No. (well, maybe)

There are no intentions to ever bring this feature to a supported ExchangeDefender configuration.

The complete answer is a little more technical and a little more involved than meets the eye. ExchangeDefender has full support for multihomed environments, be it over BGP4 routing or just multiple IP ranges with a load balancing or failover router. Truth is, we can route to a hostname or we can route to a Static IP address, which you can manually change using the control panel and have it propagate in less than 30 minutes.

The situation is a little more involved than that. Because of the amount of traffic, ExchangeDefender automatically caches name lookups and assigns them an hour long TTL (3600 seconds)- meaning that if we were to route to a dynamic hostname, that lookup would expire in an hour automatically, even if your IP changed more often than that and even if you had a lower TTL than that.

This is where the Dynamic DNS solution falls apart. When there are problems, there exists an inverse relationship between the importance of email and the amount of money the company is willing to spend to obtain a static IP address. When the setup happens, email is not critical and a business line connection with a static IP allocation is out of the question. When the email stops, for whatever reason, the company calls with $8.3 billion on the line threatening to sue if the mail is not restored 5 minutes before they noticed it went down.

This is the reason why Own Web Now Corp officially does not support Dynamic DNS routing. Will it, technically, work without a problem? Perhaps, but we will not offer support or assistance if it does not.

If your quarantine is showing as empty, then both your [SPAM] and [SURESPAM] have been set to either deliver or delete. Since this in essence either delivers or deletes all of your messages that are flagged as SPAM by ExchangeDefender, then your quarantine and its reports will be empty.

Note:  Admins, please remember that even if you have a setting you’re using as default at the domain level an individual user can use their access to override their setting.

In order to access this setting please go to your domain’s “Configuration” panel by clicking on configuration and setting the “SPAM Action” setting to quarantine for all users as show below:

ExchangeDefender is a server wide solution that protects you from junk mail (SPAM), viruses, trojans, malware, spyware and adware. In order to keep your entire server secure, ExchangeDefender requires that all email accounts on our exchange server be part of the ExchangeDefender program.

In order to follow RFC 2298 guidelines for Message Disposition Notification (MDN) in Exchange 2007, Microsoft removed email address use in their automated OOF and NDR messages.  Since spammers often use blank sender fields as a common practice ExchangeDefender will flag these messages as SPAM as well.

In order to ensure that you receive your OOF messages please whitelist the IP address of your Exchange 2007 server. You can do this by adding this IP address in the same field as you would when adding an email address to your whitelist.

All emails are first scanned, then archived, and then delivered to your exchange server at the same time. If you’re seeing an email in LiveArchive that you did not receive in your mailbox, the cause is an additional SPAM scanner is in place.  These SPAM scanners may be embedded in desktop antivirus programs, Microsoft Exchange IMF, a firewall with an anti SPAM solution.

In order to further troubleshoot please ensure that no other anti-SPAM solution exists in your network and turn on your Exchange server’s message tracking and turn on logs. If you need assistance enabling message tracking please view the Microsoft TechNet article below:

http://technet.microsoft.com/en-us/library/bb124375.aspx

No, ExchangeDefender does not assign a “primary” domain account between aliases. Thus, all aliases are treated as main accounts and only the ID is actually inherited from the parent domain. Therefore, no changes or notifications need to be made to ExchangeDefender in this scenario.

ExchangeDefender Support Center is the home of all ExchangeDefender documentation including guides, podcasts and how-to documents.

Deployment documentation is available here: http://www.exchangedefender.com/support_deployment_guide.php

ExchangeDefender Support Center is the home of all ExchangeDefender documentation including guides, podcasts and how-to documents.

Troubleshooting information is available here: http://www.exchangedefender.com/support_troubleshooting.php

The MX record for ExchangeDefender is always: inbound30.exchangedefender.com.

Please remove all other MX records from the list, only leaving inbound30.exchangedefender.com in the listing. Please do not attempt to mask this URL, point a CNAME to it, replicate the IP allocation list or in any way type in anything other than inbound30.exchangedefender.com. Because of many DNS complications over the years, our support staff is instructed not to offer support if the above DNS configuration is not in place.

The outbound smarthost for ExchangeDefender is always: outbound.exchangedefender.com.

The server authentication is IP based, allowing relay permissions based on the IP address assigned to your mail server. There is no additional authentication required.

