Setting up an ESP Delivery Environment

Setting up an ESP Delivery Environment

Setting up an ESP Delivery Environment

In order to ensure successful email marketing for your clients, it is essential to configure your MTA (e.g. PowerMTA, Postfix, SES, Mailgun, etc.) and Octeth correctly. This will help to establish a good email delivery reputation and protect the system from potential risks.

In this article, we will provide a detailed set of instructions for two widely used setup scenarios.

Scenario 1: Shared email delivery environment

Scenario 2: Dedicated email delivery environment

Scenario 1: Shared email delivery environment

An example of a shared email delivery environment is one where multiple users are able to send and receive emails from a single server.
An example of a shared email delivery environment is one where multiple users are able to send and receive emails from a single server.

As the owner of the ESP, you can register a collection of domain names for sending emails. These domains are used for categorizing your users. When emails are sent out, they will have your shared domains and IP addresses.

You can group users based on their delivery volumes, reputation level or risk level.

If you are using PowerMTA as your in-house MTA solution, what you can do is;

<smtp-user smtp_shared_group_a>
        password "random_password"
        source {source_shared_group_a}
</smtp-user>
<source {source_shared_group_a}>
        always-allow-relaying yes
        allow-auth true
        require-auth true
        default-virtual-mta shared_group_a
</source>
<virtual-mta shared_group_a>
        smtp-source-host xxx.xxx.xxx.xx1 ptr.shared-sender-domain-a.com
</virtual-mta>

# ----

<smtp-user smtp_shared_group_b>
        password "random_password"
        source {source_shared_group_b}
</smtp-user>
<source {source_shared_group_b}>
        always-allow-relaying yes
        allow-auth true
        require-auth true
        default-virtual-mta shared_group_b
</source>
<virtual-mta shared_group_b>
        smtp-source-host xxx.xxx.xxx.xx2 ptr.shared-sender-domain-b.com
</virtual-mta>

# ----

<smtp-user smtp_shared_group_c>
        password "random_password"
        source {source_shared_group_c}
</smtp-user>
<source {source_shared_group_c}>
        always-allow-relaying yes
        allow-auth true
        require-auth true
        default-virtual-mta shared_group_c
</source>
<virtual-mta shared_group_c>
        smtp-source-host xxx.xxx.xxx.xx3 ptr.shared-sender-domain-c.com
</virtual-mta>

# ----

<smtp-user smtp_shared_group_d>
        password "random_password"
        source {source_shared_group_d}
</smtp-user>
<source {source_shared_group_d}>
        always-allow-relaying yes
        allow-auth true
        require-auth true
        default-virtual-mta shared_group_d
</source>
<virtual-mta shared_group_d>
        smtp-source-host xxx.xxx.xxx.xx4 ptr.shared-sender-domain-d.com
</virtual-mta>

# ----

<smtp-user smtp_shared_group_e>
        password "random_password"
        source {source_shared_group_e}
</smtp-user>
<source {source_shared_group_e}>
        always-allow-relaying yes
        allow-auth true
        require-auth true
        default-virtual-mta shared_group_e
</source>
<virtual-mta shared_group_e>
        smtp-source-host xxx.xxx.xxx.xx5 ptr.shared-sender-domain-e.com
</virtual-mta>
Example PowerMTA configuration

As you can see above, 5 different virtual MTA has been set. Each virtual MTA has a different sender IP address and PTR record.

Each one of these virtual MTA’s, you will need to setup a separate delivery server in Octeth:

Example delivery server domain configuration for a shared environment.
Example delivery server domain configuration for a shared environment.

Once this is done, setup a new user group for each delivery server you have just created. Then assign your users to these user groups.

With this setup, your users will be able to send emails without setting SPF, DKIM, DMARC DNS records on their own sender domains.

The advantages of this approach are;

  • Easy to setup for senders. They don’t need to set any DNS record.
  • They will leverage the reputation of an already warmed-up sender domain

The disadvantages of this approach are;

  • The sender will rely on the shared domain and IP address reputation.
  • If a sender causes high spam complaint or bounce rate, it will affect all other senders who use the same shared email delivery environment.
⚠️
Be wary when running a shared email delivery service for your users. If your spam rate is too high, or if you hit any spam traps, then your platform's reputation can be damaged instantly, which would have a negative impact on several users.

Scenario 2: Dedicated email delivery environment

It is preferable to have a dedicated email delivery environment when running an ESP due to the numerous benefits it can offer. These include, but are not limited to, improved security, scalability, and reliability.

  • Each user will have a completely separate email delivery environment.
  • Low-reputation email deliveries do not have an impact on other users.

The drawbacks are:

  • In order to satisfy the requirements of SPF, DKIM, DMARC, etc., users must configure their DNS records.
  • In order to send emails, users must have a domain.
  • To ensure the highest success rate for their email campaigns, users should pre-warm their sender domains and exclusive email delivery IP address.

Let's see what it takes to set up a dedicated email delivery environment:

An example of a dedicated email delivery environment would be a system that is specifically configured to send and receive emails through separate sender IP addresses and domains.
An example of a dedicated email delivery environment would be a system that is specifically configured to send and receive emails through separate sender IP addresses and domains.

