Smarthost Service image - a flock of envelopes



Smarthost/SMTP Server

(A Smarthost is just the name given to an SMTP server that’s used for relaying emails between one server and another.)

A Smarthost is used by mail-servers, websites, scanners, security cameras, and any automated or monitoring system that needs to send emails.

Sending your emails through our SMTP servers will give them the best chance of making it to the recipient’s Inbox.

There’s no limits on the number of emails or bandwidth. Up to 50mb of attachments per email.

Charges are based on usage and start from £2.95/month for up to 1000 emails.

Why do you need a smarthost service?

These days, for your mail-server to be able to send out emails successfully it must, as a bare minimum, meet these conditions:-

  • Operate from a static IP address rather than a dynamic IP address that you would typically get from a home broadband connection.
  • The IP address mustn’t be on any blacklist.
  • The name the mail-server identifies itself with must resolve to the IP address it is using (DNS Hostname).
  • The name assigned to the IP address (Reverse DNS) must be the same as the DNS Hostname.

Without all the above, the destination server will probably refuse the connection – but if your server makes it that far, it then has to get past all the filtering checks before it has a chance of getting your emails to the recipient’s mailbox. So in addition, the following are required:-

  • The domain of any From address you are using must have published a list of the only mail-servers that can send emails from that domain (SPF Record) and your mail-server must be on that list.
  • Each email must include a hidden section that is an encrypted version of important parts of the email – From Address, Subject, etc. – that can only be decrypted by a key you have published in your DNS. This is called DKIM Signing and ensures the email has come from an authorised source and hasn’t been changed in transit.

If your company’s IT department struggles to meet the above requirements then that’s a good reason to outsource the sending of emails to a Smarthost Service like ours.

Here are some more reasons:-

  • If you send too many emails, too quickly to the same email provider – Gmail, Yahoo etc. – your IP address will get temporarily blocked for a few hours if you’ve lucky, permanently if you’re not. Our servers keep the rate of outgoing emails below the blocking threshold of other email providers.
  • Things can happen beyond your control that cause your IP address to get on black lists: a user’s computer is hacked by a spammer; someone in your company sends out spammy or offensive emails; a smarthost service you are already using allows other customers to send out spam. It happens to us too but we have enough IP addresses that we can stop using a particular blacklisted address until we’ve managed to restore its reputation.
    • Some firewall you don’t control is blocking outgoing connections over Port 25. Our servers will accept connections over several other ports or you have the option to send your emails using a VPN connection to our servers which will then send out the emails over Port 25.

    Who is this service for?

    • Companies or individuals who need a way to send their genuine business and personal emails reliably.
    • Monitoring Systems, Webforms, Scanners, Security Cameras and any other automated system that sends emails.
    • A way to send newsletters and mail-outs – but we have some conditions:-
      Your mailing list must only contain recipients who have previously opted-in to receive these emails from your company.
      You can’t use mailing lists you may have purchased or obtained by scouring the Internet.
      Even though the GDPR regulations do allow for unsolicited marketing emails under certain circumstances, we don’t!
      Each email must have an unsubscribe link.
      The From address you use must be able to receive emails which someone is monitoring, even if it’s no-reply@, so that failure notifications and complaints can be acted on.
      The mailing list must be well maintained so that unsubscribe requests are honoured promptly and failed addresses removed from your list.
      (We’re not being overly fussy here. All this is needed so that our servers keep their good reputation and don’t get on black lists.)
      We just offer standard SMTP servers, so there are no marketing tools such as those offered by services such a MailChimp.
      Having said all this, we have many customers who happily use us to send out their professionally managed newsletters and mail-outs.

    More Details of how the service works

    Our System

    We currently operate 6 front-line SMTP servers and 2 backups. These are located in datacentres in different parts of the UK, USA and Europe which are operated by different companies. This gives our system resilience against failures and a high sending capacity.

    Authentication

    It’s usual for you to configure your email sending device, whether it’s a mail-server, website, PC, CCTV or scanner, to authenticate with a username and password so then it doesn’t matter what IP address you are connecting from – we know it’s you. Sometimes the sending device isn’t smart enough to authenticate so, if you have a dedicated IP address, or range of addresses, we can allow anonymous access from those IP addresses.
    Another way round this is for you to install the free mail-server called hMailer on your local network so it can relay your emails between your sending device and us using authentication.

    Encryption

    You can use TLS or SSL encryption when sending emails to our server in order to ensure that the connection is secure. If your sending device isn’t capable of making an encrypted connection then our servers will also accept unencrypted connections. When relaying your emails on to the recipient’s email system our servers always offer an encrypted connection. On the rare occasions that the recipient’s mail-server isn’t capable of encryption then an unencrypted connection is used. Our servers no longer use the older security protocols for encryption that are now considered to be unsafe.

    TCP/IP Ports

    Emails are normally sent over Port 25 but some firewalls or ISPs might be blocking this port or diverting it to a different mail-server. You can still use Port 25 but we recommend that you relay emails to us using Port 587 to avoid problems. We have other ports you can use if both Ports 25 and 587 are a problem. If you are sending with SSL encryption then that uses Port 465.
    If you can’t relay emails to us over any port then there’s a good chance it will work if your server first makes a VPN connection to our network – this option is available at no extra charge

    Can you use our smarthost service with Microsoft/Office 365?

