Home
|
Helpdesk
|
Technical Library
|
FAQs
|
Demon MailDefender
FAQs
Why will MailDefender stop spam more effectively than my current desktop solution?
Because MailDefender is designed to work at the Internet level, rather than at the desktop level, it has many advantages that can only be found in a system that is trusted by hundreds of thousands of users. It uses multiple spam and virus filter engines, including a heuristic virus scanner to protect against new and unknown threats, all of which are continually updated.
What's so good about a solution that works at the Internet level?
Because MailDefender is hosted in a data centre, spam and viruses are removed well away from your own network, which means you don’t have to download lots of dangerous and unwanted emails. That means your Internet connection is used more effectively and also that malicious software is dealt with by us and not by your mail server.
So what do I need to install?
Absolutely nothing. No hardware or software is required. The management portal for MailDefender is accessed via a web browser so all you need is a username and password.
Can I trust MailDefender to be reliable?
We use a redundant infrastructure across multiple data centres, and as MailDefender has been designed on a fully resilient architecture it can withstand the loss of individual elements such as scanners and Internet links, without disruption to your service.
How does MailDefender scan my mail?
When you sign up for the service, your email domain records are changed to pass all your email traffic to MailDefender. The service filters your traffic and then passes on the resulting clean emails to your mail server.
What if I want to look at a 'spam' email - won't it be filtered out?
Spam emails are placed in a searchable quarantine queue where they are held for 21 days. The quarantine management allows individual mails to be viewed and released if required.
Our employees haven't got the time to manage a complex system; is MailDefender going to be an extra burden to look after?
Not at all. We've made sure that MailDefender is simple to use. In day to day operation, the majority of users simply get spam-free and virus-free mail and never need to perform routine management. In fact, many users find they never need to check their quarantine queues at all. Because we update MailDefender automatically 24/7, you never have to worry about being caught out by not applying the latest signatures.
I've used a spam filter before and still received lots of unwanted mails - why is MailDefender going to be any better?
MailDefender uses multiple spam detection engines, including Cloudmark and SpamAssassin, plus address block lists. All of these are continually updated and adapted to combat emerging spam techniques. Cloudmark's detection technology is unique, because unlike many other solutions, it isn't founded on software-based judgements of what constitutes spam. Its scanning signatures are based on real time feedback from over 100 million email users worldwide. Individual spam reports are graded, analysed and compared in real time to produce unique fingerprints for every mail passing through the system. Reliable spam reporters are graded higher than new users without a proven track record. In this way the system amasses one of the most accurate decision-making capabilities in the industry, which results in a largely spam-free inbox for MailDefender users.
I already use a virus program; why do I need one for my email?
For many years email has been the prime method hackers have used to distribute malicious software. There is wide agreement amongst security experts that a multi-layered approach to virus protection is the best method of defence. The antivirus protection in MailDefender doesn't mean you should get rid of desktop antivirus software, because there are still plenty of ways a PC can be infected besides email. However, by removing viruses from email outside your network, you are limiting the number of threats as a whole that your defence systems have to deal with.
Can MailDefender protect me if I get a virus infection other than by email?
It can help. Because you can opt to have outgoing mails scanned for viruses as well as incoming ones, if one of your PCs becomes infected and the virus starts trying to replicate itself via external email, MailDefender will block the infected mails as they leave your network. This contains the damage until you can disinfect the systems involved.
So what antivirus system does MailDefender use?
On the basis that no one set of antivirus signatures will catch every piece of malicious software, MailDefender uses multiple systems. We use the Sophos, Clam, and Cloudmark detection engines plus a heuristic scanner which checks for unknown threats. We check for Sophos updates every five minutes.
What if I have users that don't want the same spam filtering as everyone else?
MailDefender can be tailored to the individual needs of each person in your organisation. We recognise that what is spam to one person might not be to another, so MailDefender gives you the tools to adjust the level of filtering so that each user receives the email they need to be productive.
What about threats other than viruses?
The scanning engines in MailDefender are routinely referred to as 'antivirus' but signatures also check for Trojans, worms and other malware. Phishing emails are undergoing a rapid increase at the moment, because most users now have better basic antivirus protection. As they contain no active content and look just like genuine emails, they are particularly hard to detect. The Cloudmark technology in MailDefender is, in our opinion, exceptionally good at blocking this type of threat.
We use a SMTP feed and we host our own email boxes. Does this cause a problem?
