We are a small company running 4-5 webshops under different domain names. We use 3-4 email addresses per shop. As a developer / electric engineer I am also experimenting with some M2M / IOT gadget development for what I prefer to be able to introduce new domains and email addresses without any significant additional costs and hassle.
For all the above we purchased a SM Professional 250-Mailbox licence some years ago, (it is version 12 which I am considering to update now to the latest, I am just waiting for version 17.0 for a long time already :-)
We run SmarterMail and IIS with the several websites on the same dedicated Windows 2012 R2 server machine. It is a physical machine, not a VM.
My questions / problems need to be solved in the very near future I am looking for some advice to do this:
Problem 1. We need to implement TLS1.2, because of the PCI certification we need in at least one of our webshops. TLS 1.2 seems to be not working with our mail server. We are not receiving emails when TLS 1.0 and 1.1 is turned off. The PCI conformity tests do not like our email server being on the same computer anyway. So this can be solved with moving the mail server elsewhere, I think.
Problem 2. We have only one IP address for the 4-5 websites (for 8-10 domain names / 35-40 email accounts), I could never manage to be able to send emails to hotmail/yahoo/outlook from any of these accounts because of - what I think the cause is - I can set reverse DNS to only one domain name, but we need several domains as senders. Currenlty we communicate with our customers having such addresses using gmail accounts which does not look professional at all.
Plan - For solving both of the above problems I plan to use a separate machine as a mail server. (Althought I see often the warning to not operate own mail servers below a certain budget/IT staff) I would prefer to stay with SmarterMail, (because we are used to it / because I would like to migrate all our mailboxes with their settings + contents easily / and last but not least I would not like to be ripped off after each new address + domain name I am registering or experimenting with)
So my questions are, (these are just thoughts, please feel free to replace these with a better direction) :
- What do I wrong with TLS 1.2 ?
- What is the correct solution to satisfy a Microsoft hosted email receiving address (hotmail etc.) as a mail server ?
- if I run SM on an Azure VM, how do I overcome the Microsoft's blocking of all Azure IP addresses as email sources, It is even a stricter rule as we have now when I run SM on our server - it is now normally hosted, not Azure, so now we do not have now our IP address blocked by design)
- Microsoft says SendGrid is the right solution for the above, it will solve all the current and future blocking issues, (I am not ruling out to pay also for SendGrid if needed), but it is not clear for me how would SendGrid work with the SmarterMail server. Would I continue to have the freedom to use any number of domains and email addresses (within the 250 or any reasonable limit of course) without additional costs? How do I configure SmarterMail to use SendGrid for the outgoing mails? Would it work with multiple domains?
- Do I really need at least one IP address per domain, so I can have rDNS set correctly for each outgoing email?
- We do not insist to Azure VM so this above question is both for Azure hosted SM and also for SM running on our machine elsewhere.
In short: What is the right solution for a small company insisting to run their own mail server nowadays ?
(Am I right, that I feel we are more and more discouraged from doing this? I've even read opinions that no matter how smart I am to configure everything correctly my emails originating from an unknown (ie.small) domain and from a Fred-in-the-Shed mail server will land in spam anyway, if not get filtered out totally)
Thank you in advance for any clues.