Notify an administrator upon account creation

Have you ever wanted to run an external task or notify an administrator or similar when a new user has been created in MDaemon? This is actually possible via a content filter rule in MDaemon.

The content filter is found within the MDaemon GUI under Security | Content Filter, but it’s sometimes easier to modify the cfrules.dat to recreate a complicated rule. The cfrules.dat file is located within the \MDaemon\APP directory and can be modified using plain-text a editor, but please take a backup of this file first!

[Rule995]
RuleName=Take action on new user welcome message
Enable=No
ThisRuleCondition=All
ProcessQueue=BOTH
Condition01=X-Actual-From|starts with|AND|MDaemon@|
Condition02=SUBJECT|contains|OR|Welcome to MDaemon!|Welcome to the email system|Email account information|
Condition03=X-Welcome-Message|does not exist|AND|
Action01=add header|"X-Welcome-Message","True"
Action02=copy to|"[email protected]"

Feel free to paste this to the bottom of your cfrules.dat file, save, and you can modify it within the content filter editor within the MDaemon GUI. Note that the rule will not be activated until you open the Content Filter and enable it.

If you’re asking yourself why there is a X-Welcome-Message header being created, it’s simple: If your action included sending an email to an external account that was forwarded back into MDaemon, you’d end up with a loop. By using a custom header, we can avoid that loop.

Lastly, verify that you have the option checked in MDaemon for ‘System generated messages are sent through the content and spam filters’ within MDaemon under Setup | Preferences | Miscellaneous.

While the rule in it’s current form is intended to copy the new-user message to a specific account, you can also run an external script or use other Content Filter actions instead.

Upgrading without a reboot

Do you enjoy rebooting your server? If not, have you ever wondered why MDaemon’s installer asks you to reboot after upgrading?

If MDaemon’s installer does ask you to reboot, please do reboot. You won’t be prompted for a reboot unless either MDaemon was unable to update all files OR another previous installer left files pending for a reboot. MDaemon won’t ask for a reboot unless it’s needed!

If you want to find out which files MDaemon’s installer was unable to update, take a look for the excellent WhyReboot tool. WhyReboot will attempt to show the pending file renames, deletes, and other operations scheduled to occur on the next reboot. If any of these are MDaemon related, do not start MDaemon until you reboot.

In many cases you can also avoid rebooting entirely if you shut down a few services before upgrading MDaemon. Not all of these apply to every installation, but you’ll want to look at some or all of the following items:

If you run under IIS, stop both the IIS website and Application Pool(s).
Stop the MDaemon service. Yes, the installer will try to do this for you, do it anyway.
Stop the MDaemon Remote Administration service. Yes, the installer will try to do this for you, do it anyway. Also, stop SecurityPlus’ tray tray icon, if running.

Depending on your configuration, you may also need to stop the Windows Management Instrumentation service, and Windows Event Log service, although these only need to be stopped if you use these features in MDaemon, if not, you can also disable the applicable features in MDaemon.

Finally, at the conclusion of the installation process, consider what services need to be started. MDaemon’s installer will start MDaemon and MDaemon Remote Administration, but any other services you shut down will need to be restarted manually.

MDaemon Support Bulletin – MD061915

Alt-N has released MDaemon 15.0.3, 14.5.4, 14.0.4, 13.5.4, as well as patches for MDaemon 12.5, 12.0, 11.0 to correct a critical security vulnerability. I would highly recommend installing the latest bits as soon as is possible. While I don’t know all the details, be aware that the content filter processes all messages, therefore the vulnerability can likely be remotely exploited.

Read MDaemon Security Bulletin – MD061915 for more details, then get your server patched!