ExchangeDefender can optionally send two reports per day: the Daily report and the Intraday report. The daily report includes the past 24 hours worth of SPAM that was identified by ExchangeDefender. The Intraday report only includes the SPAM that was identified since the last Daily report.

You should never set your Intraday report to run before your Daily report.

It is important to note that the times that you configure in the ExchangeDefender administrative portal are the times for which the report is to be generated. For example, if you select to receive a report generated for 4:00 AM, you will receive the past 24 hours worth of email, from 4:00 AM from the previous day to the 4:00 AM today. The report will be generated and sent to you. It can take an hour or more for reports to get generated, so if you are trying to receive a report at a certain time, make sure you set the interval at least a few hours in advance.

If you continue to experience problems with SPAM reports, please switch to the ExchangeDefender Client Software Suite http://www.exchangedefender.com/features_client_software.php or use the realtime admin portal at https://admin.exchangedefender.com

In order to add an additional “alias” domain to ExchangeDefender for an existing ExchangeDefender account, please open up a support ticket in our OWN Portal. We will add your domain as soon as possible.

If you have a ExchangeDefender Service Provider account, you can add alias domains without contacting OWN -- just select add alias under Management in your control panel.

Note: This is not a technical limitation of the product. It is a limitation we were forced to put in place in order to protect partners that were not reading the prompts. We experienced so many cases in which people tried to use a single ExchangeDefender account to serve multiple customers and in turn caused huge privacy and legal issues for their customers (each ExchangeDefender account is mapped to a single IP or single MX record), that we were forced to pull the feature from the product to protect our customers.

ExchangeDefender designates an outbound smarthost or, in other words, a mail server that you relay all your outbound messages through in order to reach remote recipients. This not only serves as an additional layer of security that checks for virus and SPAM content that may have inadvertently left your network, but it also takes over the task of delivering your message to the target recipient. For an average mail server, this task can take up a lot of resources with more and more overloaded servers issuing temporary failure codes, greylisting, etc.

Because ExchangeDefender is the delivery agent, it will be the one to echo back any errors it sees during the SMTP conversation. For example, you may see an error message such as this:

< outbound.exchangedefender.com # 5.5.2 SMTP; 500 Unable to relay >

or

< outbound.exchangedefender.com # 5.5.2 SMTP; 500 User not found >

If you receive errors such as this one, please keep in mind that it is not ExchangeDefender that is causing these problems. It is simply echoing back the response outbound.exchangedefender.com got when it connected to the remote server to deliver the message.

Note: Because these response codes are issued by the remote mail servers that we have no control over, we do not offer assistance or technical support when these issues come up. If you do experience the error, contact the remote mail server administrator.

Please first consider the following document: ExchangeDefender Deployment Guide

ExchangeDefender can deliver inbound mail to a static IP address or perform an MX lookup and deliver to the first available server. We support secure TLS delivery to both IPv4 and IPv6 addresses.

If you have multiple static IP addresses to which you'd like to deliver inbound messages, ExchangeDefender can perform an MX lookup in order to deliver mail to one or more mail servers. Larger clients tend to have multiple Internet providers on multiple IP ranges and use them to provide failover service or load balancing. ExchangeDefender fully supports this configuration.

In order to get ExchangeDefender to deliver messages to either a failover or load balanced connection that has multiple external IP addresses, you need to create another MX record in your domain and add the hostnames of the IP addresses to that MX list. Your default @ MX record for the domain will still point to inbound30.exchangedefender.com, but ExchangeDefender will deliver to your new MX record. Here is an example:

# Primary / default MX record

@ in mx 10 inbound30.exchangedefender.com

# Host records for individual mail servers

mail1     in a 65.99.192.2

mail2     in a 65.99.255.3

# MX record for direct load balanced / failover access

directmail  in mx 10 mail1.domain.com.

directmail  in mx 20 mail2.domain.com.


In the example above, your default / primary MX record for domain.com is inbound30.exchangedefender.com. You have defined a hostname on each IP range you own as mail1.domain.com and mail2.domain.com. Finally, you have created a new MX record directmail.domain.com that will resolve to mail1.domain.com and mail2.domain.com

Under this example, external mail for user@domain.com would be sent to inbound30.exchangedefender.com. ExchangeDefender would then route the message according to the MX lookup for directmail.domain.com which goes to mail1.domain.com or, if unavailable, to mail2.domain.com. This is the failover configuration. If you set the weights on directmail MX record to 10/10 (or any other numbers, so long as they are equal) then ExchangeDefender would deliver mail in a round robin fashion allowing for load balancing.

