Note: The instruction below only applies to parallel scenario D.

3rd party mail filter mail flow change

Configure your mail filter so that E-mails in both directions are sent to seppmail.cloud for cryptographic processing.

Outbound mails flow:

Mail system ==> mail filter ==> seppmail.cloud ==> mail filter ==> Internet

Inbound mails flow :

Internet ==> mail filter ==> seppmail.cloud ==> mail filter ==> mail system

Prevent Mail Loops

To prevent mail loops, the origin system needs to identify the X-headers from seppmail.cloud, so that the origin system knows whether an E-mail was already at seppmail.cloud.

seppmail.cloud always sets X-headers X-SM-incoming and X-SM-internal to identify processed E-mails. It is highly recommended to use these headers to identify whether the mail has already been to seppmail.cloud in order to avoid a loop. Alternatively, the mail filter can also use the source of the E-mails (host, IP address or similar). On the second receipt, it must be ensured that the checks of the first receipt are no longer carried out.

Inbound loop prevention

All mails that are handled cryptographically must be sent to seppmail.cloud host domain-tld.mail.seppmail.cloud (that is contoso-eu.mail.seppmail.cloud).

Outbound loop prevention

The mail filter must accept the mails from the mail system and send them to seppmail.cloud. There, they are treated cryptographically, sent back to the mail filter and marked with the seppmail.cloud headers mentioned above.

IP Addresses

The 3rd party mail filter must accept E-mails from the sending hosts of the seppmail.cloud region. Swiss customers are most likely in region CH. AT, DE, ES, UK and other customers are most likely in the DE cloud.

The IP addresses of the sending hosts of the seppmail.cloud region must be entered in the mail filter as relaying IPs to allow outbound mails to flow to seppmail.cloud for cryptographic processing. See the IP address table for details of your region.