We’re excited to announce that we have partnered with Messageware - a market leader in securing, enhancing, and customizing Microsoft Exchange Servers. This partnership, together with our commercial partner, SecurityZones, integrates Spamhaus’ real time threat intelligence via Data Query Service (DQS) into Messageware’s Exchange Protocol Guard (EPG) product, to better protect users and networks alike.

A new approach to protection

Ordinarily, DQS is integrated with open-source tools or existing anti-spam platforms to block up to 99% of malicious emails, as part of a cost-effective solution for spam prevention. Yet, Messageware has stepped outside the box, broadening the horizons for how this data can protect users.

By querying IP addresses in the Spamhaus DQS datasets, users can verify the legitimacy of connection requests to Microsoft Exchange Servers.

Proactive monitoring

Messageware’s EPG service is an integrated solution that provides advanced login intelligence and control for Microsoft Exchange Servers. It monitors potential risks from attacks, giving email administrators and engineers more control to:

  • Be proactively alerted before an attack escalates
  • Identify legitimate and non-legitimate sources
  • Automatically block suspicious login traffic
  • Receive automatic notifications and reports for server probes and attacks
  • Ban devices known to be infected or associated with cyber-crime in real time

Exchange Protocol Guard enhanced

By integrating Spamhaus’ Data Query Service, Messageware has developed one of its biggest security updates to enhance EPG further, blocking devices and IP addresses in real time that are:

  • Infected with malware and viruses
  • Hijacked or compromised by 3rd party exploits
  • Maliciously attempting to penetrate your server
  • Known botnets
  • Hijacked or leased by cybercrime

Not all heroes wear capes

Messageware recently shared a story from one of their users, when trialling the solution in Beta phase:

A C-Level executive called their IT Support team as they were not able to connect to email.  After reviewing the EPG data, it was determined that the executive’s internet IP had been placed on a Spamhaus blocklist, meaning the connection was being rejected.

The reason for the IP being listed? During a holiday period, malware on a personal device had been accidentally downloaded and went undetected within the home network. After a few malware scans and Internet Service Provider updates later, both were safe & fully operational again.

The executive was extremely grateful that his malware-infected network had been blocked from connecting to the corporate network, preventing further damage.

We asked Mark Rotman, Messageware’s CEO, about the impact of the collaboration,

“Messageware is excited to bring this newly combined technology to market. Adding the real time Spamhaus threat data feeds significantly increases our ability to detect and mitigate threats that are constantly targeting Microsoft Exchange Servers.”

Similarly, Arnie Bjorklund, CEO of SecurityZones shared:

“It’s exciting to see Spamhaus’ data used in a new, and innovative way. Users are already seeing the impact this collaboration is having, which we’re thrilled about. We look forward to further strengthening the partnership and product with Messageware.”

Making the internet a safer place

We’re delighted to be collaborating with the Messageware and SecurityZones teams to create more robust protection for Messageware customers – keeping both users and networks safe. We look forward to hearing more stories, like that of the C-level executive above, on how the solution is creating a safer online experience.

Learn more about the integration here. Alternatively, whether you’re already using Messageware’s products, or would simply like to find out more, click here to contact Messageware directly.

Related Products


Spamhaus Botnet Threat Update, Q1 2023

12 April 2023


Botnet C&C operators continued to escalate in Q1. Spamhaus researchers saw a 23% increase in newly observed botnet C&C servers - with Cobalt Strike and Quakbot ever-present. Get all the latest insights, including the rise in popularity of credential stealer RecordBreaker in this report.

A surge of malvertising across Google Ads is distributing dangerous malware

2 February 2023


Recently, researchers have witnessed a massive spike affecting famous brands, with multiple malware being utilized. This is not “the norm”. Here’s what researchers are observing and a theory on this tsunami of abuse.

There’s no such thing as a “free” app!

15 December 2022


Downloading a free application and installing it on an internet-connected device can lead to you not being able to send email. This is because some apps allow third parties to access your device without your knowledge. These third parties then use your network connection for malicious purposes, causing your IP address to be listed as unsafe.