Essential setup documentation
UK: +44 (0)203 0869 833 | US: +1 408-416-2585
Inbound Email Requirements
Firewall / Receive connector configuration
To prevent the direct delivery of emails to your mail server, we strongly recommend that you configure your Firewall or mail servers receive connector to accept SMTP connections on port 25* from only EveryCloud Technologies IP ranges, as listed below .
| Subnet IP
|| Subnet Mask
|| Net Mask
|| 220.127.116.11 - 18.104.22.168
|| 22.214.171.124 - 126.96.36.199
|188.8.131.52||255.255.252.0||/22||184.108.40.206 - 220.127.116.11|
Once your firewall/receive connector is locked down to the above IP ranges, use our firewall tester here to ensure your infrastructure accepts connections from our IP ranges.
Internet (Needs to show '✔') This means connections from IP addresses outside of our ranges are blocked
Test 1 18.104.22.168/24 '✔'
Test 2 22.214.171.124/20 '✔'
Test 3 126.96.36.199/20 '✔'
Test 4 188.8.131.52/20 '✔'
Test 2,3 and 4 is equivalent to our single 184.108.40.206/20 range, but divided into 3 smaller ranges
220.127.116.11 - no test - troubleshooting IP
MX Record Syntax
Once you have ensured that you're mail infrastructure is able to accept connections from all of our IP ranges and you have allowed at least 45 - 60 minutes for your new account to propagate through our global infrastructure, you will then need to change the DNS MX records for the domain now present on our system
Your new MX record syntax for non-US customers
Priority 10: mx101.everycloudtech.com
Priority 20: mx102.everycloudtech.com
Priority 30: mx103.everycloudtech.com
Priority 40: mx104.everycloudtech.com
Your new MX record syntax for North American continent customers
Priority 10: mx101.everycloudtech.us
Priority 20: mx102.everycloudtech.us
Priority 30: mx103.everycloudtech.us
Priority 40: mx104.everycloudtech.us
Outbound Email Requirements
Send connector configuration
EveryCloud's Non US customers
Please configure your send connector to send outbound through our dedicated Smart-host: outbound3.everycloudtech.com
EveryCloud's US customers
Please configure your send connector to send outbound through our dedicated Smart-host: outbound.everycloudtech.us
EveryCloud's customers using Email Encryption [S/MIME or WEBSAFE Encryption]Please configure your send connector to send outbound through our dedicated Smart-host: outbound3.everycloudtech.com
European continent customers should connect to our Smart host on port 25, North American customers may connect on port 25 or 587
Our dedicated outbound smart-hosts are also defined as a wildcard DNS entry *.outbound.everycloudtech.com and *.outbound.everycloudtech.us that means you may also use any variant of the Smart host eg: yourdomain.com.outbound.everycloudtech.com or yourdomain.com.outbound.everycloudtech.us
Please ensure that you have inserted the correct public facing, sending/relaying IP address in your control panel account and allow at least 90 minutes for the IP address to globally deploy before directing outbound traffic through our smart-host. By inserting your public facing sending IP address into the relays section, ensures outbound traffic connecting to our Smart-host is authenticate . If your sending/relaying IP address is not contained/inserted within your control panel account, our system will not allow you send outbound through our smart-host
(Important: Service Requirements)
In order to protect the reputation of our relays and the continuity of service for all our customers, the below actions are defined as a 'service requirement' when sending outbound email through EveryCloud's infrastructure.
Regrettably, failure to comply with the below service requirements may lead to severe IP reputation damage and as such, EveryCloud reserves the right, without notice, to restrict a customers outbound mail flow through our relays, if it becomes clear, that IP reputation damage has been caused as a direct result of non-compliance with our service requirements.
Service requirement 1.
Sending domain SPF/TXT record
If you intend to send outbound through our service by connecting to our smart-host, you must construct an SPF/TXT record, which authorises our sending servers to send on behalf of you domain. If you do not authorise our sending relays to send on behalf of your domain, recipients systems may consider that email transitioning outbound through our relays is unsolicited.
SPF/TXT record format
If you currently have a TXT record in place, you should alter it, by adding an additional statement is: 'include:' statement. EveryClouds include 'include:spf.everycloudtech.com' or 'include:spf.everycloudtech.us'
If you do not currently have a TXT record in place, please construct one within your DNS admin console.
Example TXT record
"v=spf1 include:spf.everycloudtech.com -all" or "v=spf1 include:spf.everycloudtech.us -all"
Service requirement 2.
Bulk email / Mail shots / Newsletters
If a customer intends sending bulk emails/mail shots outbound through our relays, it is a stringent service requirement, that email recipients are provided with a clear un-subscribe link/option contained within the body of the email and that the intended recipients have personally subscribed to the mail shot in advance.
Once an email recipient unsubscribes to the mailshot/bulk email, the recipient must be removed from all further mailshot / bulk email correspondence within 24 hours
If your organisation fails to comply with these sending requirements, EveryCloud will impose permanent sending restrictions on your ability to send mail outbound through our platform infrastructure; this is non-reversible
In addition, Inbound emails that are sent inbound from clear mass mailing environments which also do not contain a clear unsubscribe link will be treated as info-mail.
Service requirement 3.
Sending spam, viruses or malware outbound. (Important)
Please be aware of this service requirement, as it is important and relevant to any customer sending outbound through our service relays.
If your mail server security has been compromised due to your mail servers security being inadequate (definitions below *) and your compromised mail server sends mass outbound spam , viruses or malware outbound thorough our relays and as a consequence EveryCloud relay servers are as a result blacklisted. You, the customer, the partner will be responsible for any costs attributed to de-listing. This means you will need to perform the de-listing yourself with the relevant blacklist.
If there is a refusal to adopt the costs of de-listing, you, your customer will need to point outbound traffic away , permanently from EveryCloud technologies outbound smart-host until such a time that the de-listing fee has been paid and our relays have been de-listed.
Definitions of mail server inadequate security, but by no means exhaustive.
Password Security Policy
We strongly advise that a password security policy is implemented. This is to ensure that access to the EveryCloud control panel and associated end user services such as continuity and archiving are kept secure. Password restrictions are enabled at a customer level at Management > Settings > Restrictions. We recommend that a strong password policy is implemented that ensures:
- Minimum of 8 characters
- Upper case letter in password
- Lower case letters in password
- Number in password
Additionally, special characters can also be used and access restricted to specific IP address / ranges;