    Yes, you can create a Send Connector in Admin Centre – Mail Flow to route all outgoing emails via our servers. The difficulty is that the Send Connector doesn’t have anywhere to enter our smarthost login details, but we can accept connections from Microsoft IP addresses without authentication from specific domains.

    Email Address AutoCorrection

    If any email can’t be delivered at the first attempt, the recipient’s address is run through our AutoCorrection system looking for common misspellings:-

    gamil.com..is changed to..gmail.com
    homtail.com..is changed to..hotmail.com
    mycustomer.co.ik..is changed to..mycustomer.co.uk
    When a correction has been made, the sender receives a notification.
    Sender Policy Framework – SPF Record

    This is the SPF record you need to create to authorise our servers to send emails from your domain:-

    DNS Record Type:TXT
    Record Name:@
    Record Value:v=spf1 include:arrowmail.co.uk -all
    The “@” symbol indicates that the record is for the domain name itself at not any subdomain.

    If you have an existing SPF record then you will need to edit it to add the section: include:arrowmail.co.uk

    DKIM Signing

    The DKIM public key record you need to create is different for each customer, so this is just an example:-

    DNS Record Type:TXT
    Record Name:mycompany._domainkey.mycompany.co.uk
    Record Value:v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NtKYwhjh/bJ2dpQ7I3XzmtCzdl4zc1kuybfOQ
    +xwz5zQl0J88duJWul4nNiyidRWbJr6KczeFx/4TDIr6eUQn2fJyK94tGAGO9u/1XQyZAPOnoyHygP54Bo35aKvVKwQ0uD
    nrJPrtZijN6GjJSRSIztyHSq6rDuTKE4DXaLoERaTwzZTzUjIiWC+2B21kBNJg4BTw5dxTraPYcQluVSoRlTsJroW1HtChsQiM
    QekRA3YUjzTgvTrl91tRAfMosR+8EQRbH6smpxgsxP04BLYrue6WJO3JRc+G+JDZ178iV2EqAJTMqolN60KS0A/SnoMZY2
    AyBm6L3XWy7T3UgFwIDAQAB

    That long string in the Record Value is the 255 bit public key used by the receiving mail-server to decrypt the DKIM header in the received email. The private key that is used to generate the DKIM header is stored securely on our servers.

    DMARC Compliance

    DMARC isn’t a new system for verifying emails but a tying together and strengthening of SPF and DKIM. The DNS record that you publish is your DMARC policy and here is a typical example:-

    DNS Record Type:TXT
    Record Name:_dmarc.mycompany.co.uk
    Record Value:v=DMARC1;p=reject;fo=1;rua=mailto:reports@mycompany.co.uk

    “p=reject” means that if a email is received from an address @mycompany.co.uk which doesn’t comply with this policy it should be rejected. Other options you can have are “do nothing” and “quarantine”.

    “fo=1” means that to comply with this policy a received email must pass either SPF or DKIM checks. There are other options but this is the recommended one.

    “rua” is an email address used by other email systems to send forensic reports about emails it has received from your domain which can alert you if someone is faking emails from your domain.

    Don’t send emails that look suspicious

    Our smarthost service will ensure that your emails appear as genuine and come from a trusted source but this counts for nothing if the emails themselves contain elements that look like malware, scams or spam. Here are some things to avoid when writing your emails:-

    • Email Signatures go out with every email so make yours the simplest one you can and go easy on the advertising of your company. Specifically don’t have any “http://” links as these are now considered to be unsafe. All links need to be “https://”.
      The more words that are in the signature the greater the chance of some filter finding a match so don’t tell the recipient not to print your email or include a load of legalese.
    • Don’t send Word/Excel/PowerPoint attachments that contains macros. Macros are programming code used to automate some function in the document and this has become a popular method to hide a virus. Macros are now “old technology” and often they are still in company documents by accident and don’t actually do anything any more. The usefulness of whatever function a macro performs is outweighed by the suspicion they cause when received in an email.
    • Try to send any document which the recipient doesn’t need to edit as a PDF file attachment and definitely not as an HTML or HTM file.
    • Email standards allow you to specify an address for replies to be sent to which is different to the actual From address of the email. Don’t use them as they look suspicious.
    • Don’t mark your emails as High Importance, that’s for the recipient to decide. It looks suspicious.
    • Don’t leave the Subject Line blank or write nothing in the body of the email.
    • Avoid URL shorteners – bit.ly etc. – again, suspicious.

    Smarthost/SMTP – Get a One Month free trial

    “Free” means “Free” so you don’t need to pay anything upfront or set up any payment method.

    To be eligible for a free Smarthost trial you need to:-

    • Own the domains that you want to use in the From addresses and tell us what they are.
    • Give us an email address at one of these domains for us to send your account details to.
    • Create an SPF record to authorise our servers to send emails from your domains – don’t worry we’ll help you do this.

    Ask us for a trial by emailing us at info@arrowmail.co.uk, phoning us on 0800 099 6480 or filling in this webform

    We’ll do some quick checks to make sure you’re not a spammer trying to trick us and then we’ll email you the SMTP server details, your username and password. So in 15 minutes you might be sending emails through us – we can hang on a bit for the SPF record to be created.
    Any problems and we’re here to sort them out – you’re not going to become a paying customer if you can’t get the service to work the way you want it to.

    • You can send up to 30,000 emails during the trial period.
    • We’ll contact you after a month and give you plenty of opportunity to reply and organise payment before suspending your account.