EveryCloud Technologies    

Essential setup documentation

 

UK: +44 (0)203 0869 833 | US: +1 408-416-2585

support@everycloudtech.com


Inbound Email Requirements


Firewall / Receive connector configuration


To prevent the direct delivery of emails to your mail server, we strongly recommend that you configure your Firewall or mail servers receive connector to accept SMTP connections on port 25* from only EveryCloud Technologies IP ranges, as listed below .


   Subnet IP
    Subnet Mask  
      Net Mask  
IP Range
    83.246.65.0
   255.255.255.0
   /24
   83.246.65.0 - 83.246.65.255
     94.100.128.0
   255.255.240.0
   /20
       94.100.128.0 - 94.100.143.255
     107.170.168.72
   255.255.255.255
   /32
       107.170.168.72



Once your firewall/receive connector is locked down to the above IP ranges, use our firewall tester  here to ensure your infrastructure accepts connections from our IP ranges.


Test structure:


Internet (Needs to show '✔') This means connections from IP addresses outside of our ranges are blocked

Test 1 83.246.65.0/24     '✔'

Test 2 94.100.128.0/20  '✔'

Test 3 94.100.128.0/20  '✔'

Test 4 94.100.128.0/20  '✔'


Test 2,3 and 4 is equivalent to our single 94.100.128.0/20 range, but divided into 3 smaller ranges


107.170.168.72 - no test - troubleshooting IP 

 


MX Record Syntax


Once you have ensured that you're mail infrastructure is able to accept connections from all of our IP ranges and you have allowed at least  45 - 60 minutes for your new account to propagate through our global infrastructure, you will then need to change the DNS MX records for the domain now present on our system


Your new MX record syntax for non-US customers


Priority 10: mx101.everycloudtech.com

Priority 20: mx102.everycloudtech.com

Priority 30: mx103.everycloudtech.com

Priority 40: mx104.everycloudtech.com


Your new MX record syntax for North American continent customers


Priority 10: mx101.everycloudtech.us

Priority 20: mx102.everycloudtech.us

Priority 30: mx103.everycloudtech.us

Priority 40: mx104.everycloudtech.us



Outbound Email Requirements


Send connector configuration


EveryCloud's Non US customers

Please configure your send connector to send outbound through our dedicated Smart-host: outbound.everycloudtech.com


EveryCloud's US customers

Please configure your send connector to send outbound through our dedicated Smart-host: outbound.everycloudtech.us


European continent customers should connect to our Smart host on port 25, North American customers may connect on port  25 or 587


Our dedicated outbound smart-hosts are also defined as a wildcard DNS entry *.outbound.everycloudtech.com and *.outbound.everycloudtech.us that means you may also use any variant of the Smart host eg: yourdomain.com.outbound.everycloudtech.com  or   yourdomain.com.outbound.everycloudtech.us


Please ensure that you have inserted the correct public facing, sending/relaying IP address in your control panel account and allow at least 90 minutes for the IP address to globally deploy before directing outbound traffic through our smart-host. By inserting your public facing sending IP address into the relays section, ensures outbound traffic connecting to our Smart-host is authenticate . If your sending/relaying IP address is not contained/inserted within your control panel account, our system will not allow you send outbound through our smart-host 



(Important: Service Requirements)

In order to protect the reputation of our relays and the continuity of service for all our customers, the below actions are defined as a 'service requirement' when sending outbound email through EveryCloud's infrastructure.


Regrettably, failure to comply with the below service requirements may lead to severe IP reputation damage and as such, EveryCloud reserves the right, without notice, to restrict a customers outbound mail flow through our relays, if it becomes clear, that IP reputation damage has been caused as a direct result of non-compliance with our service requirements.


Service requirement 1.

Sending domain SPF/TXT record


If you intend to send outbound through our service by connecting to our smart-host, you must construct an SPF/TXT record, which authorises our sending servers to send on behalf of you domain. If you do not authorise our sending relays to send on behalf of your domain, recipients systems may consider that email transitioning outbound through our relays is unsolicited.


SPF/TXT record format

If you currently have a TXT record in place, you should alter it, by adding an additional statement is:  'include:' statement. EveryClouds include  'include:spf.everycloudtech.com'  or   'include:spf.everycloudtech.us'


If you do not currently have a TXT record in place, please construct one within your DNS admin console.


Example TXT record

"v=spf1 include:spf.everycloudtech.com -all"    or    "v=spf1 include:spf.everycloudtech.us -all"


Service requirement 2.

Bulk email / Mail shots / Newsletters


If a customer intends sending bulk emails/mail shots outbound through our relays, it is a stringent service requirement, that email recipients are provided with a clear un-subscribe link/option contained within the body of the email and that the intended recipients have personally subscribed to the mail shot in advance. 


Once an email recipient unsubscribes to the mailshot/bulk email, the recipient must be removed from all further mailshot / bulk email correspondence within 24 hours

If your organisation fails to comply with these sending requirements, EveryCloud will impose permanent sending restrictions on your ability to send mail outbound through our platform infrastructure; this is non-reversible


In addition, Inbound emails that are sent inbound from clear mass mailing environments which also do not contain a clear unsubscribe link will be treated as info-mail. 



Service requirement 3.

Sending spam, viruses or malware outbound. (Important)


Please be aware of this service requirement, as it is important and relevant to any customer sending outbound through our service relays.


If your mail server security has been compromised due to your mail servers security being inadequate (definitions below *) and your compromised mail server sends mass outbound spam , viruses or malware outbound thorough our relays and as a consequence EveryCloud relay servers are as a result blacklisted. You, the customer, the partner will be responsible for any costs attributed to de-listing. This means you will need to perform the de-listing yourself with the relevant blacklist.


If there is a refusal to adopt the costs of de-listing, you, your customer will need to point outbound traffic away , permanently from EveryCloud technologies outbound smart-host until such a time that the de-listing fee has been paid and our relays have been de-listed.


Definitions of mail server inadequate security, but by no means exhaustive.


  • an unknown or known third party is/was able to connect into your mail server directly and relay spam, viruses or malware outbound through our infrastructure
  • an unknown or known third party is/was able to authenticate with your mail server by any means and was able to send spam, viruses or malware outbound through our infrastructure
  • an unknown or known third party is/was able to guess an end users mailbox password due to the mailbox password being non-complex and was able to relay spam, viruses or malware outbound through our infrastructure