To create a dedicated email sending environment for each of your users, you need to have:

  • Email delivery IP addresses
  • Sender domain for each user

If you have only a few email delivery IP addresses, you could employ a hybrid system by using the same IP address for multiple users. This approach still includes the risks of the shared email delivery platform.

The first thing you need to do is to make a plan, such as;

Sender Domain
Sender IP Address
user-a-domain.com
xxx.xxx.xxx.xx1
user-b-domain.com
xxx.xxx.xxx.xx2
user-c-domain.com
xxx.xxx.xxx.xx3
user-d-domain.com
xxx.xxx.xxx.xx4
user-e-domain.com
xxx.xxx.xxx.xx5

The next step is to setup PowerMTA:


domain-key selector,*,/etc/pmta/dkim_generic.pem

<smtp-user smtp>
        password "random_password"
        source {source}
</smtp-user>
<source {source}>
        always-allow-relaying yes
        allow-auth true
        require-auth true
        default-virtual-mta shared_group
        process-x-virtual-mta yes
</source>
<virtual-mta shared_group>
        smtp-source-host xxx.xxx.xxx.xx1 ptr.shared-sender-domain-a.com
</virtual-mta>

# ----
# "1" represents the Octeth user ID below

<virtual-mta dedicated_sender_1>
        smtp-source-host xxx.xxx.xxx.xx2 ptr.dedicated-sender-domain-a.com
</virtual-mta>

# ----
# "2" represents the Octeth user ID below

<virtual-mta dedicated_sender_2>
        smtp-source-host xxx.xxx.xxx.xx3 ptr.dedicated-sender-domain-b.com
</virtual-mta>

# ----
# "3" represents the Octeth user ID below

<virtual-mta dedicated_sender_3>
        smtp-source-host xxx.xxx.xxx.xx4 ptr.dedicated-sender-domain-c.com
</virtual-mta>

# ----
# "4" represents the Octeth user ID below

<virtual-mta dedicated_sender_4>
        smtp-source-host xxx.xxx.xxx.xx5 ptr.dedicated-sender-domain-d.com
</virtual-mta>
Example dedicated sender domain PowerMTA configuration

To set up a delivery server in Octeth, use the SMTP username smtp and the password random_password, which were defined previously. Input the Octeth's default domain for both the tracking and mail-from delivery server settings. Note that these settings will be changed later on by the user's sender settings.

Next, configure a custom email header. Navigate to the [Admin Area → Settings → Email Delivery → Custom Headers] section and add a new email header.

Create a new custom email header.
Create a new custom email header.

The custom header you have created will be added to all outgoing emails, and will have a different value for each user account.

PowerMTA will use the virtual MTA indicated by the x-virtual-mta email header.

To set a user's domain as both a sender and tracking domain, you must first enable "Sender Domain Management" in the user group details. Then, the next step is to set the user's domain accordingly.

Sender domain feature activation
Sender domain feature activation

In the User Area → Settings → Sender Domain section, users can register their sender domain and then use it.

Sender domain setup
Sender domain setup

The domain DNS settings for the sender can be changed by editing /opt/oempro/data/config.inc.php.

$EmailCampaignDNSTemplates = function($AppDomain, $Subdomain = '', $TrackPrefix = '') {
    // _SenderDomain_ : The sender domain that user has registered
    // $Template[0] is the default setup
    // $Template[X] X represents the delivery server ID

    // Example Main Sender Domain DNS Setup
    // console.emailmarketer.io (34.89.219.27)
    //
    // mailer.deliveryservers.com A 34.89.219.27
    // mailer.deliveryservers.com MX 10 mailer.deliveryservers.com
    // _DMARC.mailer.deliveryservers.com TXT "v=DMARC1; p=none; rua=mailto:dmarc.monitor.x@sendloop.com; ruf=mailto:dmarc.monitor.x@sendloop.com; sp=quarantine; fo=1; pct=100; ri=86400; adkim=s; aspf=s;"
    // key1._domainkey.mailer.deliveryservers.com TXT "k=rsa p=...;"
    // mailer.deliveryservers.com TXT "v=spf1 ip4:185.73.128.0/22 ip4:104.247.160.0/19 ~all"
    // track.mailer.deliveryservers.com A 34.89.219.27

    $Template = [
        'Default' => [
            $Subdomain.'._SenderDomain_' => ['CNAME', 'mailer.deliveryservers.com'],
            'key1._domainkey.'.$Subdomain.'._SenderDomain_' => ['CNAME', 'key1._domainkey.mailer.deliveryservers.com'],
            '_DMARC.'.$Subdomain.'._SenderDomain_' => ['CNAME', '_DMARC.mailer.deliveryservers.com'],
            $TrackPrefix.'-'.$Subdomain.'._SenderDomain_' => ['CNAME', 'track.mailer.deliveryservers.com'],
            '_SenderDomainRandom_.'.$Subdomain.'._SenderDomain_' => ['TXT', '_SenderDomainHash_'],
        ],
    ];

    return $Template;
};

Once these steps are finished, each user account will have its own dedicated IP address and be able to use their own domain as the sender.

ℹ️
The "Sender Domain Management" feature can be found on Octeth versions 5.1.0 and above.
💡
If you would like to use Octeth in combination with a proxy such as Caddy to prevent public access, please contact us for step-by-step instructions. We can provide a thorough guide on how to use them together.

💠
image

Footer Social Icons

©Copyright Octeth, Inc. All rights reserved.