This configuration is independent of router choice because it does not require the router to fail over the link. You could just have multiple routers with multiple gateways on your network. This configuration will work with virtually all routers and load balancers on the market because it uses DNS to route mail, not a hardware switch.

Click on Advanced Settings in the Inbound Mail section. This will allow you to provide an MX record that ExchangeDefender will resolve to deliver your email.

**Important Notes:**

* Make sure you check that the MX record exists, nslookup -q=mx directmail.exchangedefender.com should return two or more mail servers. If it returns "invalid domain", something went wrong.

* There is a difference between a host (A) record and a mail exchanger (MX) record - if you point ExchangeDefender at a host, the message will bounce.

* This is an advanced network topic and we strongly advise it be done by a competent IT Solution Provider. Please contact us for a reference.

Please follow the instructions in this document: Troubleshooting ExchangeDefender Delivery

If you are having problems with outbound delivery, please follow the steps on pages 3-6 from your mail server. If you need our assistance, please paste in the contents of the telnet session from page 4-5 into a support request in our support portal

If you are having problems with inbound delivery, please consult the sending party to follow the steps on pages 7-11. If you need our assistance, please paste in the contents of the telnet session from page 5 into a support request in our support portal

Important notes:

1. Make sure you replace all email addresses with your own email addresses. The ones used in the document are for illustration purposes only.
2. Please provide output of the telnet sessions within 24 hours of opening the support request. Because the issues tend to be intermittent, and because the support team only has access to the logs over the past 24 hours, it is imperative that we receive the telnet session contents as soon as possible.
3. Without telnet session contents we are unable to provide assistance.
4. Widespread problems, outages and maintenance cycles are announced on our NOC site

Right click anywhere on your desktop and select New > Shortcut.

For the location of the item type in:

https://admin.exchangedefender.com/login.php?username=MYEMAIL&password=MYPASSWORD

The best way is to provide the list of email addresses that you want protected with the following syntax:

cn: Joe User
SMTP: joe@domain.com
smtp: joeuser@domain.com
smtp: joe.user@domain.com

As the welcome message you received when you created the account indicated, welcome messages and account activations can take up to 24 hours to be processed and sent to your users. We use a manual verification process to strip out the vanity/general system accounts that do not need to be activated or billed to assure the proper import takes place. When the addresses are added to the system, you will be copied on the welcome messages that are sent to your users on your behalf.

During this time period, you should point the MX record at inbound30.exchangedefender.com anyway, so all of the mail sent to the domain will be delivered to the target mail server. (Even though the accounts don't technically exist yet, all of the mail sent through the system is logged and available to the users once the accounts are created. Even if the mail was received before the user account was created, they will be able to see / audit / review / deliver the message.)

Every now and then, a piece of junk mail will get through. It is just the nature of junk mail- It is always being changed to get by SPAM filters, and SPAM filters are always being changed to compensate for SPAM trends, advertised web sites, viruses and more.

If a piece of email you feel is SPAM ever makes it into your Inbox, make sure your ExchangeDefender profile is set to quarantine junk mail and that you have IP restrictions enabled as per ExchangeDefender documentation.

You can forward your received SPAM messages to **spam@ownwebnow.com**. Our team will review it and eliminate the message from coming to your inbox in the future.

Please do not forward multiple messages or forward as attachments, as those are automatically deleted. To increase the likelihood that the message gets processed, also include the SMTP headers in the email report.

Part of a proper ExchangeDefender deployment is to remove all antiSPAM software between your user and ExchangeDefender. As many appliances, antivirus packages, servers and even client email software now scan for SPAM and malware content, it is important to trust mail from quarantine@exchangedefender.com. Because your daily and intraday SPAM reports contain the full subject of all your quarantined junk mail, even the weakest of SPAM filters will typically move your SPAM reports to junk.

We often see Microsoft IMF (Microsoft Exchange component) either bouncing or discarding reports and even Microsoft Outlook moving our SPAM reports directly to junk. If you have IMF running, please disable it. If you have Outlook on your desktop, please add quarantine@exchangedefender.com to your Safe Senders list. To do so, click on Tools > Options > Junk E-mail > Safe Senders > Add and enter our email address.

