You may have heard the terms SSL and TLS, but do you know what they are and how they’re different?
Brad Wyro
Recent Posts
Protect sensitive data in email: SSL & TLS Best Practices
By Brad Wyro posted in Email Security, Email Encryption, Email Security Best Practices, Two-Factor Authentication, Email Security Trends, Email Best Practices
This MDaemon Email Security Feature Protects Against Spambots
By Brad Wyro posted in Email Gateway How-To, Email Security, Stop Spam Email
![]()
Ever wonder why so much spam exists today? Though spam volumes have decreased from a high of over 90% of global email traffic, it still makes up roughly a third of that traffic, and though the numbers of junk email messages are decreasing, their malware and ransomware payloads are evolving and becoming much more dangerous. Some of the most common types of spam messages include financial scams, phishing attempts, ransomware, and botnet malware. In this article, we focus primarily on botnets.
Here's how to improve slow Microsoft Outlook performance
By Brad Wyro posted in Email Gateway How-To, Email How To, Email Security Best Practices, Two-Factor Authentication, Email Security Trends, Email Best Practices
How to Deal with Spam in SecurityGateway
By Brad Wyro posted in Security Gateway for Email, Stop Spam Email
SecurityGateway is a powerful email spam & malware filter & gateway that can be used to protect any type of mail server. It offers a layered approach to security, with protection features including data leak prevention, attachment filtering, heuristic and Bayesian analysis, zero-hour Outbreak Protection, and much more.
Server-side email encryption, decryption & key management with OpenPGP
By Brad Wyro posted in Email How To, Email Security, Email Encryption, Cybersecurity, Health Care Security
Whether you work in healthcare, finance, legal, government, or any other field that handles sensitive records, there's always someone out there who would love to get their hands on your confidential data. And in 2026, they're trying harder than ever. Email remains the number-one entry point for attacks, and reported losses from email-driven fraud keep climbing year over year, now supercharged by AI-generated phishing and deepfake-based social engineering. At the same time, Microsoft's end of support for Exchange 2016 and 2019 has pushed many organizations to re-evaluate their mail platform and the security that comes with it.
Don't let the bad guys read your mail. Protect it with server-side encryption. MDaemon includes OpenPGP support through its built-in MDPGP component, which lets the server handle encryption, decryption, signing, and key management for your users, with no email client plugin required. Below, we'll cover what's new in the OpenPGP world, why doing this at the server makes life easier, and how to turn it on.
What's new with OpenPGP
OpenPGP is an open standard for sending encrypted and digitally signed messages. In July 2024, a newer standard called RFC 9580 replaced the older RFC 4880 as the main OpenPGP rulebook.
The update adds a newer “version 6” format and sets a modern baseline of tools for encryption and signatures, including X25519 and Ed25519. It also supports stronger options like X448, Ed448, AES-256, SHA2-384, and SHA2-512, and adds newer protection methods that help make messages harder to tamper with.
Work is also underway on support for post-quantum cryptography, which means cryptography designed to hold up better if future computers become powerful enough to break today’s common methods.
Why handle encryption at the server?
Traditional OpenPGP usually requires every sender and recipient to install and configure a plugin in their email client, then manually trade and import keys. That's a lot to ask of end users, and it tends to break down at scale.
MDPGP moves that work to the server, which means:
- No client plugins to deploy or support. Users send and receive mail as usual; MDaemon does the cryptography behind the scenes.
- Centralized key management. MDPGP maintains two keyrings, one for public keys and one for private keys. It can generate users' key pairs automatically as needed, let you create them manually for specific users, or import keys created elsewhere.
- Automatic key import. MDaemon can detect a public key attached to an authenticated message from a local user and import it automatically, so onboarding a new contact's key is as simple as emailing it to yourself.
- Automatic or manual operation. In automatic mode, MDPGP signs and encrypts whenever the necessary keys are available; in manual mode, users opt in per-message using a simple command in the subject line. Either way, actions only happen for accounts you've authorized.
- Server-side decryption and signature verification. Incoming encrypted mail is decrypted when the recipient's private key is known, and embedded signatures on inbound mail can be verified for you.
Because it's all asymmetric (public/private key) cryptography, the model is straightforward: others encrypt messages to you with your public key, and only your private key can decrypt them. Signing works in reverse: you sign with your private key, and anyone with your public key can confirm the message is authentic and unaltered, which supports data integrity and non-repudiation.
Compliance, made a little easier
If your organization deals with HIPAA, GDPR, FERPA, PCI DSS, or similar requirements, encryption is one of the most effective ways to keep sensitive data unreadable to unauthorized parties, and to demonstrate due diligence if something does go wrong. Handling it centrally at the server gives you consistent enforcement and a single place to manage policy, rather than relying on each user to do the right thing.
See it in action
Want to watch how it works? Our video walks through enabling OpenPGP support in MDaemon and sending an encrypted message:
As we discussed in an earlier post, messages that users may receive in response to messages they never actually sent (due to their email addressed having been forged in a spam message's return-path) are known as backscatter. In that post, we discussed what backscatter is and explained how to enable Backscatter Protection in MDaemon.
Are You Receiving Replies to Messages you Never Sent?
By Brad Wyro posted in Email Gateway How-To, Email How To, Email Security, Cybersecurity, MDaemon Email Server, Stop Spam Email, Email Server, Email Security Trends
Make it Easier For Your Users to get Login Assistance in MDaemon Webmail
By Brad Wyro posted in Email How To, Email Security Trends
Occasionally, our support staff will receive calls from end users who have forgotten their email password or are having issues logging into WorldClient. Users are then instructed to contact their mail server administrator for assistance. But what if users don't know who to contact for help, and don't know how to even find out who to contact? For some users, trying to track down the appropriate contact for help can lead to wasted time and lost productivity.
How to Track an Email in MDaemon's Log Files
By Brad Wyro posted in Email How To, Email Security Trends
How to set up a custom queue and email delivery schedule in MDaemon
By Brad Wyro posted in Email How To
MDaemon administrators can configure custom mail queues and enable content filter rules to send messages that meet certain criteria to these queues. One of the main benefits of using a custom queue is that you can configure an email delivery schedule to that queue so that emails in the queue are only delivered at specific times.
You can create any number of schedules you wish. You can also create as many custom mail queues as you want.
For example, you can create a schedule called 'Large Messages', create a queue to store those messages, and then create a Content Filter rule using the 'MOVE message to custom QUEUE' action to move messages over a certain size into that queue. If you'd like mailing list messages delivered at certain times then create a schedule called (for example) 'List Mail', create a queue, and then use a Content Filter rule to move messages with an X-MDMailing-List header into the new queue.

