SMTP Policy
Policy for the correct use of SMTP services
Antispam and Anti-abuse policy
Moximail guarantees a high level of deliverability for all emails sent from our SMTP servers. In order to guarantee high standards of service, we have a set of security measures in place against password theft (Account Takeover Protection) on our SMTPs. This ensures that the correct use policies and sending limits are respected.
Account Takeover Protection
The account takeover is a kind of attack criminals use to impersonate a victim's identity by stealing their login credentials.
Moximail includes an account takeover protection system. Protection consists of various levels of analysis and procedures. Access to each email account is constantly monitored and, if an abnormal activity is registered (e.g. unusual time/origin of login), it can trigger an alarm.
When a suspicious activity is detected, this will be automatically notified to both the user and their manager. Furthermore, the anomalous activity is immediately inhibited.
Through the control panel, you are able to analyze these suspicious activities through Tracemail. It is also possible to apply additional security measures, such as two-factor authentication, blocking the use of old passwords, or restricting access to email accounts whose IP addresses are trusted or come from corporate VPNs.
Policy for the correct use of SMTP services
Some of the permitted vs unacceptable activities that customers and users must follow are shown below:
- It is allowed to send personal emails from the user's email clients (Outlook, Thunderbird, Webmail, or other email clients);
- It is allowed to send transactional emails from your billing/e-commerce systems;
- it is not allowed to send newsletters/email marketing;
- any other type of abuse, deemed as such due to the fact that it may affect the operation of other users, provides for the temporary blocking of the SMTP service.
Moximail SMTP sending limits
The authenticated SMTP provided with the email hosting service must be used within the following limits:
- Personal emails can be sent by the user's email client (Outlook, Thunderbird, Webmail, or other email clients);
- It is possible to send transactional emails from billing/e-commerce systems;
- Sending newsletters/email marketing is not allowed;
- The maximum size of messages that can be sent is 50 MB;
- The maximum number of recipients for each individual submission is 150;
- The maximum number of authentications that can be executed within 30 minutes is 300;
- The maximum number of different IP addresses that it is possible to authenticate from within 30 minutes is 5;
- Any other type of abuse (considered as such as it can affect the operations of other users) provides for the temporary blocking of the SMTP service;
- Messages must come from a sender corresponding to an active domain on Moximail.
Starting from the above limits, it is possible to send a maximum number of emails per single email account equal to 1000 messages per day. When this threshold is exceeded, SMTP sends a "Quota exceeded (number of messages in total)" error.
Emails generated inside the same domain are sent even after having exceeded the quota.
Additional SMTP send packages
If you wish to use our SMTP to send transactional emails from billing systems, order management, and e-commerce (our SMTP are compatible with WordPress, Magento, Prestashop, and almost all CMS), you can purchase additional delivery packages for the following costs:
| Additional SMTP send packages | Monthly cost |
|---|---|
| 2.000 total messages per day per email account | US$6/month |
For more additional send packages contact us.
You can purchase additional packages directly from the control panel, by selecting Domain> Email Accounts> General> Sending Limits and choosing the desired package.
The related amount will be automatically counted in your next invoice.
If you have an annual billing plan, the SMTP service invoice will also be annual and will coincide with the expiry date of the service.
We remind you that all emails sent by our SMTP are automatically signed with DKIM. For more information on DKIM signing, consult the documentation.
Antispam and Anti-abuse policy
The policies and limits on our SMTP are necessary to prevent any black list or penalty. Moreover, they block botnets that could have acquired a user's password fraudulently from sending any emails, and avoid any abuse by users of the service themselves.
The violation policy requires that the account be blocked at the SMTP level if an abnormal activity of connection to a suspicious server is detected. By anomalous activity, we mean:
- A high number of SMTP authentications in a few minutes;
- Simultaneous authentication from several IP addresses;
- Sending messages containing spam/phishing.
With the SMTP block, all other functions, including email consultation, remain active.
The block has been designed in such a way that it does not come into operation during the normal activity of sending emails using the classic consulting tools and sending emails (MS Outlook, Thunderbird, iPhone, Webmail, or other email clients) . On the contrary, the block can be activated if the account is entered in automated systems for sending emails (such as Sendblaster or other software for sending a maximum number of newsletters) or if you send mass emails from your email or webmail client.
Unblocking SMTP
You can unblock an account that has encountered an SMTP block from your control panel by going to Domains > Domain name > Blocked email account > Settings > General > Services > reactivate access to the SMTP connection > Save.
Before unlocking, we ask you to scan the user's PC first to make sure there are no viruses or malware. Then, change their account password. For added security, additional measures can be activated such as limiting the number of IP addresses, or requesting a two-factor authentication at login.
If, as a result of unblocking, the same user is involved in new types of abuse, their account will be blocked by our operators. The account will remain blocked until we have received confirmation on the interruption of the abusive behavior, with confirmation that the issue causing the sending of spam/phishing emails (usually a PC infected with a virus that steals your email password) was resolved.
Monitoring of email messages through Tracemail
With Tracemail > Sent Mail (available in the control panel), you will be able to have details on each email sent by the email accounts belonging to a specific domain. This can help diagnose the causes of any user/email block.
Spam from the compromised SMTP account and analyzed by Tracemail
The SMTP service analyzes outgoing emails to detect the presence of viruses or spam, in the event that these messages contain material that is harmful to the receiving users or to the reputation of the Moximail servers. If this is the case, the emails will be blocked and will not be delivered.
Dedicated SMTP server
If you need to send large amounts of email without incurring in these limits, you can use the authenticated dedicated SMTP service that allows you to send unlimited emails. For information on costs and activation, send us a Ticket and we will contact you with all the requested information.
