding the domain name to the statistics reports for future versions of SecurityGateway.
Thanks again,
Arron
-
Option to Drop Connection Immediately upon DNSBL or Blacklist IP Lookup Found
The IP Blacklist and DNSBL actions should have the option to drop the SMTP connection immediately after learning that the source IP is black listed. The reason to drop the connection immediately is to reduce the additional processing that is essentially wasted if the policy is to reject the email.
The Blacklist IPs and DNSBL should be examined ASAP after connection to minimize the time to decide to drop a listed connection. Dropping the listed connection ASAP reduces the chance of an SPAM or SMTP attack from overloading the SG.
7 votesHello Arnold,
I have verified with our developers that the tests are occurring after the RCPT command so that any domain exceptions that exist can be applied. We will consider having the tests occur earlier in the session when no domain exceptions exist for future versions of SecurityGateway.
Thanks,
Arron
-
Per domain Authentication
Sign email received by authenticated server: now DKIM only sign email from authenticated session but you can only defined authentication per user. For example I have Exchange behind SecurityGateway and if I configure authenticaed Send Connector i should also disable "Authentication credentials must match those of the email sender" on security gateway. Doing so if an hacker will stole a single password he will able to send email from any local users....
1 voteHello,
Thank you for sharing your ideas with us. I have split your ideas into multiple items.
If I’m understanding correctly, you would like an option to exclude domain mail server from the requirement for authentication credentials must match those of the email sender. Is that correct?
I also wanted to mention that Location Screening may help you to secure your server. It allows you to only allow authentication from specific areas of the world. So for example, if all of your users were in Italy, you could restrict SG to only allow SG from within Italy.
Thanks,
Arron -
Same "subject" in too many recepient
When i see the same subject in 10 o 20 messages from outside world to inside domain with different address (eg: a@one.it, b@two.com, c@three.net) theese messages are sure fake mail. I would like to add XX point to hash subject each day
1 voteHello Carlo,
Thank you for sharing your idea to flag messages that have the same subject. I’m concerned that an option such as this might cause too many legitimate messages to be flagged, however, we will consider it for future versions.
Thanks again,
Arron -
Examine Messages in Administrative Quarantine
Copy a message in Administrative Quarantine with a suspected virus to the administrator's mailbox so they can run various AV tools on it to make sure the message is safe to release to the end user.
1 voteHi Shane,
Thanks again for sharing your idea with us to allow potentially infected emails to be delivered to the administrator. While there are still concerns about releasing a potentially dangerous email to anyone, this is no more dangerous than the ability to release the message to the intended recipient. It will be considered for future versions.
Thanks,
Arron
-
Spam quarantine delegate user rights
Allow users to setup delegate rights to their own spam quarantine for other users of Security Gateway.
3 votesHello Daniel,
Thank you for sharing your idea to allow users to delegate rights to their own spam quarantine. It will be considered for future versions.
Thanks,
Arron
-
Ability to view attachments from emails log
It would be goo to have the ability to view attachments when browsing the log of messages ?
Now that we are installing SecurityGateway at all our customers to replace their Barracuda units, we are finding that we often come across this limitation as, often, an end-user asks us to locate a particular email with a specific attachment. On their old Barracuda anti-spam appliances the feature was there.
With SG we have to get SG to deliver the email and then ask the user if that is the correct attachment - very time consuming !!
Michel
6 votesHello Michel,
Thanks for your suggestion on the ability to view attachments from the email log in SecurityGateway. It will be considered for future versions.
Thank again,
Arron
-
IPs and Hostnames exemption list for SPF and Rate Control processing
Hello Support,
I would like to make a request for an exceptions list of IPs and Hostnames for SPF processing.
Here is the problem. We, and many of our clients (we are an IT company), come from a background of Barracuda anti-spam units.
On a Barracuda you can specify some hosts or IPs that you want excluded from the Barracuda's equivalent of Security Gateway's SPF processing. Typically one uses that list specifically and only for the hosts addresses of one's Backup MX queues.
On Security Gateway, you cannot, with the following results :
a) Internet line goes down, so emails…
3 votesHello Michel,
Per feature whitelists will be considered for future versions. In the meantime there is a potential work around which I believe has already been shared with you, but I’ll share it for the benefit of everyone.
