This guide helps you better understand the peculiarities that may arise in the display of emails when using different messaging applications and Infomaniak Mail apps.

Preamble

• It may happen that inconsistencies occur in the display of a list of emails contained in a folder (example: the Sent folder) and that the messages sorted and considered as the most recent by one device will not be the same as those displayed when using another tool. Sent Messages)

Understanding Unique Identifiers (UID)

UIDs (Unique Identifiers) are unique identifiers assigned to each message in an IMAP mailbox. They are used to uniquely identify each message, regardless of changes made to folders or messages themselves. UIDs are particularly useful for managing and synchronizing emails across multiple IMAP email software/clients:

• Each email is assigned a unique UID at the time of its creation in a mailbox; this UID never changes in principle as long as the email exists, even if its content or metadata is modified.
• UIDs are generally sequential, which means that more recent messages have higher UIDs in principle.
• During email synchronization, IMAP email software/clients can use UIDs to determine which messages are new, modified, or deleted since the last synchronization; this allows for efficient email management without having to download and compare all messages.
• Depending on the tool used, to display them in the order in which they were received, messages can be sorted by their reception date or by UID.

Not to be confused with:

• Message Sequence Number (used for temporary operations based on the current position of messages)...
• Message-ID (RFC 5322) (used to uniquely identify messages across different servers and email software/clients)...
• X-Message-Id (server-specific and used for internal tracking needs)...
• Thread-Index and Thread-Topic (used by Microsoft applications to track conversation threads)...
• GMail Unique Identifiers (used specifically by Gmail to manage messages and discussion threads)...

IMAP Applications and Infomaniak Mail App

The issue may appear in this form at the server command level:

758 - date.sent: 2017-10-11 23:15:26 (+0100)
757 - date.sent: 2017-10-11 15:00:55 (+0100)
756 - date.sent: 2017-10-11 14:39:28 (+0100)
(...)
742 - date.sent: 2018-01-17 00:40:21 (+0000)
741 - date.sent: 2018-01-17 00:30:33 (+0000)
740 - date.sent: 2018-01-17 00:26:07 (+0000)
(...)
51 - date.sent: 2022-10-07 16:39:16 (+0100)
50 - date.sent: 2023-06-13 10:15:00 (+0100)
49 - date.sent: 2023-06-07 12:11:35 (+0100)

Here, it can be seen that emails from 2017 have a UID (758, 757, ...) higher than emails from 2023. UIDs must have been reassigned for one reason or another during the existence of this entire email account (moves, copies, imports, etc.).

Depending on how the messaging tool sorts emails, a message from 2017 may appear among recent messages while the 2018 message will not be loaded immediately. This is particularly true for Mail Infomaniak which only loads a series of emails at a time based on the UID (this is subject to change).

Therefore, to resolve any inconsistencies, it is recommended to use an IMAP messaging software/client such as Thunderbird on a computer, which will allow you to quickly and efficiently sort all messages in a specific folder based on the email date, as the application will display all messages present on the Infomaniak server.

This guide helps you protect the reputation of your domain name, to maintain the trust of Internet users and service providers in your website or business, thereby facilitating the smooth operation of your email.

The web reputation

There are different types of reputation on the Internet, including personal reputation, corporate reputation, and domain reputation.

Domain reputation is essentially a score that determines how email systems decide what to let through to users' inboxes. Fundamentally, the reputation of your domain is a measure of the health and legitimacy of your domain. This reputation can be influenced by the security of your email and website.

For example, the reputation of a domain can decrease if…

• … the site visible at the domain address is hacked, leading to the mass sending of fraudulent emails,
• … the domain's email is exploited for the involuntary sending of spam.

If the reputation of your domain remains poor, your emails may be marked as spam and not reach their intended audience. This can harm email deliverability (see this other guide in English on this topic).

Improving domain reputation

By following these few tips, you can improve the reputation of your domain and, for example, boost all your email marketing efforts:

• Set up and verify SPF, DKIM, and DMARC records that help protect your domain from identity theft attacks.
• Check the reputation of your domain with tools such as Google Postmaster Tools, Sender Score, Microsoft SNDS, McAfee or Talos Intelligence and identify potential issues.
• Only send emails to users who have chosen to subscribe!
• Get trusted links or backlinks…

See this other guide about RBLs.

This guide explains how to connect the Apple Mail desktop app (desktop application on macOS) to an email address hosted by Infomaniak.

Preamble

• Your macOS computer will be automatically configured via .mobileconfig configuration profiles compatible with Apple, unlike a manual configuration.
• It is possible to remove a configuration profile once installed (scroll to the bottom of this page for instructions).
• The various services offered by Infomaniak are all compatible with the corresponding standard protocols (IMAP/SMTP for email, for example). Therefore, if you encounter a problem with third-party software, contact the publisher directly or a Partner and consult the support policy as well as section 11.9 of the Infomaniak Terms of Service.

Install a configuration profile

Prerequisites

• Create the email address in my kSuite or a Mail Service / kSuite.
• Create a password for the email address on the device you are going to configure.
• Check that the Mail Service is configured optimally.

