LuxSci

New WebAide Features

Published: July 24th, 2004

LuxSci WebAides have been updated with the following new features:

  • Search boxes now appear on many of the WebAide pages making it quick and easy to search the WebAide currently being viewed.
  • Users can now subscribe to WebAides. For users with access to many WebAides, subscribing those that you use allows you to hide the ones you do not use from view, simplifying your interface.
  • Subscribing to Address Books allows you to have consolidated access to multiple Address Books when composing email messages. This make it much easier to find addresses of interest, even if they are in different address books.
  • Subscribing to Address Books allows users of our basic anti-Spam service to white list all addresses in all subscribed Address Books at once, rather than merely the addresses in their default Address Book.
  • WebAide administrators can now delete all entries and categories in a WebAide, without deleting the web aide itself, from the General WebAide Administration page.

New Personal and Shared Address Books!

Published: July 24th, 2004

LuxSci has vastly upgraded the WebMail address books available to all users. The new Address Books are fully Outlook-compatible, can store more than 80 different types of information for each contact, have a smart wizard for importing and exporting via CSV files, and much more. Some of the features of the new Address Books include:

  • Keep track of over 80 different types of information for each contact including personal, business, and other addresses, custom fields, multiple email addresses and phone numbers, and much more.
  • Easy to import/export to Outlook, Netscape, Mozilla, and any email client supporting CSV files.
  • A new pop-up address chooser tool for composing email messages

The new WebMail Address Books are also WebAides. Users with an Enterprise WebAide license can also:

  • Have multiple address books
  • Share address books with other users. This allows you to have one or more address books shared with all members of your account!
  • Add attachments to their address book entries

All old-style address books have been automatically converted into you new personal WebAide Address Book.

New WebAides and WebAide Updates

Published: July 4th, 2004

LuxSci expands its Blog offerings with many new types of WebAides. These include:

  • Document Management: Store and share documents and files; use encryption and access control and tracking to ensure the privacy and security or your data.
  • Personal Notes: A simple and easy way to keep and view notes. Supports shared access control.
  • Secure Password Management: Securely store usernames, passwords and other details for all of your varied Internet accounts and logins. Supports shared access control and encryption.
  • Internet Link Management: Manage lists of links to Internet web sites. Supports shared access control.
  • User Groups: Build groups of users for simplified access control assignment and encryption.

WebMail has been updated to include two new commands in the “Other Options” menu:

  • Mark Unread: Use this command to mark selected messages as not yet read.
  • Mark As Spam: Available to basic anti-Spam users, this option deletes the selected messages and adds the sender(s) email addresses to your basic anti-Spam black list.

WebAide Blog Updates

Published: June 21st, 2004

LuxSci has released a major update to its Blog collaboration services. Included in this update are:

  • User Groups. If you have many users, you can group sets of users into named groups. This makes it much easier to setup and manage access control lists for your Blogs. User groups can also have associated PGP certificates that are shared by all group members. This makes encryption of Blog entries that are intended to be read by anyone in a group easy to compose and the recipient list easy to manage. It also facilities use of encryption as individual users do not need to have and manage personal PGP keys.
  • Security. LuxSci now supports the creation and use of personal PGP keys for enterprise Blog users. These keys can be used to encrypt individual Blog entries for specified lists of recipient users and/or groups. Encrypted entries are secure and are only openable by one possessing the password to the PGP keys of one of the recipients. These passwords are never stored on the server or anywhere else in plain text. Secure Blog entries allow you to collaborate and share sensitive documents and information, store personal password lists, and many other things.
  • Digital Signature Verification. If you have encrypted an Blog entry, the recipients can verify your digital signature on your encrypted content. Verification tells the recipient exactly who encrypted the content and when; it also proves that the content has not been tampered with since it was uploaded and encrypted.
  • User Access Tracking. If you enable user access tracking, then any viewer can see exactly when and by whom all additions and changes to an Blog entry were made. Viewers will also be able to see who viewed the entry and when. This type of auditing allows you to prove if someone has seen an entry, has updated an entry, etc.
  • Price. We have lowered the price for an Enterprise Blog license to $2.25/license/month. A license is required for any user that wants to create Blogs, to use PGP security, and/or to be able to edit or create Blog entries.

LuxSci Adds SMTPS Support Especially for Outlook Users

Published: May 28th, 2004

LuxSci has for a long time supported authenticated secure SMTP via STARTTLS on port 25 and many alternate ports. However, because many ISPs block the standard outgoing email port of 25 and because Outlook and Outlook Express do not support secure SMTP via STARTTLS on ports other than port 25 (for some strange reason), Outlook users have sometimes had difficulty connecting to our servers securely to send email.

Now, LuxSci also supports authenticated SMTPS (SMTP directly over SSL on port 465) which is supported by Outlook, Outlook Express, and some other email clients. This feature allows users these programs to use send email securely on a port other than port 25, making it even easier to have comprehensive secure connections to our email servers from anywhere.

