Welcome to MDaemon Technologies' Suggestion Box

Listening to our customers is more than part of our mission statement, it is part of our culture. Do you have an idea that can improve our products or process? Please share it with us!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Sending user Country Block

    Mdaemon now has the ability to block countries which is great and I have found it very helpful in reducing spam and malware. However, the problem is as can be explained in this example.

    A Russian Hacker sends me an email through his email server (which is in Russia). So his email gets blockd because I have Russia on the blacklist.

    However, another Russian Hacker sends me an email through his email server (which is the US), so his email does not get blocked because I don't have US on the blacklist.

    Is it possible to block based on where…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →

    Hello,

    Thank you for sharing your idea with us to block based on where the user is located. Even if we could find a reliable way to determine the location of the user sending the email, it could have negative consequences. For example, along with the Russian hacker that is sending email through a server in the U.S. you would also block legitimate business people that are traveling to Russia and sending through their corporate email server which resides in the U.S.

    Thanks
    Arron

  2. Subfolder-Inbox should behave better

    Inbox folder created under Main Inbox should Increment the number of email(new or note) according to mail existence in sub-folder Inbox.

    Also On the summary page Inbox should also include new mail in sub-folder Inbox

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon Webmail  ·  Flag idea as inappropriate…  ·  Admin →
  3. Use Geolocation as Modifier or Whitelist for Dynamic screening

    Add an Option to use Location Screening as a Modifier or whitelist for Dynamic screening.
    Example: Change block duration for IP's if they come from a specific country (Users origin).
    Think of a botnet with dynamic IP's, and when a regular user gets such an "blacklisted" IP he could not connect, so i want these IP's not blocked as long as IP's from other countrys.

    Other Option is a relaxed Settings for one ore more specific Countrys.
    Example: block after 15 Failed Retrys, while IP's from other countrys would get blocked after 5 Failed Retrys.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →
  4. Ability to have IMAP Folders assign to group template for customization

    hi
    it would be nice if we could have possibility to costomize the default's IMAP folder and attached it to any created groups's template.
    So that any new user created and assigned to that group will received the default IMPA's Folder

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →

    Hello,

    Thank you for following up with additional information. Unfortunately, at this time we will not be able to implement the ability to force the creation of an IMAP folder in a mailbox and prevent the deletion of that folder. Depending on some specific details about what you are trying to accomplish there may be other options available to you, such as Public and Shared Folders. Another alternative would be to manually create the folder in the users mailbox and then alter the Windows ACLs for the folder so that it cannot be deleted by the account the MDaemon service is running under.

    Thanks,
    Arron

  5. for advanced search, make the default date range the last 12 months, instead of all time.

    When an account with many emails, does an advanced search, the default date range seems to be from first email to last email date. The result is that thousands of emails are searched needlessly.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon Webmail  ·  Flag idea as inappropriate…  ·  Admin →
  6. MDaemon for Linux more specifically Debian variant.

    I see it's been requested before and rejected but why not a Linux/Debian/Ubuntu version. Please, it's time to offer a Linux version!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →
  7. Bug. Cannot set forwarding when using external database.

    When MDaemon Email server is configured to external database, like Access. It is not possible to set forwarding after the account has already been set up.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →
  8. Letsencrypt script

    Hello,
    It could be helpfull to have, in the LetsEncrypt configuration tab, the ability to set a before and an after script that would be executed before and after your script.
    Thanks

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →

    Hello,

    Thank you for sharing your idea with us to allow the administrator to configure scripts to run before and after MDaemon run the LetsEncrypt script. Unfortunately we will not be able to add this to MDaemon. If you’d like this flexibility I would recommend creating tasks in Windows Task Scheduler to execute the LetsEncrypt script as well as the custom scripts you would like to execute.