You can download the profile from the device in question or send it from another device (if you already have a working email address, for example):

1. Click here to access the Infomaniak configuration tool (online service https://config.infomaniak.com) — log in if necessary to your Infomaniak account on the Organization on which your email address is managed.
2. Choose to install the profile on this device.
3. Choose to synchronize emails.
4. Enter the password for the email address (attached to Mail Infomaniak (Webmail)) that you wish to synchronize.
5. Click on the blue Verify button:
   
6. Download the configuration profile:
   
7. Open the System Settings of the computer.
8. Click on General in the sidebar, then click on Device Management (for macOS Sequoia 15 version). If you have a lower version or cannot find the profile, refer to the official documentation by changing the version of your system at the top of the page if necessary:
   
9. Click on +:
   
10. Locate and then open the previously downloaded file:
    
11. Click on Continue:
    
12. Enter the email address password.
13. Click on Install:
    
14. There you go, your email address is now configured in the Apple Mail application that you can open and control.

Delete an IMAP account

Refer to the chapter "Stop using an account" by changing the system version at the top of the page if necessary (be careful: do not delete a POP3 account without saving your messages first).

Delete an Apple profile

Refer to the official documentation by changing the system version at the top of the page if necessary.

*Why is it necessary to choose the guide version that exactly matches your macOS / iOS system version? Apple sometimes introduces subtle changes with each new system version, for example a path on iOS 15…

…becomes this on iOS 18…

This guide explains how to connect the Apple Mail mobile app on iOS to an email address hosted by Infomaniak.

Preamble

• Your iOS device will be automatically configured via .mobileconfig configuration profiles compatible with Apple, unlike a manual configuration.
• It is possible to delete a configuration profile once installed (scroll down to the bottom of this page for the instructions).
• The various services offered by Infomaniak are all compatible with the corresponding standard protocols (IMAP/SMTP for email, for example), therefore if you encounter a problem with third-party software, contact its publisher or a Partner and consult the support policy as well as section 11.9 of the Infomaniak Terms of Service.

Install a configuration profile

Prerequisites

• Create the email address in my kSuite or a Mail Service / kSuite.
• Create a password for the email address on the device you are going to configure.
• Check that the Mail Service is configured optimally.

Download the profile from the relevant iOS device or send it from another device (if you already have a working email address, for example):

1. Click here to access the Infomaniak configuration tool (online service https://config.infomaniak.com) — log in if necessary to your Infomaniak account on the Organization on which your email address is managed.
2. Choose to install the profile on this device:
   
3. Choose to synchronize emails:
   
4. Choose to synchronize another application than the Infomaniak Mail application:
   
5. Enter the password for the email address (attached to Mail Infomaniak (Webmail)) that you want to synchronize on iOS.
6. Press the blue Verify button:
   
7. Press to copy the validated password.
8. Download the configuration profile and authorize its opening:
   
9. Open the settings of the iOS device:
   
10. Press the recently downloaded profile:
    
11. Press Install:
    
12. Unlock your iOS device:
    
13. Press Install:
    
14. Paste the password of the previously verified email address (point 7 above).
15. Press Next:
    
16. There you go, your email address is now configured in the Apple Mail application that you can open and control:
    

Delete an Apple profile

Refer to the official documentation by changing the version of your system at the top of the page* if necessary.

*Why is it necessary to choose the guide version that exactly matches your macOS / iOS system version? Apple introduces changes, sometimes subtle, with each new version of its system, for example a path on iOS 15…

… becomes this on iOS 18…

 

This guide explains how to quickly obtain a password when you need to access an Infomaniak email address.

Generate an email address password

Prerequisites

• Order a Mail Service from Infomaniak.
• Create one or more addresses on this Mail Service.
• Be Administrator or Legal Representative within the Organization.

To add a password to the example address demonstration@exemple-domaine.ch:

1. Enter the login credentials for your Infomaniak account and its password on the page https://manager.infomaniak.com/:
   
2. Validate the entry in the Manager with the 2FA (two-factor authentication) method initially defined:
   
3. Once on the dashboard, click on Mail Service:
   
4. Once on your Mail Services, click on the name / domain name to which the email address in question belongs:
   
5. Once on the Mail Service to which the address belongs, click on the email address in question:
   
6. Once on the email address in question, click on the Devices tab, then on Add a device:
   
7. At this stage, you may need to re-enter the login password (the one from point B above):
   
8. Then choose not to specify a particular user.
9. Enter a name that allows you to identify the reason for creating this device (here, the user needs a password to be able to send emails from a site, and they add the current date as useful information):
   
10. There you go: the future password is displayed, you can change the characters if necessary (be careful, it will not be possible to display it again later).
11. Save it at the bottom of the page to use it as you wish:
    

You clicked the “Finish” button (above “P”) without noting the password? No problem, modify or regenerate a new one!

1. Click on the action menu ⋮ located to the right of the newly created device and click on Change Password:
   
2. Click on the button all the way to the right of the field to generate a new random password and/or enter the secure characters you wish to use for the new password, then click on the button to save the change:
   
3. The new password that replaces the old one is now permanently displayed. You can enter it on your device(s) in place of the previous one (note that it will not be possible to display it again afterward).

Do you need a password for a secondary and temporary user? No problem, generate a second one!