If none of the above works, check your ExchangeDefender configuration and make sure that the SPAM settings are configured to Quarantine and the reports are sent to Send Daily Report. If your mail rules are to "deliver" or "delete" SPAM messages, you will not be receiving a report because no email was quarantined so there is no SPAM to report.

Yahoo.com has employed a "greylisting" style security system. This system works off the total number of emails Yahoo receives from a specific domain within a specified time frame. Since all email delivered by ExchangeDefender comes from the same domain their thresholds are surpassed by us every once in a while. 

A sample rejection would look like this:

From: Mail Delivery Subsystem
[mailto:MAILER-DAEMON@outbound1.exchangedefender.com]
Sent: Wednesday, September 16, 2009 2:07 PM
To: Your Client
Subject: Warning: could not send message for past 3 hours

********************************************************
** THIS IS A WARNING MESSAGE ONLY **
** YOU DO NOT NEED TO RESEND YOUR MESSAGE **
********************************************************

The original message was received at Wed, 16 Sep 2009 13:07:09 -0400 from mail.abc.com [IP ADDRESS]

----- Transcript of session follows ----- ... Deferred

Since this is an automated system, Yahoo does not offer a system to “delist” a domain from this feature. This system works under the assumption that a legitimate sender (like us) will reattempt delivery and a spammer will not. Therefore, please rest assured that your email will be delivered as soon as Yahoo allows it.

To review Yahoo.com’s help topic on this issue please click on the link below:

http://help.yahoo.com/l/us/yahoo/mail/postmaster/errors/421-ts01.html

If you’d like additional information about “Greylisting” please click on the link below:

http://en.wikipedia.org/wiki/Greylist

Unfortunately, it is not possible to re-deliver messages that have passed through ExchangeDefender. Once messages have been processed by the ExchangeDefender SMTP Security engine, they are handed off to the delivery process which destroys the messages upon delivery.

If you have ExchangeDefender LiveArchive enabled on your account you can retrieve your messages through https://livearchive.exchangedefender.com

Note: Sometimes we may be able to deliver the message that was released from the SPAM quarantine. Doing so requires a lot of work and permissions to break encryption for your company. This process requires paperwork, legal approval and at least 2 hours of engineers’ time so, unless the message was absolutely critical, it tends not to be financially worthwhile.

ExchangeDefender LiveArchive is a proxy system that collects mail going into and out of your mail server.

You will only see messages sent or received by your email address after the LiveArchive feature has been enabled.

If you have released a SPAM message from the quarantine and it has not been received within 2 minutes, please consult your system administrator. In all our experience, we have been able to narrow down the issue to antiSPAM software on the server, on the desktop and even on the firewalls that the IT staff was not aware of.

The requirement for the deployment of ExchangeDefender is that all antiSPAM tools be shut off. Otherwise, messages that we have quarantined will likely end up in the third party filters as well. Unlike antivirus, a layered antiSPAM approach does not work.

If you have received an email but other people in the To or CC list within your domain have not, please contact your system administrator. ExchangeDefender does not split recipients. It delivers the entire message intact to the target mail server so, if it got to you, it would have gotten to the other recipients as well.

In Exchange and other SMTP environments, it is the recipient’s server that splits the recipients and delivers messages and alerts to their target users. Furthermore, Exchange implements a process called “Single Instance Storage” where a message is stored once in the email database even if it is being sent to multiple users (in order to conserve space).

Note: In almost all instances, the Outlook 2003 / 2007 client had moved the message to junk. In other instances, users actually deleted the message accidentally and didn’t want to admit to it.

Unfortunately, ExchangeDefender can only route mail on the domain-wide basis. All mail will either go to a single IP or to an MX record.

This business request is made by customers who wish to implement split/domain policies where mail for certain groups of users goes to one server and others to another.

Split domains are implemented at the mail server level, not at the proxy/ExchangeDefender SMTP security level.

You can still have split domains, but one of your mail servers will have to be the bridgehead.

We constantly monitor all RBL listings and remove our systems from RBLs immediately. As a responsible Internet Service Provider we also directly manage all SPAM complaints and regularly disconnect abusers.