As a short term work around, you can use a custom SIEVE script for the SPF test. You will need to disable the built-in test, and replace it with something like.
require [“securitygateway”,“reject”,“fileinto”,“envelope”];
if not ip :is [“80.168.44.51”, “195.8.69.18”, “213.253.3.180”]
{
// cut paste text of system generated sieve script here
if allof(not whitelisted,not auth “succeeded”,not ip “des”) {
if lookup “spf” “fail” {
fileinto “spam”;
}
if lookup “spf” “softfail” {
spamscore “2.0”;
}
}}
Thanks,
Arron
-
Showing Whitelisted entries as such in the logs
Hello,
Our background is Barracuda and this request is straight from our experience following our switch from Barracuda to Security Gateway.
At the moment, the SG log shows all delivered mail as "Delivered" in green.
The problem with this is that, in the first month of fine tuning a new installation, one has to look at each individual "Delivered" mail to work out if it was delivered because it was whitelisted or simply because it passed the spam checks. Then, when you know it passed the spam checks, you then examine it to check if you should blacklist the sender,…
4 votesHello Michel,
Thank you for sharing your idea on providing more detailed logging information for SecurityGateway.
It will be considered for future versions of SecurityGateway.
Thanks,
Arron
-
Security Gateway: SIZE check with Destination MTA during SMTP Session
During the SMTP session with external MTA, have SG check size with eventual destination MTA
3 votesHello David,
Thank you for the additional details. Checking with the MTA for the maximum size allowed will be considered for future versions.
Thanks,
Arron
-
Disclaimer directly beneath current reply
It would be nice to have an option to add a disclaimer only to the current reply part of an email, so that it is always directly beneath the current reply, instead of being added to the far end of the mail body.
1 voteHello Carsten,
Thank you for submitting your idea. We will consider it for future versions of MDaemon.
Arron
-
Read-only administrators
At present, SG users can have one out of three roles:
1) global administrator (rw)
2) domain administrator (domain+ rw)
3) normal user (mailbox rw)I was asked if it is possible to creare read-only administrator users:
1) global administrator (rw)
1.1) global read-only administrator (r)
2) domain administrator (domain+ rw)
2.1) domain read-only administrator (domain+ r)
3) normal user (mailbox rw)4 votesHello Emanuele,
Thank you for the additional information. It will be considered for future versions.
Thanks,
Arron
-
Long Running (stay connected) and Live Log Display (refresh interval)
I really like the MDaemon client's log that can be continually live for administrator viewing.
I would like to see something similar in the SG. I would like to see options for the web client:
1) Length of time to stay connected before auto logging outOptions right on the detail Logs and Messages Logs (All, Quarantine, etc) screens:
2) Automatic Log Refresh (enable/disable checkbox) and refresh intervalBehavior for the Messages Logs (All, Quarantine, etc.)
3) Disable Automatic Logging when any of the Message links are clicked. Uncheck the Automatic Logging checkbox immediately when disabling the Automatic Logging.4 votesHello Arnold,
Thank you for your suggestion to add the ability to have the logs updated in real time in the SecurityGateway GUI. We will consider adding this for future versions of SecurityGateway.
Arron
-
Option to HOLD undeliverable email to invalid email addresses for configured domains
The SG currently rejects all email not associated with a user account or alias. It would be great to have an option that either passes this email to the inside servers or HOLD the undeliverable email to enable the Admin to determine its disposition or change its Recipient email address.
The Default for this option should be the current behavior of rejecting email to invalid recipients and replying to the sender with an Non-delivery 550 email.
This feature is important to us because not all of our customers have 100% typing accuracy when it comes to email addresses. This also…
5 votesHello Arnold,
Thank you for submitting your idea. It will be considered for future versions of SecurityGateway.
Thanks,
Arron -
Option to HOLD email sent with "Delivery Failure" result
Currently the SG does not retain email that it fails to deliver. I propose that there be an option to retain undeliverable email pending review and dispostion by an administrator.
This would be most valuable for initial configurations where the person setting up the system is trying to develop the best setup between the SG and inside email server(s). The Default for this option can be the current behavior to simply clear messages with permanent delivery failure.2 votesHello Arnold,
Thank you for submitting your idea to add an option to hold inbound email that cannot be delivered to the domain mail server. Enabling the option to not delete message content after a permanent delivery failure should work for you. We will consider adding additional options for the handling of inbound email for future versions of SecurityGateway.
Thanks,
Arron
- Don't see your idea?