1. Click on the button to Add a new additional device:
   
2. Then choose to not specify a particular user, and enter a name that allows you to identify the reason for creating this device (here the user needs a password for an intern for a week):
   
3. The password is now displayed. You can use it for your intended purpose (note that it will not be possible to display it again afterward, however, as before, it will obviously be possible to modify it or regenerate a new one):
   

Also refer to this other guide.

This guide explains how RBLs work, the questionable policy of some of them, and the ways to resolve a potential email block.

Preamble

• RBLs (Realtime Blackhole List) or DNSBL (DNS Black List) are lists containing addresses / IP / provider names / servers, known as major spam senders.
• These are often large generalized blacklists, allowing to spot messages considered as unwanted and those who send them, that some providers maintain (smtpcheck, uceprotect: non-exhaustive list)…

Adding the email address to the RBL

When an email address is identified as belonging to an unwanted sender, it is blocked to prevent the reception of unsolicited messages. A block in the RBL does not expire. Addresses will be listed indefinitely.

If you receive a message indicating that your email address is blocked by RBL, this means that the Infomaniak security system has detected suspicious or unwanted activities associated with this email address. This may include mass sending of unsolicited messages, participation in phishing campaigns or other malicious behaviors.

Resolving an email block (RBL)…

… if the error mentions your address and RBL

If you get errors of the type

anna.a@domain.xyz is rbl blacklisted - http://chk.me/rbl

when sending an email and you think it’s a false positive, contact Infomaniak support.

To avoid having your email address blocked by the RBL blocking system in the future, follow the best practices for using email:

1. Do not send unsolicited messages or mass messages to unknown recipients.
2. Regularly sort the list of recipients used.
3. Do not participate in phishing or cybercrime activities.
4. Ensure the best level of security where your emails are used:
   1. strong password
   2. up-to-date software
   3. up-to-date operating system (iOS, Android, Windows, macOS, etc.)
   4. up-to-date associated domain configuration

... if the error mentions an organization like Sorbs or Barracuda

If you get errors of the type

554 5.7.1 Client host blocked using sorbs

or similar:

1. Follow the procedure of the mentioned organization (e.g. http://www.barracudacentral.org) to get your address removed from the list.
2. Temporarily change your Internet service provider or connection method - WIFI vs 4G/5G - to send your messages.
3. Inform your correspondent and their email provider to take the necessary steps and/or to stop using an unreliable RBL.
4. Wait a few hours and try again.

Fewer and fewer professionals (ISP, hosts, etc.) use service providers like Backscatterer / UCEPROTECT which are primarily for profit, and there are many other very effective lists, such as ABUSIX or SPAMCOP, which are well-maintained and whose real goal is to fight spam, one of the priorities of Infomaniak.

This guide concerns the notifications you can receive with the mobile app Infomaniak Mail (app for iOS / Android smartphone or tablet).

Be notified according to the specific email address

The mobile app Infomaniak Mail allows you to manage multiple email addresses and you can choose to receive notifications only for some of your email addresses and not others.

To access the notification settings of the application, refer to point C of this other guide.

Resolve an issue…

… on iOS

Check in the settings of the mobile app Infomaniak Mail that notifications are enabled for the email address in question:

… on Android

On Android devices, particularly Samsung with One UI 6.1 and above, the system settings screen for notifications no longer allows you to specify by default which of your email addresses should trigger a notification:

The solution is to enable, from the main page of Android notifications, by clicking on “Advanced settings” at the bottom of the window…

… the option “Manage notification categories for each application”:

Then go back to the notification page of the Infomaniak app and you can tap on “Notification categories”…

… to find the specific notification choice by email address:

Receive all notifications

If you have authorized the application's notifications on your mobile device, you will receive a notification for each new message that arrives.

Resolve an issue…

If you see a new message arriving in your inbox, but this one has not triggered any notification on your device, there may be several reasons.

1. Start by opening the application to make sure it is working, update it if necessary.
2. Open another application or turn off the device screen (if the Infomaniak Mail app is open, in the foreground, screen on, the device may not emit any notification).
3. Send a new test message to your email address to trigger a notification.
4. Is the test message in the inbox? Indeed, a message going to spam or another folder may not trigger any notification.

… on Android

1. Have you waited for several dozen minutes? Indeed, fast notifications (push type) require going through a Google service to work, but some devices that do not go through Google services (such as Fairphone), notifications can arrive at much longer intervals.

This guide explains how to add a user to an existing email address on Infomaniak without sharing a password.

Prerequisites

• Order a Mail Service from Infomaniak.
• Create one or more addresses on this Mail Service.
• Be an Administrator or Legal Representative within the Organization.

Add one or more users (new or existing) to an email address

The current email access management model allows each user to log in independently and securely to the same email address, without sharing a global password. In the case of one or more existing users already in the Organization, the email address will be automatically added to their Infomaniak Mail interface.

Refer to this other detailed guide on this topic.

