security settings

Switch from your current mailserver to RealSender safe environment.

You may use the same authentication credentials
as well as the smtp hostname, when it is under your domain name.

You can send email messages securely, even without authentication.


Topics in this area:

authorized senders

only the declared senders are allowed to pass through

protected by fail2ban

unauthorized accesses are identified, blocked and banned after three failed attempts

extra security settings

optional extra security configurations

Subsections of security settings

authorized senders

sender check

A dedicated RealSender smtp server is assigned to each customer.
This is the only way to keep control of the server’s reputation
and daily verify the senders’ domain reputation.

This approach requires that only the declared senders are given the green light to pass.
The system checks every message and accepts/rejects them based on the list of allowed senders.

The “authorized senders” for each RealSender account
must refer to one or more domain names registered by the same company.

RealSender partners and large organizations can independently update
the list of authorized senders.


Request a free trial

protected by fail2ban

fail2ban secured smtp

RealSender relies on the Fail2ban server application to secure your dedicated smtp.
This protects against unauthorized access and DOS (Denial Of Service) attacks.

After three failed attempts, the source IP is blocked and banned.


The causes of the blacklisting could be:

  • authentication attempt with wrong credentials
    (incorrect username or incorrect password)

  • authentication attempt on insecure channels
    (the system requires TLS/SSL authentication)

  • sender’s email address is not authorized to send
    (see restrictions on RealSender authorized senders)

  • smtp connection interrupted during the authentication process
    (multiple broken connections make the smtp service unavailable for legitimate users)


The result of the block is that the smtp server no longer responds to connection attempts,
the computer making the request will receive this message:

connect to address 93.184.216.34: Connection refused

How to deal with accidentally banned IP addresses:

  • Sometimes legitimate IPs get banned due to new configurations or other reasons.
    RealSender provides direct access to Fail2ban logs to verify the bans, like these:
2024-08-26 01:38:01,199 fail2ban.filter         [19671]: INFO    [smtp] Found 93.184.216.34 - 2024-08-26 01:38:00
2024-08-26 01:38:01,201 fail2ban.filter         [19671]: INFO    [smtp] Found 93.184.216.34 - 2024-08-26 01:38:01
2024-08-26 01:38:01,404 fail2ban.filter         [19671]: INFO    [smtp] Found 93.184.216.34 - 2024-08-26 01:38:01
2024-08-26 01:38:01,972 fail2ban.actions        [19671]: NOTICE  [smtp] Ban 93.184.216.34
  • Once you have defined that your IP has been banned,
    contact RealSender support and request the “whitelisting”.

    New connections from the “whitelisted” IP address will be ignored and logged as follows:
2024-08-23 07:00:12,501 fail2ban.filter         [30057]: INFO    [smtp] Ignore 93.184.216.34 by ip
2024-08-23 07:00:12,501 fail2ban.filter         [30057]: INFO    [smtp] Ignore 93.184.216.34 by ip
2024-08-23 07:00:13,115 fail2ban.filter         [30057]: INFO    [smtp] Ignore 93.184.216.34 by ip

Request a free trial

Subsections of extra security settings

stop bad attachments

stop bad attachments

The “stop bad attachments” option blocks all potentially harmful attachments
except some safe extensions that you can define, like: pdf, txt, gif, jpg and png.

The sending with an unauthorized attachments is stopped.

The message does not pass through the smtp server,
the email gets bounced back to the sender with this warning:

The attachment named "example.zip" 
violates Your Company's email security policy. 

The delivery been been blocked. 
For more information, contact your IT Administrator.

Request a free trial

limit messages number

limit messages number

Inspired by a comment from Phil Pennock on the SAGE mailing list:

I really wish that I'd be allowed to put a per-customer throttle on mails-per-day, 
raisable if a customer has legitimate reasons to be sending mail ...

High email volumes are often generated by a compromised account.
They can damage your company’s reputation and the one of your mailserver.

The “limit message number” option lets you define a maximum number of daily emails per sender,
so that any excess quantities will be blocked before going on the internet.

The sending of “extra quantity” communications are stopped.
The emails get bounced back immediately to the sender, with a warning like:

An error occurred when sending email. The mail server answered: 
450 4.7.1 <>...  sender@example.com has exceeded n messages per 1 day.

As an antispam measure, most smtp servers introduced an option to limit the number of recipients
that can be specified for a given envelope. In Sendmail it is Called “MaxRecipientsPerMessage”.

RealSender promotes the limit on the number of recipients per message,
to reduce abuses and to avoid the risk of sending cc/bcc to many addresses.

We share a list of 300 @bogusemail.net addresses for testing:
bogusemail-test.txt

The messages will reach a “black-hole” mailserver.

You can use them at your convenience,
to check how many recipients per message
your smtp server allows the sending to.


Request a free trial

limit messages weight

limit messages weight

If you send a large attachment to someone,
it may not go through as their incoming attachment size may be smaller.

The “limit message weight” option lets you define a maximum message weight
so that they will be blocked even before uploading them.

The sending of overweight attachments is stopped,
the email gets bounced back immediately to the sender,
with a warning like:

The message you are trying to send exceeds 
the global size limit of (xxxx bytes) of the server, 
reduce the size of the message and attempt to send again.

Request a free trial

convert large attachments

filelink conversion

RealSender “filelink” app automatically converts
all attachments larger than the size that you define
into a link, like this:

[large file example.pdf] (43.96 MB) moved to:

http://rsXXX-realsender.com/files/e1eb3665a1a0766ea65616b6210cfd538c4950f8.pdf

The file will be DELETED after twelve months.

Your recipient receives a light message.
He can download the attachment when he needs it.

The domain in the link can be any dedicated domain or subdomain you wish to use.


Request a free trial

bcc of all sent emails

bcc email

Email messages are the main channel of modern business communications.
Their accidental loss would great damage the company’s knowledge base.
Furthermore, business correspondence should generally be kept for up to ten years.

 !! if your company is using personal mailboxes
 such as name.surname@companyname.com  
 you must have informed the senders before activating this function

Using the bcc (blind carbon copy) function,
RealSender transparently transfers all the sent emails

  • to a special pop3 mailbox
    configured to receive large amounts of emails in a short time

    you can automatically download it via external services
    !!! stored email messages are automatically deleted after 7 days !!!

    for example using the “Check mail from other accounts” setting
    available within Gmail, both individual (free) and G Suite App versions

  • to a different email address
    properly configured so that the messages are not classified as spam

    Gmail G Suite App gives the option to “Set up an inbound mail gateways


Request a free trial