Welcome to cloud email services

Email Services Implementation guide for a new domain

^Back to top

Welcome to cloud email services.

Use the following information to configure your new domain to use Email Security.cloud with the optimum settings for your organization.

Caution:

Please wait two hours from receiving your confirmation email before you make any changes to your network configuration.

Table: Implementation process

Step

Description

Further Information

1. Redirect your inbound email traffic to the Symantec.cloud infrastructure.

Complete the following MX record changes within five working days of receiving your confirmation email.

It may take up to 24 hours for MX record changes to result in full propagation.

Make sure that any previous MX records in place are NOT removed until the change to Symantec.cloud has fully propagated. When the records are propagated, ensure that there are no back-up MX records left in place.

If an external organization (e.g. your ISP) manages your MX records, ensure that this information is passed on to them.

Define the following MX changes for your domains as follows:

  • Lowest MX preference (default mail route): MX 10 cluster4.eu.messagelabs.com

  • Second MX preference (back-up mail route): MX 20 cluster4a.eu.messagelabs.com

Note:

When Email Services are provisioned and before your MX records are changed, Symantec.cloud may process some of your email. The emails that are processed are those that are sent to your domain(s) by other Email Services customers who are provisioned on the same infrastructure as you. The portal dashboard and reports may show that email has been received before the MX change.

Help on deploying Email Services

2. Redirect your outbound mail traffic (optional)

Note:

We recommend that you make this redirection the first of the technical changes of the implementation process. You can perform it immediately. And it provides a good test of your client-side technical changes; outbound email traffic is generally quieter than inbound email traffic.

Configure your organization's SMTP server to have your outbound email scanned. Use your assigned cluster host name rather than a single IP to ensure security and resiliency as follows:

  • Relay outbound mail traffic to: cluster4out.eu.messagelabs.com

  • Reduce TTL (time to live) and DNS cache to its lowest possible setting (recommended 5-15 minutes).

Help on deploying Email Services

3. Restrict SMTP traffic

We recommend that you lock down port 25 SMTP traffic to and from your Internet gateway to the following IP ranges:

Symantec.cloud IP Ranges

Locking down port 25 prevents spam and viruses being sent directly to or from your mail server. It also enables us to balance traffic across the infrastructure if Internet conditions require it. For example, during mass mailer outbreaks, dictionary attacks, and denial-of-service attacks.

Warning:

If you do not accept email from these IP ranges, there is a risk of partial email failure.

Help on deploying Email Services

Contact information

^Back to top

Please refer to your confirmation email for contact details.