Managing and removing a user

If a user should no longer have access to an email address and its content, simply remove them from the same interface, but there are 2 possibilities:

1. Click on the action menu ⋮ to the right of the user in question.
2. Choose whether you want to disconnect all of the user's devices: they will no longer have access to the email address on email software/clients, but will continue to have access to the address on the Infomaniak app (Web, mobile…).
3. You can choose to remove all their access to the address, and they will never be able to view it again:
   

Their password is then immediately revoked, without affecting other users. You can then:

• … assign access to another person
• … retain full management of the address
• … create new accesses without service interruption

Also refer to this other guide if necessary to block a complete Mail Service to all users.

Management of individual accesses and passwords

Each added user has their own password, generated automatically when their access is configured. This password is unique to their account and device:

• The address owner no longer needs to share a main password.
• Each access is isolated and can be revoked without disrupting the others.
• A password is never visible after its creation; if needed, a new access can be created.

Multiple accesses can coexist for the same address, allowing different devices or software to connect without interruption. Each password is entered once per application or device and remains independent: you can revoke a specific access (for example, if a device is lost or replaced) without affecting the others.

Refer to this other guide on this topic.

On the Mail Infomaniak mobile app

When a user is added, the email address is automatically added to their Mail Infomaniak mobile application:

They can switch between their addresses at any time using the chevron located at the top left of the screen:

To do this, it may be necessary to choose to display, from the top left section, all Organizations:

This guide explains how to allow a user (friend, colleague, client, family member, etc.) to easily and securely use an email address that you have created within an Infomaniak Mail Service as an administrator of the concerned Organization.

Preamble

• No password should be transmitted to them.
• The email address will be automatically added to the Infomaniak Mail interface of the user, after they accept the invitation.
• Refer to this other guide to manage existing users.
• Refer to this other guide if you are looking for additional information regarding the simple creation of an email address for yourself.

Invite to use the email…

…from the Mail Service

To allow an already active user to access the email address you wish to share:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the concerned product.
3. Click on the concerned email address in the displayed table:
   
4. Click on Add above the table of users currently accessing the concerned email address on Mail:
   
5. Enter the password to log in to your Infomaniak account if prompted.
6. Choose (a) one of the existing users within your Organization or (b) an external user to the Organization:
   

Choice [ a ]: existing user on the Organization

Nothing could be simpler:

1. The concerned email address will be automatically visible and accessible to the selected user on the Infomaniak Mail web app (online service ksuite.infomaniak.com/mail) with the specified permissions.
2. Click the button to Add the user:
   
3. After the addition, it is always possible to restrict the user by clicking on the icons corresponding to the permissions…
4. ... or even revoke their access to the email address:
   

The user in question has access to the email address concerned:

Option [ b ]: external user to the Organization

1. Click the radio button to select the option for new user.
2. Click to configure the user's rights:
   
3. Modify, if necessary, the permissions granted to the user for the email address concerned.
4. Save the changes:
   
5. Click the button to Add the user:
   
6. The invitation is created, and the user just needs to execute the provided link (see below) to add the email address to their Infomaniak Mail.
7. It is possible to send the invitation by email:
   
8. The invitation is visible under the email address user tab, and it can be deleted at any time:
   

The user will have access to the email address concerned if they execute the invitation link while logged into their account…

1. ... or if they log into their account after executing the invitation link:
   
2. If necessary, the user can still switch accounts before attaching the address if necessary:
   
3. The user in question has access to the email address concerned once they have chosen which Organization:
   

... from the Infomaniak Web Mail app

To access the same process as above but from the Infomaniak Web Mail app (online service ksuite.infomaniak.com/mail):

1. Click here to access the Infomaniak Web Mail app (online service ksuite.infomaniak.com/mail).
2. Click on the action menu ⋮ to the right of the email address concerned.
3. Click on the Settings of the email address:
   
4. Click on Invite a user:
   
5. Enter the password to log in to your Infomaniak account if prompted.
6. Modify, if necessary, the permissions granted to the user for the email address in question and click on Next:
   
7. The invitation is created and the user will only need to execute the provided link to add the email address in question to their Infomaniak Mail.
8. It is possible to send the invitation by email:
   

In case of a problem

If the Invite button (point 6 above) is not visible or remains greyed out, check that:

• your user account has sufficient permissions to administer the product in question
• the email address in question does not yet exist as a login identifier for an Infomaniak Organization
• the table under the button does not mention a user listed with an email address identical to the email address in question

Example: you want to invite someone to view the address anna.a@domain.xyz but the button is greyed out because a user anna.a@domain.xyz is listed in the table.

Solution: to be able to invite a new user to view the address in question, completely delete the user account with the login address being the email address in question.

This guide is about the DMARC policy and the optional security reports sent by email that can be activated or deactivated upon request.

Optional DMARC reports

The DMARC reports are optional and provide the following information:

1. Third-party senders or servers that send emails on behalf of your domain.
2. The percentage of messages from your domain that pass the DMARC verification process.
3. The servers or services that send emails failing DMARC verifications.
4. The DMARC actions performed by the receiving server for unauthenticated messages from your domain (none, quarantine, or reject).

When the reports indicate that most emails pass DMARC verifications successfully, it is recommended to strengthen your DMARC settings by imposing stricter measures. This will enhance the protection of your domain against spoofing.

