General
Influence Axigen’s future product evolution — get early access to new features mockups, prototypes, and early previews and tell us your opinion. Join our product community newsletter |
42 results found
-
2FA and app-passwords (like GMail, ...)
Dear Support,
it is very nice that you have set up 2FA (TOTP) support for webmail. However, in this way the functionality is unfortunately insufficient, as no additional security is achieved.
Example:
…My password is “simpler” and 2FA is enabled. In this situation, access to the webmailer is sufficiently protected, as a potential attacker would need to both guess or spy on the password and use the associated second factor (TOTP). However, since only the webmailer is secured, this unfortunately does not help very much. Access via SMTP, CALDAV/CARDAV, ActiveSync, IMAP is unrestricted with the simple password without a second
34 votes -
disclaimer message from outside of the organization
create alert message that comes from an email outside the organization but message appears in the body of the email like Office 365 do
6 votes -
Support for OCSP stapling
OCSP (Online Certificate Status Protocol) stapling is a mechanism that allows a web server to provide information about the validity of its SSL/TLS certificate to clients during the SSL/TLS handshake process.
This mechanism should be used with Axigen mail servers, it would improve security and compliance.
3 votes -
Restart mail services after automatic Let's Encrypt SSL certificate renewal
Some mail client - Apple Mail in particular, and Veeam Backup Server notification services in my experience - do not recognize when a new Let's Encrypt SSL certificate is installed on the Axigen server until the email services (SMTP and IMAP) are manually restarted on the Axigen server. They seem to be handed the previous SSL certificate by the Axigen server, or perhaps hold onto a cached one. Either way, if a simple/quick/automatic restart of the mail services would be performed on the Axigen server when a new Let's Encrypt SSL certificate is installed, this would avoid having to log…
1 vote -
Option to deactivate 2FA while accessing webmail service from internal network
Even though 2FA adds security, sometimes it is annoying while accessing webmail services from internal networks. Disabling this feature if you are accessing within the organization be helpful for scenarios where users are not allowed to carry mobile in the production environment.
4 votes -
Attachment filtering per Domain
It would be useful if the attachment filtering feature would be available per domain.
Different companies have different policies on which attachments can be processed. (often within the framework of the GDPR rules of the respective companies). (so e.g. no MS Office attachments, executables, image files etc.).
Unfortunately, so far this cannot be mapped.
3 votes -
Add option to keep messages containing calendar events
I would like a user option added to allow keeping the original email when responding to a calendar event. Sometimes a message may have other content that doesn't translate over to the calendar event that the user may want to keep. Thunderbird keeps the message but displays at the top that it contains an event that has already been processed.
1 vote -
Please add DANE support
DANE is designed to frustrate mail traffic snooping by requiring the use of TLS encryption wherever possible during transport. Although we strongly recommend the implementation of SPF, DKIM and DMARC, DANE is entirely separate from those three standards. While SPF, DKIM and DMARC provide for the authentication and authorisation of an e-mail message's sender and sending host (at the SMTP-protocol level), DANE focuses on the security (confidentiality) of the transport (at the StartTLS-connection level).
3 votes -
Using of Elliptic curve certificate
Using of Elliptic curve certificate in axigen, because we all know the if we use the RSA certifcate 2048 or 4096 for security the more cpu required on same side if we used Elliptic curve certificates we required less cpu utilization in great security.
1 vote -
Add log entries to the security log for "504 Auth type not supported“
Please consider adding message logging for Code 504 "Auth not supported."
To secure the mail environment there is already the security log where failed logins with code 535 are captured.
Actually we are able to parse this log with helper tools like fail2ban to act on above mentioned 553 failed logins and for example lock attackers out of the system.But, if TLS is enforced prior to the authentication (for example via advanced routing) there is no 553 error message unless the attacker first secures the connection via TLS. Instead, if the attacker tries to send the credentials he will…
1 vote -
Sieve filters/script extensions
Please add support for the following use and may be other usable sieve extensions:
"Move the mail to a folder and if this folder, including subfolders, does not exist, create it (them) first."
a) new tag :create for the action/extension fileinto
b) the date extension - RFC5260
c) the variables extension - RFC5229To allow filtering like this - https://doc.dovecot.org/configuration_manual/sieve/examples/#archiving-a-mailinglist-by-date
2 votes -
AARCH64 and or ARM support in general
Arm support, this is needed, 32Bit linux and or just ARM, it is a requirement in 2021 / almost 2022, not a option, a requirement, support it.
3 votes -
Throttling outgoing mail
Throttling outgoing mail really helps with big ISP like google or (here in Germany) United Internet or T-Online. Right now we have to use a Postfix server as smarthost to establish this.
Postfix documentation:
smtpdestinationconcurrency_limit: "The maximal number of parallel deliveries to the same destination via the smtp message delivery transport."
smtpdestinationrate_delay: "The default amount of delay that is inserted between individual deliveries over the same message delivery transport, regardless of destination".
smtpextrarecipient_limit: "This extra recipient space is reserved for the cases when the Postfix queue manager's scheduler preempts one message with another and…
7 votes -
Option to adjust the SMTP-in EHLO response according the domain on that IP number.
Axigen answers on the SMTP-in connect with an EHLO message according the server name.
Have this configurable like the SMTP banner, so different IP numbers can get different external identification. This to have a better externally visible split of multi-domain Axigen handling.
1 vote -
attachment blocking
We want to skip certain incoming domains/email address from checking attachment blocking. We want Axigen to skip checking attachment rules for those specific domains/email addresses.
1 vote -
Support for OAuth
Both Microsoft and Google are implementing OAuth as an authorisation mechanism not only for webmail but also IMAP etc.
Are there plans for Axigen to implement OAuth support as an additional option?
9 votes -
SNI support for other user services, not only Webmail
This request is to have SNI functionality for imap and smtp as it is very well configured in webmail
12 votes -
Authentication using Domain credentials in multiple Domain Environment.
It would be nice to give users of multiple domains the possibility to use their domain credentials for axigen authentication.
Currently, when we need to use Axigen server in multiple domains environment, tipically in ISP environment, we have to use dedicated LDAP or internal authentication.
This is a limitation.
Axigen support multiple connectors with customer Active Directory, but we can't use a domain password for authentication (just dedicated LDAP or Internal authentication is supported).I think it would be very useful if you could use the authentication "single sign on" using the Active Directory Credential for Axigen Authentication.
127 votes -
add caution banner into the message body to all incoming emails received from other domains
Hello,
We have observed that few organizations are adding caution banner into the message body to all incoming emails (other than their own domain).
This helps to notify users to avert clicking on attachments for unknown or suspicious domains. This can acts as good preventive tools for ransomware which cautions users to double check prior to clicking.
This will help to enhance the security.
5 votes -
possible for ms exchange setup in outlook (ews)
It should be possible to make an MS exchange account (multiple) within the outlook enviroment.
11 votes
- Don't see your idea?