MDaemon Technologies Blog

eM Client - an email client that works with MDaemon Email Server!

By Brad Wyro posted in Email How To, MDaemon Email Server, Product Updates, Email Server

4 Comments

 

 

If you’re like me, you want an email client that’s easy to set up, easy to use, and easy on the eyes, and if it works well with MDaemon, then that’s a huge plus!

Read More

Never Lose an Important Email: How to Track Email Messages in SecurityGateway™

By Brad Wyro posted in Email Gateway How-To, Email How To, Security Gateway for Email, Tutorial

0 Comments

Many of our customers are small-to-medium businesses with limited IT budgets across a variety of industries – including healthcare, education, manufacturing, and government. Having a limited IT budget often means having limited staff available for troubleshooting email or tracking down messages, so when considering which email gateway/spam filter you want for your business, one of the main criteria to consider is how easy it is to find messages for your users. Users who are expecting business-critical messages need to know ASAP what happened if that message is not delivered. With Security Gateway, it’s easy to find out if a message was rejected, quarantined or delivered. If it was rejected or quarantined, color-coded transcripts make it easy to determine exactly why the message was not delivered.

Read More

12 Tips to Identify a Phishing Email

By Brad Wyro posted in Email How To, Email Security, Cybersecurity, Stop Spam Email, Spear Phishing, Phishing, Email Security Best Practices

0 Comments

Don’t Risk Losing your Life Savings to Scammers. Follow these 12 Tips to Identify a Phishing Email.

Whether you run a Fortune 500 organization or a small boutique, by now you should be aware of the threats posed by cyber criminals trying to trick you into clicking a link, downloading an attachment, scanning a QR code, or parting ways with your money.

Read More

Encrypting vs. Signing with OpenPGP. What’s the Difference?

By Brad Wyro posted in Email Gateway How-To, Email How To, Email Security, Email Encryption

18 Comments

 

Many businesses are responsible for maintaining large amounts of confidential data, including customer records, medical records, financial reports, legal documents, and much more. It’s very common for these types of information to be transmitted via email, especially as the Covid-19 pandemic has forced many businesses to embrace working from home. So how can you ensure confidential data transmitted via email is kept private? How can you ensure the integrity of transmitted data?

Read More

Don’t Get Hit by the Whaler’s Harpoon

By Brad Wyro posted in Email Gateway How-To, Email How To, Email Privacy, Email Server

0 Comments

 

What is Whaling?

Read More

Steps to Track Spam Sent Out From a Local Machine on Your Network

By Brad Wyro posted in Email Gateway How-To, Email How To, Email Security, Cybersecurity, Stop Spam Email, Tutorial, Email Security Trends

0 Comments

 

Has this happened to you? Let’s say you’re the MDaemon administrator for your company, and you’ve noticed that somewhere, somehow, spam messages are being sent from within your network. Perhaps one of your PCs has been compromised. What do you do? Here are some tips to help you track the issue down.

Read More

Easy Backup & Recovery with MDaemon Email Server

By Brad Wyro posted in Email How To, Email Management, MDaemon Email Server, Email Server, Email Security Trends

12 Comments

Most email servers store your mail in a database. That's great until the day you need to recover a single message and find yourself wrestling with shutdown states and recovery utilities. MDaemon takes a different approach: your messages, accounts, and settings are stored in flat files.

That structure makes it easy to back up and recover your email messages, user accounts, security settings, and any other data stored in MDaemon. No extra Windows components or third-party applications are required, and you won't have to navigate through any confusing dialog boxes to backup & recover your data. Backing up and restoring MDaemon is as easy as drag & drop. All you would need to do is map a drive letter from the MDaemon server to another drive on your network, then drag over the files you want to back up.