The written report is sent by email to the address you specify in the configuration, and will come from dmarc@infomaniak.com or other providers such as Microsoft, Google, Yahoo, etc. It is delivered as a ZIP archive containing the report in XML format:

It is also possible to receive copies of problematic emails.

Analyzing a DMARC report

Infomaniak is neither able to analyze your potential DMARC reports and records, nor able to comment on the validity or compliance of these, as this is entirely your responsibility.

It is recommended to use an external service to analyze a DMARC report, such as e.g. https://dmarcadvisor.com/dmarc-analyzer/.

Deactivating a DMARC report...

...from a Mail Service

To deactivate the sending of a DMARC report if you still have a Mail Service (otherwise, see below):

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned.
3. Click on Global Security in the left sidebar.
4. Click on Edit (in the DMARC section).
5. Remove the registered addresses and Apply the changes:
   
   

... from the DNS zone of a domain

If the Mail Service is no longer in operation but you continue to receive email reports, you need to act directly on the domain name and delete the dmarc record from its DNS zone:

This guide presents, in the same way as Generate a mail password quickly, the quick methods for viewing a mail address with Infomaniak tools.

Access a mail address

To use the existing mail address demonstration@exemple-domaine.ch:

1. Enter the login ID for your Infomaniak account and its password on the page https://manager.infomaniak.com/:
   
2. Validate the entry in the Manager with the 2FA (two-factor authentication) method initially defined:
   
3. Once on the dashboard, click on Mail Service:
   
4. Once on your Mail Services, click on the name / domain name to which the mail address in question belongs:
   
5. Once on the Mail Service to which the address belongs, click on the mail address in question:
   
6. Once on the mail address in question, click the Add user button:
   
7. It may be necessary at this stage to re-enter the login password (the one from point B above):
   
8. Then choose the option to add an existing user, then click on the field below, which displays the list of users in the Organization to which you are connected, and click on your user (your login ID for the Infomaniak account). Validate the addition with the button at the bottom right:
   
9. It's done, your own user has been added:
   
10. Then click on the icon at the top of the screen to open the my kSuite tools and click on the Infomaniak Web app Mail:
    
11. The mail address has been successfully added to the Web app Mail (click if necessary on the chevron to expand the address menu and access it). An information email has been sent to the user (yourself in this case) to notify of the operation:
    

Grant access to a mail address

To quickly allow a third party to use the existing address demonstration@exemple-domaine.ch:

1. Follow points 1-7 above.
2. At the step below, choose the “New user” option. Validate the addition with the button at the bottom right:
   
3. Copy the invitation link (it is of the form https://welcome.infomaniak.com/iw/abcdef-12345.....):
   
4. The third party executes the invitation link in their browser:
   
5. She enters her email address...
   

If the third party is already using the Infomaniak Web Mail app...

The email address that the third party indicates in point 5 above must match their Infomaniak account login ID.

That's it: the user is redirected to the Infomaniak Web Mail app, which will display the email address to which the invitation link referred:

If the person was already logged in to their Infomaniak account, then the step 5 above is even shorter as the user only needs to click to be redirected to the new email address to consult:

If the address is not immediately visible, check if the Infomaniak account is linked to multiple Organizations, and if so, choose to display emails from all Organizations:

If the address to which the invitation belongs still does not appear, try to refresh the browser page (Command ⌘ + R on macOS and Ctrl + F5 on Windows).

If the third party is not yet using Infomaniak...

After indicating their email address in point 5 above, the third party will be invited to create an Infomaniak account:

1. They will need to provide their details and create a password for logging into their Infomaniak account:
   
2. They will need to provide a phone number and accept the general terms and conditions:
   
3. They will need to add a two-factor authentication (2FA) method to secure access to their Infomaniak account:
   
4. Once the 2FA method is added, that's it: the user is redirected to the Infomaniak Web Mail app, which will display the email address to which the invitation link referred:
   

Also refer to this other guide.

This guide explains how to set up a DMARC policy for your email hosted by Infomaniak, an essential element to prevent potential delivery issues.

Preamble

• The DMARC (Domain-based Message Authentication, Reporting, and Conformance) protocol enhances the security of your domain by relying on SPF and DKIM checks.
• It instructs recipient servers on how to handle emails that fail these authenticity tests, with three protection policies (None, Quarantine, Reject) detailed below.
• In case of authentication failure, the recipient can send you a DMARC report; this data is essential to identify configuration errors or stop phishing attempts using your domain name.

DMARC Policy and Acceptance Percentage

For the instructions that can be given to recipient servers when a suspicious message is detected, 3 policies (p = policy) exist and can be refined with a percentage (pct):

None (none): The email is delivered normally (observation mode)

With "p=none", no email is rejected or quarantined based on the DMARC verification. However, the reception percentage can be used to collect data on unauthenticated emails, indicating how many of these emails should be subject to the DMARC policy. E.g., "p=none; pct=10" means that 10% of unauthenticated emails will be subject to the DMARC policy, while the remaining 90% will be accepted.

Quarantine (quarantine): The email is sent to spam

With "p=quarantine", unauthenticated emails can be quarantined, but the reception percentage determines the proportion actually subject to this policy. E.g., "p=quarantine; pct=50" means that 50% of unauthenticated emails will be quarantined, while the remaining 50% will be accepted.

