ability to add to dynamic screen ip addresses that fail geolocation and they attempt auth

can it be helped to open certain restriction domains globally from mdaemon settings without having to open the restriction one by one the user account

We are using "Send directly and use smart host on problems."

As soon as graylisting is involved this immediately enforces the smart host to be used while it should not.

An option to specify the amount of unsuccessful direct connections (before the fallback to the smart host is used) should be added.

In our company, we use readonly public folders for departmental in/out mails, and read/write for custom archiving. As practically all mails get archived at least once, this leads to lots of wasted space.
So, suggestion:
When possible (folders on same drive), add support for and give the option to enable "create hard links for copied files". This would not only reduce space, but will probably also increase performance, due to fewer actual data = more unique content cached.

We have some aliases that are never used to log-in, authenticate, or send e-mail. But, we see hack attempts that try to authenticate using those aliases. I would like to see a per-user control that allows/disallows authentication by aliases.

Graylisting is a great way to help stem the flood of spam when used properly. I believe it would be beneficial for reporting and/or monitoring purposes to be able to have a statistical count available over time. I would be great to review this on the Remote Admin Reports pages, possibly viewed as Email Count Graylisted and Email Count Successful.

When creating a content filter, it would be good to be able to compose the name of a group from variables. Currently, i can't e.g. use 'If the SENDER' is a member of "x1.$FILTERRULENAME$"... to declare a group based on the filtername (or other variable), which limits automation on certain occasions.

I wish there was an Add-on for MDaemon that can Analyze the MDaemon Logs & give Administrator, Statistical information about E-mails like:

1. Number of E-mail from/to a Box/Domain or Domains .
2. Size of E-mails from/to a Box/Domain or Domains .
3. Information regarding to Protocols ( Imap/Smtp/Pop3 ) .
4. Statistics about How a E-mail Box worked by Send/Rec. E-mails .
5. Latest information about Time/Date of Users E-mails .

I think that, if Alt-n prepare this Add-on, it will be better than others 3'th Party Companies.

Abuseipdb https://www.abuseipdb.com/ has an free api to check ip's and Report ip's who are abusive

I find it a very reliable source and as mdaemon postmasters, we could help reporting abusive ip's (automaticly after more than x unsuccesfull authentications from one ip) thus using the mechanism mdaemon already uses to block ip's

Close connection when receiving files with certain (configurable) attachement types (for example ISO-files) instead of first accepting the mail and then passing it through Content Filter to delete/quarantine the mail in the second step. This has the advantage that a mail that has never been accepted does not need to be archived (in combination with saving bandwidth/cpu/disk space,...) and probably it would be easy to implement.

Add a macro to allow setting X-Priority header for urgent e-mails, especially in the "Send a NOTE to" option in Content Filter.

Dynamic Screening - Tracking the device who triggers the login failures.
It would be helpfull if a name from a device added to the log. So troubleshooting of logon failures would be much easier.

I am suggesting an enhancement to the current Inactive accounts option. If an account is created but never accessed, it never becomes active and the counter for inactivity never begins. Those accounts then remain enabled and increase the attack surface.

I would like to propose that the Inactive check look at the last accessed date, and if blank, looks at the created date, and then applies the action using the same value as set for Inactive, disabling and notifying of any accounts disabled as a result of this.

Regards,
Tim

You get an unclear warning from MDaemon if it can't reach the altn-servers to check the license. It basically just say that the system will shutdown in 7 days. In the log you can see what the problem is, but not what is going to happen. The GUI doesn't tell you anything. A 7 days warning is really bad during summer vacation. There should be a lot more days and a better explanation in the mail.

Allowing to control mails, calendar events and tasks using a EWS-like API.

Could not find this feature request (and I'm surprised of this)
AFAIK as of today the only way we have for unsubscribing a MDaemon mailing list is with a email reply.
This is a very old fashion way to manage unsubscriptions and it's not practical at all.

Can we have a web based system to manage this? That is: a web link is provided in the email and the recipient simply click this to open the usual web page we all know to click "unsubscribe"