    Thanks,
    Arron

  9. It's time for a Captcha

    Hi team,
    It's now time for a Captcha on the MDaemon WorldClient Webmail service.
    I know it was raised 6 years ago, but times have changed since then.
    I am seeing up to 100's of false attempts a day on our webmail address.
    I've got it set to block an IP address for a full year after 3 fails, but yet I'm not seeing any diminishing hits.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon Webmail  ·  Flag idea as inappropriate…  ·  Admin →

    Hello,

    Thank you for sharing your idea with us to implement captcha on the Webmail logon page. Unfortunately we do not have plans to implement captcha because Webmail and Remote Administration already offer two factor authentication. If you would like assistance setting up two factor authentication please contact our support team for assistance. All of our support options can be found at http://www.altn.com/support.

    Thanks,
    Arron

  10. 2 Factor authentication for SMTP

    Could we please add and enforce 2fa on SMTP connection pass+token? This would stop the possibility/ limit compromised pc and stolen password from being used. Which would also lower spam.

    This would also not be a bad feature for IMAP and POP3.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →

    Hi Andrew,

    We can add two factor authentication to the SMTP service, but since most email clients do not support it, users would be burdened with entering their password and a token every time the email client needs to login. It is my opinion that users are not going to want to do this. A much easier alternative, that is possible with the current version, would be to give each user account a longer password, MDaemon allows up to 72 characters when using non reversible password encryption. This doesn’t solve the problem, but it does make it much harder for passwords to be stolen. You can also enable location screening to restrict locations that are able to attempt to authenticate.

  11. Add suppport for Lets's Encrypt DNS-01 challenge to allow Wildcard certs.

    Could you please add support for Let's Encrypt DNS-01 challenge to allow wildcard SSL certs.

    According to letsencrypt, the ACMEv2 should be in production environment since february.
    See the FAQ below and the link
    https://letsencrypt.org/docs/faq/

    "Does Let’s Encrypt issue wildcard certificates?
    Yes. Wildcard issuance must be done via ACMEv2 using the DNS-01 challenge. See this post for more technical information."

    https://community.letsencrypt.org/t/acme-v2-production-environment-wildcards/55578

    From what I could see, you are using "ACMESharp" which is listed as an ACMEv2 capable client
    https://letsencrypt.org/docs/client-options/#acme-v2-compatible-clients
    https://github.com/ebekker/ACMESharp

    Best regards
    Dan Lundqvist
    Stockholm, Sweden

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow local (non-routable) IP logins when account frozen

    We have periods where someone will try to break into someone's account by attempting logins, each attempt from a different IP. At the attempt limit, the account will be frozen. If there was some way to only freeze the account from non-local (non-routable) IP's, so that people on the LAN would not be affected, that would be great. I don't want to immediately un-freeze the account, as it just allows the hacker to try again sooner.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →

    Hello David,

    Thank you for sharing your idea to allow local IPs to login to an account when it is frozen. Unfortunately, accounts can also be frozen for sending too much mail, and in this case allowing local IPs would defeat the purpose of freezing the account.

    Location Screening may be able to help, if you are using ActiveSync or WebMail. Known ActiveSync devices bypass Location Screening and two factor authentication can be used to bypass location screening when logging into webmail.

    Thanks,
    Arron

  13. Dynamic Screen IP that tries to authenticate to unknown local user.

    To reduce and possible prevent a lot of brute force authentication requests it would be nice to be able to enable a "Dynamic Screen IP that tries to authenticate to unknown local user."

    Even if some falls under other security domains it could block IPs from trying more than one time where they try to guess usernames.

    eg. a session tries an old users email or a bogus email built up with bits of information. If so, then the IP gets in the screen list directly.

    Dan Lundqvist
    MRZAZ.COM
    Stockholm, Sweden

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →

    Hello Dan,

    Thanks for sharing your idea with us. My apologies, I didn’t understand your request correctly. However, I think blocking IPs immediately that use an incorrect username will result in more issues. Think of users that incorrectly type their username. If this option existed and it were set to 1, users would have 1 chance to get it right. Only users that are using webmail or users setting up new accounts will be at risk.