Reject (reject): The email is purely and simply blocked/deleted

With "p=reject", unauthenticated emails are rejected. The reception percentage determines the proportion of unauthenticated emails that will actually be rejected. For example, "p=reject; pct=20" means that 20% of unauthenticated emails will be rejected, while the remaining 80% will be accepted.

Create a DMARC Record

There are 2 ways to manage DMARC.

If you have a Mail Service with Infomaniak, the simplest way is to go to the Global Security tool to manage your DMARC security policy and reports:

However, since the DMARC record is a type of DNS record, usually of type TXT, you can also manage it from the DNS zone of the domain name:

1. Click here to access the management of your domain on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the domain in question.
3. Click on DNS Zone in the left sidebar menu.
4. Click the button to add a record:
   
5. Click the radio button DMARC to add a record.
6. Click the Next button:
   
7. Leave (or add if necessary) the value _dmarc in the Source field.

8. The Target field must contain the parameters you wish to use, separated by ;:

   Tag Name	Purpose	Example
   v	Protocol version	v=DMARC1
   pct	Percentage of messages subjected to filtering	pct=20
   ruf	URI for forensic reports	ruf=mailto:authfail@domain.xyz
   rua	URI for aggregate reports	rua=mailto:aggrep@domain.xyz
   p	Policy for the organizational domain	p=quarantine
   sp	Policy for the subdomains of the organizational domain	sp=reject
   adkim	DKIM alignment mode	adkim=s
   aspf	SPF alignment mode	aspf=r

   which can result in, for example, v=DMARC1;p=reject;pct=100;rua=mailto:postmaster@dmarcdomain.com (source)

9. Leave the default value for the TTL.
10. Click the Save button:
    

This guide explains how the Infomaniak Mail mobile app (for iOS/Android smartphones or tablets) works when you first open it after installation and during subsequent logins.

Start the setup assistant

When you first open the app, a step-by-step assistant suggests you choose the theme (pink or blue accent color) that you can also modify later:

It also shows you the main ergonomic features available with the app (long press, swipe).

In the final step, you can…

1. … create an account, that is, get a new free email address…
2. … or simply log in to your Infomaniak account with your usual credentials (your email address to log in to Infomaniak):
   

Multiple email addresses

Once logged in, after two-factor authentication (2FA) is completed, you still need to authorize access to your device's contacts and notifications:

You will then find all the email addresses already linked to Infomaniak Mail that you used to check on your web browser via the address ksuite.infomaniak.com/mail.

You can switch from one address to another…

1. … by tapping at the top left of your inbox:
   
2. … then on the chevron ‍ to the right of your displayed email address:
   
3. … then on the address to view:
   

To add another one, refer to this other guide.

To remove one, refer to this other guide.

Multiple Infomaniak accounts

Imagine that in addition to your personal Infomaniak account with your favorite email addresses linked, you get a login from your employer to a user account with different company email addresses within this professional account…

To add the additional Infomaniak account:

1. Tap at the top right of the inbox:
   
2. Press Add an account to log in to the desired Infomaniak user account:
   
3. Press the button to enter the Infomaniak account login information:
   
   
    

To easily switch from one user account to another:

1. Click on one or the other of the attached user accounts, and thus view the email addresses attached within these accounts:
   

To detach an attached Infomaniak account in the application and no longer be able to view the email addresses attached within this account, simply…

1. … go there one last time
2. … then press the user menu at the top right:
   
3. … to then log out at the bottom of the screen:
   

You will be automatically switched to one of the remaining accounts.

This guide for the Web app Mail Infomaniak (online service ksuite.infomaniak.com/mail) or the mobile app Infomaniak Mail (application for iOS / Android smartphone or tablet) explains how to enable encryption for emails sent from the Infomaniak Web and mobile services.

Preamble

• When encryption is enabled, emails and attachments are encrypted as soon as they are received on the Infomaniak servers, via the public keys of the senders and recipients.
  • Each email address generates a key at its first use, stored securely in the Infomaniak data centers.
• The keys are based on elliptic curve cryptography (ECC) and use the OpenPGP standard.
  • They are themselves encrypted in AES-256-GCM with automatic decryption via Infomaniak authentication.
• In search results, only the subject of encrypted messages will be visible, while their content will remain secure during storage.

Enable email encryption…

… from the Infomaniak Web Mail app

To automatically encrypt a message sent to an email address:

1. Click here  to access the Web app Mail Infomaniak (online service ksuite.infomaniak.com/mail).
2. Compose a new message as usual.
3. Click on the lock icon to the left of the Send button to enable encryption:
   
4. Confirm the action if a confirmation window appears.
5. The icon now represents a closed lock and the color of the whole is changed.
6. Press the Send button.

The action must be performed for each new send.