There are instances in which we will not be able to remove the email address from an RBL. Our policy on RBL removals is that we will make the best attempt to delist the account, but we cannot guarantee that the removal will take place nor do we have any timeline. 

Sometimes cable and DSL providers have issues with their RBL / DNS systems. Sometimes the client side uses an RBL that is not recognized as legitimate (UCE Protect / BLARS), and the only recommendation we can make is that you advise your recipients that timely delivery of mail to their system cannot be made if they do not subscribe to the legitimate RBL providers such as SPAMCOP and SpamHaus.

No, your email is not lost.

ExchangeDefender offers two mechanisms for email delivery if your server is down.

By default, ExchangeDefender spools deferred/delayed/timed out messages and attempts delivery at preset intervals. So long as your mail server is not down for more than 5 days, your messages will be delivered.

ExchangeDefender automatically delivers spooled mail at a preset interval. Messages that have been received within the last hour will be retried every 5 minutes. Messages that are older than 1 day will be retried every 20 minutes. You should expect all your mail to be delivered within 1 hour at the most.

If your messages have not been delivered within 1 hour, you likely bounced them already. In our experience this happens when a configuration on the server or on the firewall is not correct and the server accepts and bounces the messages immediately.

ExchangeDefender LiveArchive is a free (but optional) service designed for business continuity. LiveArchive captures all inbound and outbound mail from your network and allows you to resume operations by using Outlook Web Access 2007 on our network to communicate with your clients while your systems are down.

Note: ExchangeDefender does not compensate for misconfiguration or permanent failures / bounces caused by your mail servers. Frequently, clients will bring the server online without checking the recipient’s policies and other security software. If your server comes online and does not properly start or does not properly accept messages, it may bounce them back to the sender, and ExchangeDefender spooling will not be able to help because it was removed from the loop.

If your IP address has changed, please first confirm that the IP address is not blocked on port 25 and is able to send / receive mail.

Once that has been done, go to the ExchangeDefender Administrative Portal at https://admin.exchangedefender.com and login as the domain administrator.

You can change your IP address under the Configuration tab.

It takes approximately 1 hour for the new routing to be accepted and for your mail to route. In the meantime, your outbound mail will not be accepted by ExchangeDefender because it is not aware of the new IP address yet (frequent error: “Relaying Denied”).

ExchangeDefender configuration and policy changes take approximately 1 hour.

ExchangeDefender whitelist modifications and blacklist changes take approximately 2 hours.

ExchangeDefender LiveArchive account modifications, ExchangeDefender password changes and searches are instant (or less than 60 seconds).

ExchangeDefender does not allow whitelisting of null senders nor do we allow mirror rules (from me to me). Due to the level of abuse and email address spoofing, we have had to enforce this rule.

Note: This should not be a great concern. If you are seeing your own email address in the SPAM reports, you are almost guaranteed to be looking at the spoofed message. Messages sent to yourself generally do not leave your mail server and are routed and delivered locally.

Check your whitelist entries or your domain whitelist entries.

In our experience, we have found that users will frequently whitelist their own domain. This is not recommended as it presents an easy way for spammers to target you and bypass ExchangeDefender.

Please remove the email or domain address from ExchangeDefender whitelist and wait approximately 2 hours for the change to take place.

When creating an alias please make sure that the alias is created on both ExchangeDefender and the user’s local Exchange server. In order for the alias system to work properly both accounts need to be created and active otherwise you’ll receive a message that looks like this:

You do not have permission to send to this recipient. For assistance, contact your system administrator.

< inbound72.exchangedefender.com #5.7.1 SMTP; 550 5.7.1 Unable to relay for test@exchangedefender.com>

If you need additional help setting up an alias in Exchange please view the Microsoft TechNet topic below:

http://support.microsoft.com/kb/313420

Using ExchangeDefender to relay massive amounts of bulk or identical mail is not permitted.

Clients caught abusing our system to conduct this kind of activity will be removed from the outbound service and may even have their entire ExchangeDefender service cancelled.

