mailMDaemon’s Email Defence

The MDaemon Messaging Server is a leader in email security using a layered approach offering proactive protection against email-borne threats of spam, viruses, malware, and phishing. Click any of the features below for more information:

Spam Filter

MDaemon includes a powerful spam filter, greylist processing, and features SpamAssassin 3, which uses a wide variety of local and network tests to identify spam signatures to make it harder for spammers to identify a single aspect that they can craft their messages to work around.


MDaemon supports the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol for SMTP, POP, and IMAP, and for WorldClient (MDaemon’s Web-Based Email Client).

Relay Controls

Controls what the MDaemon Messaging Server does when a message arrives at your mail server that is neither from nor to a local address.

SMTP Authentication

SMTP Authentication provides an option requiring users to authenticate with a username and password when sending mail.

Bayesian Learning

MDaemon’s spam Filter supports Bayesian learning, which is a statistical process that can optionally be used to analyze spam and non-spam messages in order to increase the reliability of spam recognition over time. The spam filter can then increase or decrease a message’s spam score based upon the results of its Bayesian comparison.

Reverse Lookups

MDaemon can query DNS servers to check the validity of the domain names and addresses reported in the headers of incoming messages. Optionally, suspicious messages can be refused or have a special header inserted into them. Reverse Lookup data is also reported in the MDaemon logs.

Content Filter

A highly versatile and fully multi-threaded Content Filtering system makes it possible for you to customize server behavior based on the content of incoming and outgoing email messages. You can insert and delete message headers, add footers to messages, remove attachments, route copies to other users, cause an instant message to be sent to someone, run other programs, and much more.

Sender Policy Framework

Sender Policy Framework (SPF) is a security feature that identifies hosts that are authorized to send mail for a specific domain.

IP Shielding

IP Shielding allows you to block mail from specific domains from unauthorized IP addresses. Any email server that is accepting email via SMTP is susceptible to being used by unknown users claiming to be a user at the local domain name to ‘spoof’ email out through the server. MDaemon’s IP Shielding can stop this by specifying that when a user sends an email claiming to come from a specified domain name, that the IP address that user is using must be within a certain defined range. If you are running multiple domain names on your server, you can create one or more separate IP Shielding entries for each domain.

Backscatter Protection

Backscatter occurs when spam or viruses send mail using a forged email address as the return path. This can lead to thousands of bogus delivery status notices (DSN), vacation and out-of-office messages, auto-responders, etc., ending up in the inbox. Backscatter Protection distinguishes between legitimate and unauthorized use of your email address in the MAIL FROM: return path. By protecting the return path, MDaemon can determine whether a certain class of messages (such as DSNs, vacation notices, and auto-responders) is valid or not.

Vouch By Reference Certification

Vouch By Reference (VBR) Certification provides a mechanism through which certification providers may vouch for the email messages sent by others. By adding an additional header to outgoing mail, it provides a simple way for certification providers to vouch for a particular sender without requiring the certification provider to sign (or even know about) any mail that is sent. To learn more about VBR and email certification view Alt-N Technologies’ Email Certification.

Email Authentication

MDaemon uses all methods of email authentication techniques including DomainKeys Identified Mail (DKIM), Sender Policy (SPF), and DMARC (Domain-Based Message Authentication, Reporting and Conformance) to help message recipients verify the authenticity of the sender. MDaemon also uses DKIM ADSP (Author Domain Signing Practices), which is an adjunct mechanism to aid in assessing messages that do not contain a DKIM signature for the domain used in the author’s address (in the FROM: header). ADSP defines a record that can advertise whether a domain signs its outgoing mail as well as how other hosts can access that record.

Spam Filter Blacklist

The spam filer blacklist can be used to prevent unwanted mail from email addresses or entire domains. With MDaemon’s spam filter blacklist, messages from blacklisted addresses will have their spam scores adjusted upward. By default, 100 points are added to the message’s spam score.

Dynamic Screening

With Dynamic Screening, you can automatically ban senders who connect more than a given number of times in a given time period, or ban senders who receive a given number of “Recipient unknown” errors. Frequent ‘Recipient unknown’ errors are often a clue that the sender is a spammer since they commonly attempt to send messages to outdated or incorrect addresses.

Dynamic Screening Notifications

The Dynamic Screening settings can be configured to notify the postmaster after a specified number of failed authentication attempts made by an account. The notifications that are sent to the postmaster have been updated to include the date, time, IP address, and protocol used, to make it easier to find and troubleshoot authentication failures. The MDaemon logs will display failed authentication attempts in this format: “Failed $PROTOCOL$ authentication attempt from $IP$ for “$EMAIL$””

Hijacked Account Detection

Spammers continue to hijack SMB / SME email accounts (similar to open relay hijacking) and use them to send hundreds or thousands of spam messages from unsuspecting users and businesses. Undetected, this has the potential of putting your company’s IP address and domain name on a Realtime Blackhole List (RBL) or DNS Blackist (DNSBL). MDaemon’s Dynamic Screening has been improved by adding a Hijacked Account Detection feature, which will detect, disable, and notify the IT administrator of accounts that send too many messages in a given timeframe. MDaemon allows the email administrator to configure settings for the number of messages and time (in minutes) to establish the parameters that best fit an organization’s environment.