A. Recipient whose email is managed with Infomaniak

If the recipient of the encrypted email has an email address managed with Infomaniak, the encryption is done in a completely transparent manner for the sender as well as for the recipient. A mention will indicate the encryption of the message…

1. … in the recipient's inbox:
   
2. … when opening the received message:
   
3. … and in the folder of sent messages by the sender:
   

B. External recipient

If the recipient of the encrypted email has an email address managed outside of Infomaniak services, encryption is always possible, but it requires the definition of a password:

1. Click here to access the Infomaniak Mail app (online service ksuite.infomaniak.com/mail).
2. Write a new message as usual, but addressed to an email address outside of Infomaniak.
3. Click on the padlock icon to the left of the Send button to activate encryption.
4. A modal opens to allow you to create a password.
5. Enter a password and copy it to send it to the recipient by your own means (kPaste for example):
   
6. The icon now represents a closed padlock and you can send the email as usual.

The recipients will then receive a message informing them that an encrypted email is waiting for them:

By clicking on the provided button, they will be redirected to a secure web page where the password must be entered.

Once the password is validated, the encrypted message can be viewed on the same page valid for 30 days.

… from the Infomaniak Mail mobile app

To automatically encrypt a message sent to an email address:

1. Open the mobile app Infomaniak Mail (application for iOS / Android smartphone or tablet).
2. Compose a new message as usual.
3. Press the padlock icon at the bottom of the composition window to activate encryption:
   

A. Recipient whose email is managed with Infomaniak

If the recipient of the encrypted email has an email address managed by Infomaniak, encryption is done completely transparently for both the sender and the recipient:

1. Closed padlocks are displayed on the screen.
2. Press the send icon:
   

B. External recipient

If the recipient of the encrypted email has an email address managed outside of Infomaniak services, encryption is always possible, but it requires the definition of a password:

1. Sending will not be possible as the send icon will remain grayed out and symbols will appear on the padlocks:
   
2. Press the padlock icon.
3. A modal opens to allow you to create a password.
4. Leave the suggested password or enter a new password and copy it to send it by your own means (kPaste for example) to the recipient (you can agree on a password in advance so the recipient is already informed).
5. Click on the cross in the top left if you have finished managing the password.
6. There you go, the sending can now be done in an encrypted way:
   

This guide explains how to report spam or declare a false positive if spam messages slip through the cracks in an Infomaniak Mail Service, or conversely if a valid email has been inadvertently classified as spam; you can intervene in a few clicks.

Report spam

Prerequisites

• Check that the spam filter is active.

Next, to automatically move an email from your inbox that has evaded the anti-spam filter to the Spam folder:

1. Click here to access the Infomaniak Mail Web app (online service ksuite.infomaniak.com/mail).
2. Select the message in the inbox and then click on the Spam icon in the toolbar:
   
3. You can also open it and declare it as Spam later:
   
4. Another option: open it and click on the action menu ⋮ on the right:
   

Once you have clicked on Report as spam:

• The email is moved to the Spam folder (or to the manually defined folder)
• The sender's address is added to the blocked users list
• The filter is refined for better handling over time.

Declare a false positive

Conversely, if you act on an email falsely considered as spam (false positive) by clicking on the "This is not spam" icon:

• The email is moved to the inbox...
• The sender's address is added to the list of authorized users...
• This also affects the filter and its criteria.

This guide explains how to manage Soft Bounce & Hard Bounce errors that may occur when sending emails, particularly when using the Infomaniak Newsletter.

Hard Bounce

A hard bounce is an email that cannot be delivered for permanent reasons.

• email sent to a false address
• recipient's email domain that is not a real domain
• recipient's server that does not accept emails
• etc.

Soft Bounce

A soft bounce is an error message indicating that the email is not delivered to its recipient and corresponds to a presumably temporary delivery issue: the email address is valid, the sender can resend the email.

Several reasons can explain a soft bounce and therefore why the recipient's server temporarily refuses the email:

• the recipient's inbox is full: due to insufficient storage capacity, the recipient no longer receives messages
• there is a problem with the recipient's mail server: the server is temporarily unavailable or down, or the user has inadvertently set filters that prevent the receipt of certain messages
• when the content of the email, particularly its attachments, is too large, the delivery issue occurs at the time of sending

Unless the recipient has permanently abandoned their inbox without deleting their account, the soft bounce is a temporary issue.

Example of the Infomaniak Newsletter tool after a send with a good score of 0% "Permanent Bounces" and 0.31% "Temporary Bounces":

Also refer to this other guide.

This guide details the specific rules to follow when using a password containing the “dollar” character $ to send an email via the Infomaniak SMTP in a script (PowerShell, Python, etc.).

Preamble

• If you encounter an authentication error (e.g., auth failed, invalid login or password) when sending an email via SMTP, even though the password is correct and works in software like Outlook, the issue may be due to the handling of the $ character in your script or configuration file.
• To ensure reliable execution of your SMTP scripts, it is strongly recommended to avoid any special characters with syntactic meaning, particularly $, in passwords used in scripts and configuration files.
• The problem may also occur when connecting to databases.

Rules to follow

The character $ is a special symbol in many languages and environments. When used in a password in a script or configuration file, it may be mistakenly interpreted as a variable or control character.

Here are common cases where you should not use the character $ in a password:

• PowerShell: $ is used to declare variables. A password containing $ can cause syntax errors or be truncated.
• Bash / Shell (Linux): $ is also a variable prefix. It can trigger unexpected substitutions.
• YAML files (e.g., Home Assistant, GitHub Actions, Docker Compose): $ can be interpreted as an environment variable.
• Files .env, .ini, or other configuration files: the tools that read these files may attempt to interpret the variables.
• Commands or URLs with authentication: a password containing $ may be incorrectly encoded or fail during parsing.