Please see our Acceptable Use Policy, #21:

http://www.ownwebnow.com/aup.php

Broadcast mail use of Own Web Now Corp and ExchangeDefender networks to distribute or mass mail identical messages is strictly prohibited, regardless of validity of recipients. Our network is not designed to support nor distribute mass mailings. Users with a business requirement to distribute legitimate mass mailings may use their own mail servers to relay mail directly or subscribe to a third party service designed for broadcast activity. (ConstantContact, MailChimp)

Distinction between legitimate, legal, illegal or illegitimate mailings is not relevant to this policy. Our service is not designed to distribute bulk messages or large distribution lists, and we have agreements in place with large service providers promising that we will not allow bulk content from our network.

You can, however, use your own mail server to send legitimate bulk mail, though it must not involve the ExchangeDefender network in any way.

The email address you are trying to protect already exists as an account or as an alias in ExchangeDefender.

Please search for it under your Administrator domain login.

If you are still unable to locate the message please contact us via the support portal (https://support.ownwebnow.com) and we will assist you.

ExchangeDefender only processes messages for email addresses that it is aware of. If you do not have your email address added as either a user or a user alias, ExchangeDefender will reject it with the error message:

“ExchangeDefender does not protect this email address”

Once you have added your email address to ExchangeDefender it can still take up to 1 hour for the new address to be allowed through our network.

In order to most efficiently protect ExchangeDefender client’s servers, ExchangeDefender no longer processes or otherwise wastes client’s servers resources by acknowledging non-existent email addresses.

Email address (SMTP) dumps are required for activation of ExchangeDefender servers. This way we can reject all unknown addresses within ExchangeDefender on your behalf. You can provide an address when you setup a new domain, add them manually through the web interface at any time or setup LDAP sync with our friendly ExchangeDefender agent software.

In addition, in ExchangeDefender we have an easy method for automatically provisioning accounts based on the Active Directory listing of the Exchange server.

Please log into the exchange server for the above domain and run the following VBS file (http://www.ownwebnow.com/blog/media/ExportAddresses.vbs). After the file has been ran, there will be a text file on the root of the C drive titled “EmailAddresses.txt” please open that file and send me the contents.

ExchangeDefender only keeps the last 7 days worth of SPAM messages. If you are looking at an older SPAM report, or the message was sent to you more than 7 days ago, it has already been destroyed.

If you are trying to Trust Sender for a message that does not have an email address (null sender, <>) the system will throw an alert letting you know that spoofed NDRs are not allowed in the whitelists.

You can still attempt to deliver the message, however we do not recommend it.

No. There is no planned development or support for any outlook client before outlook 2007.

You have encountered the following error during the installation of ExchangeDefender Outlook 2007 addin:

"Exception occurred while initializing the installation:
 System.IO.FileNotFoundException: Could not load file or assembly  'file:///C:\Program Files\Own Web Now\Outlook SMTP Security\FBPSecurity.dll' or one of its dependencies.

The system cannot find the file specified."

Verify that the file exists and that permissions are set correctly. If the file does not exist, please uninstall and reinstall the agent. If uninstalling is not an option, please open a support request.

If you are behind an ISA firewall, you need to create an authentication access rule from your network to https://admin.exchangedefender.com.

This is an advanced technology topic beyond the level of support provided by this knowledge base article. Please consult the following blog post:
    http://blog.sbs-rocks.com/2008/10/20/is-your-ed-not-working/

This documentation is not produced or supported by Own Web Now Corp. Please consult a competent firewall engineer for ISA support.

You have encountered the following error during the installation of ExchangeDefender Desktop Agent or Outlook 2007 Agent:
 
ExchangeDefender CSS cannot be installed from a network share. Due to the permissions modifications, ExchangeDefender must be installed from the local block device (hard drive, desktop).

ExchangeDefender CSS software can be used by multiple users on the same computer provided that each user has a separate Windows login. Only one instance/configuration of ExchangeDefender CSS is permitted per user because our settings are stored in the Windows Registry.

Note:  None of the other circumstances are supported. For example, CSS will not work if you have your users login to individual Outlook profiles. If they share the same Windows login, there is no way to use ExchangeDefender CSS.

You have received a message similar to the one below:

"From: "System Administrator"
Date: February 6, 2009 11:46:53 AM EST
To: "Mr Client"
Subject: Undeliverable: Delivery Status Notification (Failure)



Your message

To: Your Recipient
Subject: Sample Subject

did not reach the following recipient(s):

someuser@email.com on Fri, 6 Feb 2009 11:46:52 -0500
Could not deliver the message in the time limit specified. Please
retry or contact your administrator.

