MDaemon Technologies Blog

Brad Wyro

Brad has worked in technical and marketing roles at MDaemon Technologies, where he contributes as Content Marketing Manager. Brad balances technical and creative information to develop easy to understand videos and content to educate prospects and customers.

Recent Posts

Protect sensitive data in email: SSL & TLS Best Practices

By Brad Wyro posted in Email Security, Email Encryption, Email Security Best Practices, Two-Factor Authentication, Email Security Trends, Email Best Practices

6 Comments

You may have heard the terms SSL and TLS, but do you know what they are and how they’re different?

Read More

This MDaemon Email Security Feature Protects Against Spambots

By Brad Wyro posted in Email Gateway How-To, Email Security, Stop Spam Email

0 Comments

Business woman hand typing on keyboard with chat icons around

 

Ever wonder why so much spam exists today? Though spam volumes have decreased from a high of over 90% of global email traffic, it still makes up roughly a third of that traffic, and though the numbers of junk email messages are decreasing, their malware and ransomware payloads are evolving and becoming much more dangerous. Some of the most common types of spam messages include financial scams, phishing attempts, ransomware, and botnet malware. In this article, we focus primarily on botnets.

Read More

Here's how to improve slow Microsoft Outlook performance

By Brad Wyro posted in Email Gateway How-To, Email How To, Email Security Best Practices, Two-Factor Authentication, Email Security Trends, Email Best Practices

0 Comments

Read More

How to Deal with Spam in SecurityGateway

By Brad Wyro posted in Security Gateway for Email, Stop Spam Email

0 Comments

SecurityGateway is a powerful email spam & malware filter & gateway that can be used to protect any type of mail server. It offers a layered approach to security, with protection features including data leak prevention, attachment filtering, heuristic and Bayesian analysis, zero-hour Outbreak Protection, and much more.

Read More

Server-side email encryption, decryption & key management with OpenPGP

By Brad Wyro posted in Email How To, Email Security, Email Encryption, Cybersecurity, Health Care Security

0 Comments



Whether you work in healthcare, finance, legal, government, or any other field that handles sensitive records, there's always someone out there who would love to get their hands on your confidential data. And in 2026, they're trying harder than ever. Email remains the number-one entry point for attacks, and reported losses from email-driven fraud keep climbing year over year, now supercharged by AI-generated phishing and deepfake-based social engineering. At the same time, Microsoft's end of support for Exchange 2016 and 2019 has pushed many organizations to re-evaluate their mail platform and the security that comes with it.

Don't let the bad guys read your mail. Protect it with server-side encryption. MDaemon includes OpenPGP support through its built-in MDPGP component, which lets the server handle encryption, decryption, signing, and key management for your users, with no email client plugin required. Below, we'll cover what's new in the OpenPGP world, why doing this at the server makes life easier, and how to turn it on.

What's new with OpenPGP

OpenPGP is an open standard for sending encrypted and digitally signed messages. In July 2024, a newer standard called RFC 9580 replaced the older RFC 4880 as the main OpenPGP rulebook.

The update adds a newer “version 6” format and sets a modern baseline of tools for encryption and signatures, including X25519 and Ed25519. It also supports stronger options like X448, Ed448, AES-256, SHA2-384, and SHA2-512, and adds newer protection methods that help make messages harder to tamper with.

Work is also underway on support for post-quantum cryptography, which means cryptography designed to hold up better if future computers become powerful enough to break today’s common methods.

Why handle encryption at the server?

Traditional OpenPGP usually requires every sender and recipient to install and configure a plugin in their email client, then manually trade and import keys. That's a lot to ask of end users, and it tends to break down at scale.

MDPGP moves that work to the server, which means:

  • No client plugins to deploy or support. Users send and receive mail as usual; MDaemon does the cryptography behind the scenes.
  • Centralized key management. MDPGP maintains two keyrings, one for public keys and one for private keys. It can generate users' key pairs automatically as needed, let you create them manually for specific users, or import keys created elsewhere.
  • Automatic key import. MDaemon can detect a public key attached to an authenticated message from a local user and import it automatically, so onboarding a new contact's key is as simple as emailing it to yourself.
  • Automatic or manual operation. In automatic mode, MDPGP signs and encrypts whenever the necessary keys are available; in manual mode, users opt in per-message using a simple command in the subject line. Either way, actions only happen for accounts you've authorized.
  • Server-side decryption and signature verification. Incoming encrypted mail is decrypted when the recipient's private key is known, and embedded signatures on inbound mail can be verified for you.

Because it's all asymmetric (public/private key) cryptography, the model is straightforward: others encrypt messages to you with your public key, and only your private key can decrypt them. Signing works in reverse: you sign with your private key, and anyone with your public key can confirm the message is authentic and unaltered, which supports data integrity and non-repudiation.

Compliance, made a little easier

If your organization deals with HIPAA, GDPR, FERPA, PCI DSS, or similar requirements, encryption is one of the most effective ways to keep sensitive data unreadable to unauthorized parties, and to demonstrate due diligence if something does go wrong. Handling it centrally at the server gives you consistent enforcement and a single place to manage policy, rather than relying on each user to do the right thing.

See it in action

Want to watch how it works? Our video walks through enabling OpenPGP support in MDaemon and sending an encrypted message:

Read More

Backscatter Protection in Security Gateway

By Brad Wyro

0 Comments

As we discussed in an earlier post, messages that users may receive in response to messages they never actually sent (due to their email addressed having been forged in a spam message's return-path) are known as backscatter. In that post, we discussed what backscatter is and explained how to enable Backscatter Protection in MDaemon.

Read More

Are You Receiving Replies to Messages you Never Sent?

By Brad Wyro posted in Email Gateway How-To, Email How To, Email Security, Cybersecurity, MDaemon Email Server, Stop Spam Email, Email Server, Email Security Trends

0 Comments

Read More

Make it Easier For Your Users to get Login Assistance in MDaemon Webmail

By Brad Wyro posted in Email How To, Email Security Trends

4 Comments

 

Occasionally, our support staff will receive calls from end users who have forgotten their email password or are having issues logging into WorldClient. Users are then instructed to contact their mail server administrator for assistance. But what if users don't know who to contact for help, and don't know how to even find out who to contact? For some users, trying to track down the appropriate contact for help can lead to wasted time and lost productivity.

Read More

How to Track an Email in MDaemon's Log Files

By Brad Wyro posted in Email How To, Email Security Trends

2 Comments

 

Read More

How to set up a custom queue and email delivery schedule in MDaemon

By Brad Wyro posted in Email How To

0 Comments

MDaemon administrators can configure custom mail queues and enable content filter rules to send messages that meet certain criteria to these queues. One of the main benefits of using a custom queue is that you can configure an email delivery schedule to that queue so that emails in the queue are only delivered at specific times. 

You can create any number of schedules you wish.  You can also create as many custom mail queues as you want.

For example, you can create a schedule called 'Large Messages', create a queue to store those messages, and then create a Content Filter rule using the 'MOVE message to custom QUEUE' action to move messages over a certain size into that queue. If you'd like mailing list messages delivered at certain times then create a schedule called (for example) 'List Mail', create a queue, and then use a Content Filter rule to move messages with an X-MDMailing-List header into the new queue.

 

Read More
BACK TO ALL ARTICLES

Subscribe to Email Updates