To correct or prevent this type of error:

• Avoid using the character $ in passwords intended for use in scripts or automated systems.
• If you must use it, always properly enclose the password string according to the language:
  • In PowerShell: use single quotes 'password$Test' if possible.
  • In Python: ensure the string is properly enclosed in single or double quotes, without interpretation.
  • In Bash: escape the $ with a backslash \$.

This guide explains how to modify product access rights for a user in your Organization on the Infomaniak Manager.

Preamble

• Since you opened your account with Infomaniak, you are part of at least one Organization.
  • If you were alone and it was not an invitation, an Organization was created in your name and you automatically become the legal representative.
  • Otherwise, you belong to the Organization that invited you (to join its kSuite, to manage a product, etc.).
• It is possible to modify a user's role within your Organization.
• You can then define whether a user…
  • … is part of your Organization and should become:
    • Legal representative
    • Administrator
    • Collaborator (this is the part that is detailed below…)
  • … is external to your Organization (limited rights):
    • External users are not included in the sharing of calendars and address books for the entire Organization.

Who can access what…

Prerequisites

• Be Administrator or Legal representative within the Organization.
• Switch to the desired Organization first if you do not find the expected user list.
• Have added a user as a collaborator.

The guide below allows you to manage product access for collaborators and external users. Indeed, a legal representative or an Administrator already has access to all existing products within the Organization and visible on the Infomaniak Manager.

To modify the product access of an Organization user:

1. Click here to access user management on the Infomaniak Manager (need help?).
2. Click on the action menu ⋮ located to the right of the user concerned.
3. Click on Modify product access:
   
4. You can grant access to everything with maximum permissions in 1 click.
5. Otherwise, click on the product category to which you want to grant access.
   
6. Select the necessary product(s).
7. If you have selected multiple products, decide whether a future additional product should automatically be visible to the user (and with what type of permissions).
8. Click on the Save button:
   
9. Rights are granted immediately.
10. Click on the pencil icon ✎ to modify permissions:
    
11. Restart at step 5 if you need to grant access to multiple products.

Service usage / Service management

Be careful, on your product table, it is important to distinguish between access to products (type kDrive for example, within the kSuite) and access to product management:

It is possible to authorize a user to use kDrive (they will be able to create a PDF for example) without granting them a service management right for kDrive (they will not be able to change the offer, invite a new user, terminate, etc.).

Technical rights / Statistical rights

With certain services like kDrive, it is possible to give a collaborator TECHNICAL and/or STATISTICAL rights (adds access to the dashboard, share links, storage statistics, active users, connected devices, activity on kDrive):

Other services like domain names do not have a STATISTICAL section:

Certain specific services like ticketing allow for even more detailed rights to be granted:

Easier access: Work Teams

To facilitate the addition of access rights to a product that is on your Organization, there are Work Teams. These allow you to create groups that are linked to Infomaniak products with the desired rights, very practical for giving a new collaborator in your Organization access to the products they will need in their daily activities.

This guide explains which DKIM to add to secure Infomaniak messaging if it revolves around a domain name whose DNS is that of Cloudflare.

Preamble

• If you manage your emails at Infomaniak, as well as the associated domain name, but the DNS management is with Cloudflare, then you need to add the DKIM on the Cloudflare interface.

Add a DKIM on Cloudflare

Prerequisites

• Refer to this other guide to allow you to display the DKIM corresponding to your Infomaniak messaging.
• Display the DKIM to be able to copy-paste it. Example:
  

Follow the procedure below to correctly activate DKIM, thus improving the security and deliverability of emails for the domain in question:

1. Click here to access your Cloudflare account.
2. Select the domain in question.
3. In the DNS section, search for and delete any NS records for "_domainkey" pointing to Infomaniak.
4. Click on the Add a record (Add record) button to open the input form.
5. Fill in the fields using the data obtained from the Infomaniak Manager, respecting the standard configuration for a TXT type DKIM record:

Make sure the Proxy Status (cloud) is set to DNS Only (grayed out) for email authentication records.

This guide is for owners of a domain name on the Infomaniak infrastructure who encounter a DMARC issue when using certain Google tools such as Meet or Calendar.

Resolve a DMARC error

To make your domain name configuration (with a DMARC policy of type reject) compatible with the use of certain Google services, it is necessary to add a corresponding SPF record:

• Before: v=spf1 include:spf.infomaniak.ch -all
• After: v=spf1 include:spf.infomaniak.ch include:_spf.google.com -all

To edit the SPF currently configured in the DNS zone of your domain name:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned.
3. Click on DNS Zone in the left sidebar.
4. Click on the action menu ⋮ located to the right of the TXT type record containing the value of the SPF concerned.
5. Click on Modify:
   
6. Edit the field by adding on the same line include:_spf.google.com after the existing Infomaniak include, and this before the final -all.
7. Click on the Save button:
   

Refer to this Google documentation if you are looking for information on configuring Google's SPF.