Notice that this is a permanent failure of the recipient's mail server and you should contact them directly through other means. It is very likely that all the other mail you have sent them or will send them in the future will bounce as well.

This feature is built into ExchangeDefender to alert the sender that the message has not been accepted by the recipient's mail server. ExchangeDefender has attempted to continuously deliver this message for 1 day. The error is not on your end or on ExchangeDefender's network. It is on the recipient's server.

Tech Note: This usually indicates a graylisting process or a malfunctioning blacklist on the recipient's server. If you can reach a technical representative for the recipient's mail server, please advise them that their SMTP server is not properly processing SMTP connections from 65.99.255.232 or 65.99.255.236. In case this is a permanent failure and a problem on the recipients side that cannot be addressed, consider creating an SMTP connector between the two organizations if the direct connections work (process for this is beyond the scope of Own Web Now support and requires advanced understanding of mail systems configuration).

You have received a message similar to the one below:

From: Mail Delivery Subsystem
[mailto:MAILER-DAEMON@outbound1.exchangedefender.com]
Sent: Tuesday, January 27, 2009 1:41 PM
To: User
Subject: Warning: could not send message for past 3 hours

**********************************************
** THIS IS A WARNING MESSAGE ONLY **
** YOU DO NOT NEED TO RESEND YOUR MESSAGE **
**********************************************

The original message was received at Tue, 27 Jan 2009 10:37:35 -0500
from [65.99.255.50]

----- Transcript of session follows ----- ...
Deferred: Connection timed out with [1.2.3.4]
Warning: message still undelivered after 3 hours Will keep trying until
message is 1 day old

Notice that this is not a permanent failure but only a notice that your message has not been delivered to your recipient yet ("This is a warning message only, you do not need to resend your message")

This feature is built into ExchangeDefender to alert the sender that the message has not yet been processed by the recipient's mail server. This typically indicates severe problems on the recipient's mail server. ExchangeDefender offers this alert so you can contact your recipient through alternate means if the message contents require urgent response.

While ExchangeDefender will continue to attempt delivery for one full day, this initial alert is in place to allow you to seek other means of communication. Attempting to resend the message will not work because the problem is on the recipient's mail server, not yours or ExchangeDefender's.

Tech Note: This usually indicates a graylisting process or a malfunctioning blacklist on the recipient's server. If you can reach a technical representative for the recipient's mail server, please advise them that their SMTP server is not properly processing SMTP connections from 65.99.255.232 or 65.99.255.236. In case this is a permanent failure and a problem on the recipients side that cannot be addressed, consider creating an SMTP connector between the two organizations if the direct connections work (process for this is beyond the scope of Own Web Now support and requires advanced understanding of mail systems configuration).

ExchangeDefender blocks a variety of files that can potentially cause problems within corporate networks. Aside from checking the extension of a file, ExchangeDefender will check a files MIME type and contents, where a failure in the check will result in the attachment being stripped and replaced by "exchangedefender-attachment-warning.txt"

Renaming a files extension will result in the file being stripped for trying to hide its file type.

Zipped/Archived files will be checked for their compression rating (for mail bombs)  and then deflated for its files to be checked.

ExchangeDefender will block the following extensions/file types:

    .its          Dangerous Internet Document Set
    .mau          Dangerous attachment type                            
   .md[az]       Dangerous attachment type                           
    .prf          Dangerous Outlook Profile Settings                  
    .pst          Dangerous Office Data File                            
    .vsmacros     Dangerous Visual Studio Macros                    
    .vs                Dangerous attachment type                            
    .ws           Dangerous Windows Script                             

    .com          Windows/DOS Executable                                                          
    .exe          Windows/DOS Executable                                                        

    .scr          Possible virus hidden in a screensaver                                         
    .bat          Possible malicious batch file script                                           
    .cmd          Possible malicious batch file script                                           
    .cpl          Possible malicious control panel item                                          
    .mhtml        Possible Eudora meta-refresh attack                                   

Currently there is no way to allow these attachments via custom policy. This is not subject to change because ExchangeDefender cannot assume the risk these files present. If you trust the source, please use a file sharing protocol to obtain the files and scan them correctly. Because it is so easy to forge (spoof) an email address to the one you and your clients or employees trust, it is impossible to whitelist executable content through our network.