PHP Updates: Hardened PHP

Published: May 17th, 2004

LuxSci has updated the version of PHP supported by its web hosting servers to v4.3.6 and now includes “GD” support in PHP. LuxSci’s installation of PHP is now also “hardened” for security reasons. See http://www.hardened-php.net. Hardened-PHP adds security hardening features to PHP to protect the servers on the one hand against a number of well known problems in hastily written PHP scripts and on the other hand against potential unknown vulnerabilities within the PHP engine itself.

Automation API Updates

Published: April 11th, 2004

The account automation API has been updated:

  • You can add and remove services such as POP, IMAP, SMTP, Basic anti-Spam, and WebMail from individual users using two new automation commands. The automation tool can automatically upgrade your account to provide licenses for these services if required.
  • You can add and removed flags from users such as the flag that makes users eligible for auto-deletion and auto-disabling.
  • The user report feature has been enhanced to include the last login date of each user, the list of services each user has access to, and the list of flags associated with each user.

New Email Guard Email Filtering Features

Published: April 2nd, 2004

ClickProtect: The new Email Guard ClickProtect feature allows you to configure whether Web hyperlinks received in emails can be clicked and followed by the user or are redirected to a designated address. You can also designate an Allow List of URLs that is excluded from the ClickProtect processing. (for example, your corporate URLs).

Previously, if the user receives an email that contains a Web hyperlink command (for example, directing the user to a URL address), there was no method to control or report on whether the user would or would not be able to use the hyperlink. This is a common method of Spammers to gather information or take the user to an “undesirable” site.

Now, you can designate what behavior to assign to Web hyperlinks in emails:

  • Do nothing (allow the user to use the hyperlink with no warning or redirection).
  • Allow the user to use the hyperlink, but log all found hyperlinks.
  • Display a customizable warning message and redirect the hyperlinks so that the user is navigated to a designated URL where you control the content.
  • Display a customizable warning message and make the hyperlinks inactive.

In addition, you can build an Allow List of URLs that will not be included in the ClickProtect processing. A user clicking on a hyperlink to a URL on the Allow List will be sent to that URL with no warning or redirection. Further more, you can view reports on the URLs that users are clicking on to better understand their behavior, and the risk to the organization.

Additional Email Guard Updates:

  1. In the Email Guard portal, Administrators and Domain Administrators can now add and delete individual user accounts themselves.
  2. You can now configure whether the command links in the Spam Quarantine Report expire in a configurable number of days. Before, the command links within the Spam Quarantine Report allowed the user to click the link in the Report and automatically log into the portal at any time after the Report was received. Now, you can configure whether the links stay active and for how many days. You can change this setting in the Spam Quarantine Reporting Policies window in the portal.
  3. You can now designate whether a command link in the Spam Quarantine Report only allows the automatic login with the user role of User. Before, if a Spam Quarantine Report was sent for any user with the user role other than User (for example, Domain Administrator, Administrator), anyone clicking on a command link in the Spam Quarantine Report is automatically logged in as that Administrator. Now, you can designate whether a command link from a Spam Quarantine Report forces the automatic log in to the user role of User only, no matter what the actual user role of the user is. This feature allows you to prevent unauthorized automatic login to an Administrator user role in the case where the Spam Quarantine Report was accessed by an unauthorized person.
  4. You can now designate whether a command link to download the Spam Control For Outlook tool is provided on the Spam Quarantine Reports. In the Spam Quarantine Reporting Policies window, you can designate whether a command link appears in Spam Quarantine Reports that allows the users to download the Spam Control For Outlook tool. After the download is completed, the user must then install the tool on his/her local computer.
  5. Auto-creation of new user accounts has been modified: Auto-creation of new user accounts has been changed so that a new user account in the Email Guard portal is created only if all the following is true:
    • 3 emails for that email address have been received, passed filtering, and accepted within a single day.
    • A user account does not exist for the email address in the designated domain.

    Auto-creation of new user accounts is not performed if any of the following is true:

    • Email address contained an alias domain name (for example, “user@aliasdomain.com”).
    • If the email failed filtering policies and was denied or quarantined. Emails that had content stripped, but was sent successfully can still trigger a user account creation.
    • If the email address was denied by alias rules on LuxSci.

Sender Policy Framework (SPF) DNS Records

Published: March 26th, 2004

LuxSci now supports the addition of “Sender Policy Framework” (SPF) records for any domains for which we manage the DNS. SPF is a way to specify in DNS exactly which servers are allowed to send email for a domain; email recipients can use this information to determine if an email message is forged and thus Spam. If you are an existing customer and you would like an SPF record added to your domain, please make a support ticket and indicate if there are any other servers, other than LuxSci’s, from which email from your domain may legitimately originate. Note that we are working on adding SPF to Email Guard to take advantage of this information when filtering your inbound email.

Temporary Domain Names

Published: March 25th, 2004

Web hosting clients can now enable and disable “temporary domain names” that they can use to test their web sites before transferring their domains to LuxSci. This allows administrators to fully install and preview their web sites to make sure that everything works well first, so that the actual transfer of their web sites to LuxSci will be seamless. While LuxSci has always offered temporary domain names, domain administrators can now manage these themselves through their online web site configuration interface.