EveryCloud Technologies    

Essential setup documentation


UK: +44 (0)203 0869 833 | US: +1 408-416-2585


Inbound Email Requirements

Firewall / Receive connector configuration

To prevent the direct delivery of emails to your mail server, we strongly recommend that you configure your Firewall or mail servers receive connector to accept SMTP connections on port 25* from only EveryCloud Technologies IP ranges, as listed below .

   Subnet IP
    Subnet Mask  
      Net Mask  
IP Range
 /24 -
 /20 -     /22 -

Once your firewall/receive connector is locked down to the above IP ranges, use our firewall tester  here to ensure your infrastructure accepts connections from our IP ranges.

Test structure:

Internet (Needs to show '✔') This means connections from IP addresses outside of our ranges are blocked

Test 1     '✔'

Test 2  '✔'

Test 3  '✔'

Test 4  '✔'

Test 2,3 and 4 is equivalent to our single range, but divided into 3 smaller ranges - no test - troubleshooting IP 


MX Record Syntax

Once you have ensured that you're mail infrastructure is able to accept connections from all of our IP ranges and you have allowed at least  45 - 60 minutes for your new account to propagate through our global infrastructure, you will then need to change the DNS MX records for the domain now present on our system

Your new MX record syntax for non-US customers

Priority 10: mx101.everycloudtech.com

Priority 20: mx102.everycloudtech.com

Priority 30: mx103.everycloudtech.com

Priority 40: mx104.everycloudtech.com

Your new MX record syntax for North American continent customers

Priority 10: mx101.everycloudtech.us

Priority 20: mx102.everycloudtech.us

Priority 30: mx103.everycloudtech.us

Priority 40: mx104.everycloudtech.us

Outbound Email Requirements

Send connector configuration

EveryCloud's Non US customers

Please configure your send connector to send outbound through our dedicated Smart-host: outbound3.everycloudtech.com

EveryCloud's US customers

Please configure your send connector to send outbound through our dedicated Smart-host: outbound.everycloudtech.us

EveryCloud's customers using Email Encryption [S/MIME or WEBSAFE Encryption]

Please configure your send connector to send outbound through our dedicated Smart-host: outbound3.everycloudtech.com

European continent customers should connect to our Smart host on port 25, North American customers may connect on port  25 or 587

Our dedicated outbound smart-hosts are also defined as a wildcard DNS entry *.outbound.everycloudtech.com and *.outbound.everycloudtech.us that means you may also use any variant of the Smart host eg: yourdomain.com.outbound.everycloudtech.com  or   yourdomain.com.outbound.everycloudtech.us

Please ensure that you have inserted the correct public facing, sending/relaying IP address in your control panel account and allow at least 90 minutes for the IP address to globally deploy before directing outbound traffic through our smart-host. By inserting your public facing sending IP address into the relays section, ensures outbound traffic connecting to our Smart-host is authenticate . If your sending/relaying IP address is not contained/inserted within your control panel account, our system will not allow you send outbound through our smart-host 

(Important: Service Requirements)

In order to protect the reputation of our relays and the continuity of service for all our customers, the below actions are defined as a 'service requirement' when sending outbound email through EveryCloud's infrastructure.

Regrettably, failure to comply with the below service requirements may lead to severe IP reputation damage and as such, EveryCloud reserves the right, without notice, to restrict a customers outbound mail flow through our relays, if it becomes clear, that IP reputation damage has been caused as a direct result of non-compliance with our service requirements.

Service requirement 1.

Sending domain SPF/TXT record

If you intend to send outbound through our service by connecting to our smart-host, you must construct an SPF/TXT record, which authorises our sending servers to send on behalf of you domain. If you do not authorise our sending relays to send on behalf of your domain, recipients systems may consider that email transitioning outbound through our relays is unsolicited.

SPF/TXT record format

If you currently have a TXT record in place, you should alter it, by adding an additional statement is:  'include:' statement. EveryClouds include  'include:spf.everycloudtech.com'  or   'include:spf.everycloudtech.us'

If you do not currently have a TXT record in place, please construct one within your DNS admin console.

Example TXT record

"v=spf1 include:spf.everycloudtech.com -all"    or    "v=spf1 include:spf.everycloudtech.us -all"

Service requirement 2.

Bulk email / Mail shots / Newsletters

If a customer intends sending bulk emails/mail shots outbound through our relays, it is a stringent service requirement, that email recipients are provided with a clear un-subscribe link/option contained within the body of the email and that the intended recipients have personally subscribed to the mail shot in advance. 

Once an email recipient unsubscribes to the mailshot/bulk email, the recipient must be removed from all further mailshot / bulk email correspondence within 24 hours

If your organisation fails to comply with these sending requirements, EveryCloud will impose permanent sending restrictions on your ability to send mail outbound through our platform infrastructure; this is non-reversible

In addition, Inbound emails that are sent inbound from clear mass mailing environments which also do not contain a clear unsubscribe link will be treated as info-mail. 

Service requirement 3.

Sending spam, viruses or malware outbound. (Important)

Please be aware of this service requirement, as it is important and relevant to any customer sending outbound through our service relays.

If your mail server security has been compromised due to your mail servers security being inadequate (definitions below *) and your compromised mail server sends mass outbound spam , viruses or malware outbound thorough our relays and as a consequence EveryCloud relay servers are as a result blacklisted. You, the customer, the partner will be responsible for any costs attributed to de-listing. This means you will need to perform the de-listing yourself with the relevant blacklist.

If there is a refusal to adopt the costs of de-listing, you, your customer will need to point outbound traffic away , permanently from EveryCloud technologies outbound smart-host until such a time that the de-listing fee has been paid and our relays have been de-listed.

Definitions of mail server inadequate security, but by no means exhaustive.

  • an unknown or known third party is/was able to connect into your mail server directly and relay spam, viruses or malware outbound through our infrastructure
  • an unknown or known third party is/was able to authenticate with your mail server by any means and was able to send spam, viruses or malware outbound through our infrastructure
  • an unknown or known third party is/was able to guess an end users mailbox password due to the mailbox password being non-complex and was able to relay spam, viruses or malware outbound through our infrastructure

Password Security Policy

We strongly advise that a password security policy is implemented. This is to ensure that access to the EveryCloud control panel and associated end user services such as continuity and archiving are kept secure. Password restrictions are enabled at a customer level at Management > Settings > Restrictions. We recommend that a strong password policy is implemented that ensures:

- Minimum of 8 characters
- Upper case letter in password
- Lower case letters in password
- Number in password

Additionally, special characters can also be used and access restricted to specific IP address / ranges;