Primary Environment Settings

In the Spam and Malware Protection module, the primary environment settings of a domain are managed.

Spam and Malware Protection requires several primary environment settings related to receiving and sending emails. Under Primary Environment Settings, you can set the destination of incoming emails, specify IP addresses for other relay mail servers, activate the bounce management and configure the user check.

For more clarity, the available options are explained below: For more information about the configuration, please see chapter Adjusting the Primary Environment Settings.

  • Destination: Under Destination, you must enter the destination of incoming emails which are to be processed by Spam and Malware Protection. The following options are available:
    • IP/Hostname: This is the standard option. It refers to the customer’s destination servers. Either the corresponding IP addresses or the corresponding hostnames must be specified. If you enter a hostname, an MX record resolution is performed first, followed by an A record resolution.
    • If this option is selected, the email service is used. After selecting this option, select the size of the mailboxes. For Spam and Malware Protection, no other primary environment settings are required. All incoming and outgoing emails are checked. The user check is also configured automatically.
    • POP3/IMAP: This option should be selected if the customer’s email provideris Hornetsecurity. If this option is selected, the size of the POP3/IMAP mailbox must be specified.
  • Relay IP addresses for outgoing emails: If Spam and Malware Protection is activated, outgoing emails are filtered, too. Under Relay IP addresses for outgoing emails, you can specify the IP addresses of the customer’s relay mail servers from which outgoing emails are sent to our servers so that Spam and Malware Protection can verify if an email was in fact sent by the customer.

    Here, you can enter several relay IP addresses with suffixes not langer than /24, separated from each other by commas. There is a length limit of 65,535 characters. It is also possible to enter CIDR ranges. If an email is sent from one of the specified IP addresses, Spam and Malware Protection intervenes. If this option is disabled, Spam and Malware Protection filters all outgoing emails from the email addresses of the domain.


    The relay IP addresses specified here are also required for signing and encrypting emails with the services Signature and Disclaimer and Email Encryption. If no addresses are specified, none of both services will be able to process any emails. Even if you do not use these services, we recommend you to specify your relay IP addresses here. This does not apply to 365 Total Protection customers.

  • Bounce management (recommended): Bounce management is a feature which checks incoming bounce messages to determine whether the emails which prompted them were actually sent via the domain’s relay servers or via a fake sender address as the consequence of a spam attack. In the second case, the bounce messages are rejected.
  • User check: With the user check, Spam and Malware Protection checks if the recipient addresses of incoming emails exist. If the recipient address of an email does not exist, Spam and Malware Protection rejects the email. This prevents the mail servers of Hornetsecurity from accepting emails addressed to non-existing recipients under your domain, which could be exploited for DDoS attacks. The user check can be based on the users lists of the Control Panel or your directory service, or it can be carried out by directly sending an SMTP request to the mail servers of your domain which are specified under Destination.