    Thanks,
    Arron

  14. Upgrade process requires Internet access for license prevents thorough testing.

    We like to test upgrades before deploying them in production. When running the upgrade on a test VM copy of the server, the 17->18 licensing would not allow us to continue without Internet. We do this to prevent downloading mail that might have to be abandoned if there's a problem.

    Please change this process to allow a "enter license later" option during the upgrade.

    It's nice to have faith in the upgrade process, but we like to be sure as it's our mail service on the line.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →

    Hello,

    Thank you for sharing your idea with us to allow a license to be entered later. Unfortunately, entering a license later is not something we are planning to implement. Currently, the easiest way to prevent MDaemon from downloading mail from the internet is to disable the feature in MDaemon that is downloading the mail. For example, if you are needing to disable the MultiPOP engine it can be disabled by going to the File menu and make sure the MultiPOP server is not enabled.

    Thanks,
    Arron

  15. Improve DKIM options

    Cannot handle DKIM signature structure (field t= is missing for example)

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  SecurityGateway  ·  Flag idea as inappropriate…  ·  Admin →
  16. MDPC Pricing Structure

    I am investigating the option of using Mdaemon for pupil emails for Curriculum Use. Teachers need to teach pupils how to use email. One of the main reasons that I want to use Mdaemon is so that we can configure pupil email accounts to never receive emails from outside - no strangers can send them emails (only other pupils and teachers on the same Mail Server, but not necessarily same domain i.e. different schools) and secondly because I want to setup an internal message chatting program so that pupils can chat to other pupils at other schools.

    However the cost…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon Private Cloud  ·  Flag idea as inappropriate…  ·  Admin →
  17. "SMTP Screen" causing false positives which blacklist mailing lists containing stale local email accounts

    We just upgraded form 16.0.4 to 17.5.3. The new version includes the new SMTP Screen feature, which blacklists sending IPs that cause 'n' failed RCPTs in a given period. This feature is presumably to prevent account-fishing attacks, a worthy goal.
    However, a nasty side effect is that it also blacklists sender IPs who are mailing lists where the list contains too many obsolete local accounts (existed at one time, but since deleted) . Granted, these mailing lists should be paying attention to our 550 errors, but some are not. We are essentially forced to increase our RCPT error counts to…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →

    Hello Sheldon,

    Thank you for sharing your idea with us. Unfortunately, there is no way for MDaemon to know if the inbound SMTP session is a legitimate mailing list or an attacker. If possible, I’d recommend whitelisting the IP addresses that are sending the mailing list traffic.

    Thanks,
    Arron

  18. Ability to Whitelist or exclude specific MDaemon users or accounts that travels frequently from location screening

    I'd like to see the ability to Whitelist or exclude specific MDaemon users/accounts that travel frequently from location screening.
    Currently location screening can only whitelist IP addresses not email addresses or accounts/users.
    That will cut out a lot of tedious admin needed when specific users frequently travel abroad.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon  ·  Flag idea as inappropriate…  ·  Admin →

    Hello Mark,

    Thank you for your suggestion. In many cases the user that is connecting is not known at the time of location screening. Instead of whitelisting users we have added options in MDaemon 18.0.0 to choose which protocols location screening is applied to and a second option which excludes known ActiveSync devices from location screening. We also plan to add a third option that allows WorldClient users with two factor authentication enabled to bypass location screening.

    Thanks,
    Arron

  19. Email threading date wise order

    Email threading date wise order

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  MDaemon Webmail  ·  Flag idea as inappropriate…  ·  Admin →
  20. Edit as new in email composing

    Edit as new in email composing

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  MDaemon Webmail  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6
  • Don't see your idea?

Welcome to MDaemon Technologies' Suggestion Box

Categories

Feedback and Knowledge Base