This isn't a problem. MailDefender is available to customers with private mail servers fed with SMTP mail through us.
Can I get a large number of users set up quickly?
Yes, the MailDefender IT Administration control panel can be used to export and import user lists, either in CSV or Excel spreadsheet format.
If a particular user has not been set up on the system, do emails get sent straight through, bounced or quarantined?
They will be sent to the quarantine queue in the Administration account.
Will my Linux servers be protected too?
Although Linux viruses are extremely rare, MailDefender's use of the ClamAV filter provides a strong defence for these niche attacks, since ClamAV is extensively supported by the open-source community which is dominated by LINUX. ClamAV supports scanning of all of the standard Unix file archive types including Zip, RAR, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others.
Can MailDefender protect users that operate under a different domain name?
Users can be spread over six different domain names at no extra charge. There is an option to add further domain names (please enquire for further details). All the domain names must be hosted and managed by us to be protected by the MailDefender service.
What management information is available to me?
MailDefender customers have access to a password-protected web-based management report. You can use this to see a variety of information about your domain(s) such as email traffic volumes, viruses sent and received, the most common viruses and so on.
What happens if I send or am sent a virus?
If an email is carrying or suspected to be carrying a virus it is put into quarantine. For outbound emails, we will notify the sender only. For inbound emails we will notify both the sender and the recipient.
Can I make sure that future emails from a particular sender are not quarantined, even if they are 'spam'?
The online management console enables you to add email addresses to a whitelist which allows traffic from these to be delivered, or to tell the system for future reference that the email in question is in fact not spam.
An ordinary mail from someone I know was quarantined. How could that happen?
Where an apparently 'good' mail is blocked by a blacklist it will be because it is being routed via an IP address from which real spam has emanated in the recent past. This will most likely be an 'open relay', which is in essence a badly configured part of the sender's computer system, or that of their ISP. This poor configuration allows spammers to use the system as a 'launch pad' for spam, allowing them to save the processing load on their own system and hiding the true origin of the spam. Responsible ISPs will avoid open relays on their systems and will close them where they are found. The solution to this problem is:
- Advise the sender of the mail blocked by the blacklist to alert their ISP. The ISP will probably wish to take action to get themselves de-listed from the blacklist, as this listing will be affecting a lot of mail from that route, not just from your correspondent.
- If you wish to receive email from this correspondent regardless of the nature of the mail, add them to your whitelist.
What is a whitelist? How do I add people to the list?
A whitelist is a list of addresses specified by you. Emails from these addresses bypass the spam detection engine and are therefore delivered regardless of whether or not they would usually be classified as spam. Any email address sending mail classified as spam that you wish to be delivered can be added to the whitelist. To add an address, visit the MailDefender support site, select the relevant email and click on the ID hyperlink. One of the action options is 'Always allow email from (add to whitelist)'. Selecting this option will add the email to the whitelist and email from that sender will always be allowed through the system.
A newsletter I subscribe to was stopped by the spam scanner. Why?
There is almost no way for the filter to distinguish between spam and marketing material you want to receive. There are several options for dealing with this situation:
- If you are notified that a mail you want has been stopped, access the quarantine area and collect it
- Add the sender address to the whitelist (this is the recommended option)
- Add the email to your filter training set
Newsletters and other marketing emails are often sent from a variety of addresses, so simply adding the current address to the whitelist may not solve the issue. You may prefer to add the email to the 'good mail' filter training set and the filter will learn to let messages with these characteristics through the filter. However, please note that by adding spam-like mail to the 'good mail' training set, you could be giving MailDefender a slightly distorted picture of what really constitutes good mail and spam, impacting slightly on the system's overall efficiency.
Can I adjust the way that MailDefender filters spam?
Yes. This can be done by using the MailDefender whitelist, filter training sets or filter sensitivity settings. Filter sensitivity settings can be fine-tuned by checking the desired field on the sensitivity scale displayed on your MailDefender online management console. Please note that adjusting to a more aggressive filter setting will cut out more spam, but may also result in a number of false positives (good e-mails being quarantined); less aggressive settings may cut out all risk of false positives, but will also allow more spam to pass through. The default sensitivity setting is the result of many months of research and we recommend that this is left unchanged for some time. Only if after several months of use you feel the setting needs fine-tuning would we recommend you do this.
Products
Internet Access
Hosting & Web Services
Hardware & Security
Mobile Services
Voice Services
Data Services
Domain Services
