This weeks updates: Security, Email Authenticy & Whitelabel
This week we added many smaller updates to increase security, privacy as well as email authenticy. We want to tell you abou the most important changes.
SRS - Sender Rewriting Scheme
This was the most requested feature right now and we are glad to have it implemented now. Email providers like Gmail showed soft fails for incoming Emails over our servers. The reason is easy, the emails are (re)sent by our servers and not the one the domain actually belongs to. Which is, in the confusing world of email, clearly a bad thing.
SRS adds some rewrite magic that allows Gmail and other Email providers to authentify our emails as valid. This does not only fix the soft fails some of you experienced (which never were a real issue I may add, its soft fail and not "fail") but will also make sure you can be more restricted with email settings and still be able to use our service.
Force TLS when possible
So far our servers only used TLS when they liked to, this meant that it was not using TLS more often than not even thought it would have been available. Our servers now learned to always use TLS when it is available but will still work in situations where it is not. And yes, we should have done this from the beginning.
An interesting feature we added is Whitelabel support. If you have an Enterprise account you can now set your own MX record domains to be used with our service. This allows you to use ForwardMX for your own customers without letting them even know who we are. Instead of
mx1.forwardmx.io you can point their domains to
mx1.example.com and let us do the rest.
If you are interested in this feature but don't have an Enterprise account yet, we are willing to enable this for our current users on a Hoarder account as well, just contact us. It is not yet documented because we still consider it experimental, but we have at least one user using it already.
Own Emoji domains? Domains with umlauts? No problem anymore, where you would have hit some issues before our platform is now able to support them without any problems. Just use the domain in the not-punycode variant in our frontend and everything works like with any other domain.
The world is not perfect and some government believe to have rights they should not be having. Even for us in Switzerland the if they make the right claims we can do nothing than to cooperate, as much as we would hate to.
But don't be afraid, that is why we created our Transparency Report & Warrant Canary page. If anything should change on the state of our data privacy we will reflect the changes there.
We also removed the chat because it seems many of you have been annoyed by it, you can still reach is with Email like always. We also made better error pages without funny gif animations, added some transactional emails and upgraded our email servers.
Next step is reworking the payment options ... We want to have PayPal and Bitcoin available for anyone and not only those countries that Stripe seems to allow right now.