Read More

Protect Brand & Customers from Spear Phishing Using DKIM, SPF & DMARC

By Brad Wyro posted in Email Authentication, Email How To, Email Management, Spear Phishing

1 Comment

Woman connecting cellphone and laptop computer

 

Introduction

Read More

Here's how to improve slow Microsoft Outlook performance

By Brad Wyro posted in Email Gateway How-To, Email How To, Email Security Best Practices, Two-Factor Authentication, Email Security Trends, Email Best Practices

0 Comments

Read More

Server-side email encryption, decryption & key management with OpenPGP

By Brad Wyro posted in Email How To, Email Security, Email Encryption, Cybersecurity, Health Care Security

0 Comments



Whether you work in healthcare, finance, legal, government, or any other field that handles sensitive records, there's always someone out there who would love to get their hands on your confidential data. And in 2026, they're trying harder than ever. Email remains the number-one entry point for attacks, and reported losses from email-driven fraud keep climbing year over year, now supercharged by AI-generated phishing and deepfake-based social engineering. At the same time, Microsoft's end of support for Exchange 2016 and 2019 has pushed many organizations to re-evaluate their mail platform and the security that comes with it.

Don't let the bad guys read your mail. Protect it with server-side encryption. MDaemon includes OpenPGP support through its built-in MDPGP component, which lets the server handle encryption, decryption, signing, and key management for your users, with no email client plugin required. Below, we'll cover what's new in the OpenPGP world, why doing this at the server makes life easier, and how to turn it on.

What's new with OpenPGP

OpenPGP is an open standard for sending encrypted and digitally signed messages. In July 2024, a newer standard called RFC 9580 replaced the older RFC 4880 as the main OpenPGP rulebook.

The update adds a newer “version 6” format and sets a modern baseline of tools for encryption and signatures, including X25519 and Ed25519. It also supports stronger options like X448, Ed448, AES-256, SHA2-384, and SHA2-512, and adds newer protection methods that help make messages harder to tamper with.

Work is also underway on support for post-quantum cryptography, which means cryptography designed to hold up better if future computers become powerful enough to break today’s common methods.

Why handle encryption at the server?

Traditional OpenPGP usually requires every sender and recipient to install and configure a plugin in their email client, then manually trade and import keys. That's a lot to ask of end users, and it tends to break down at scale.

MDPGP moves that work to the server, which means:

  • No client plugins to deploy or support. Users send and receive mail as usual; MDaemon does the cryptography behind the scenes.
  • Centralized key management. MDPGP maintains two keyrings, one for public keys and one for private keys. It can generate users' key pairs automatically as needed, let you create them manually for specific users, or import keys created elsewhere.
  • Automatic key import. MDaemon can detect a public key attached to an authenticated message from a local user and import it automatically, so onboarding a new contact's key is as simple as emailing it to yourself.
  • Automatic or manual operation. In automatic mode, MDPGP signs and encrypts whenever the necessary keys are available; in manual mode, users opt in per-message using a simple command in the subject line. Either way, actions only happen for accounts you've authorized.
  • Server-side decryption and signature verification. Incoming encrypted mail is decrypted when the recipient's private key is known, and embedded signatures on inbound mail can be verified for you.

Because it's all asymmetric (public/private key) cryptography, the model is straightforward: others encrypt messages to you with your public key, and only your private key can decrypt them. Signing works in reverse: you sign with your private key, and anyone with your public key can confirm the message is authentic and unaltered, which supports data integrity and non-repudiation.

Compliance, made a little easier

If your organization deals with HIPAA, GDPR, FERPA, PCI DSS, or similar requirements, encryption is one of the most effective ways to keep sensitive data unreadable to unauthorized parties, and to demonstrate due diligence if something does go wrong. Handling it centrally at the server gives you consistent enforcement and a single place to manage policy, rather than relying on each user to do the right thing.

See it in action

Want to watch how it works? Our video walks through enabling OpenPGP support in MDaemon and sending an encrypted message:

Read More
BACK TO ALL ARTICLES

Subscribe to Email Updates