This guide helps you understand the peculiarities that may arise in the display of emails when using different messaging applications and Infomaniak Mail apps.

Preamble

• It may happen that inconsistencies occur in the display of a list of emails contained in a folder (example: the Sent folder) and that the messages sorted and considered as the most recent by one device will not be the same as those displayed when using another tool. Sent Messages)

Understanding Unique Identifiers (UID)

UIDs (Unique Identifiers) are unique identifiers assigned to each message in an IMAP mailbox. They are used to uniquely identify each message, regardless of changes made to folders or messages themselves. UIDs are particularly useful for managing and synchronizing emails across multiple IMAP email software/clients:

• Each email is assigned a unique UID at the time of its creation in a mailbox; this UID never changes in principle as long as the email exists, even if its content or metadata is modified.
• UIDs are generally sequential, which means that more recent messages have higher UIDs in principle.
• When synchronizing emails, IMAP email software/clients can use UIDs to determine which messages are new, modified, or deleted since the last synchronization; this allows for efficient email management without having to download and compare all messages.
• Depending on the tool used, to display them in the order in which they were received, messages can be sorted by their reception date or by UID.

Not to be confused with:

• Message Sequence Number (used for temporary operations based on the current position of messages)...
• Message-ID (RFC 5322) (used to uniquely identify messages across different servers and email software/clients)...
• X-Message-Id (server-specific and used for internal tracking needs)...
• Thread-Index and Thread-Topic (used by Microsoft applications to track conversation threads)...
• GMail Unique Identifiers (used specifically by Gmail to manage messages and discussion threads)...

IMAP Applications and Infomaniak Mail App

The issue may appear in this form at the server command level:

758 - date.sent: 2017-10-11 23:15:26 (+0100)
757 - date.sent: 2017-10-11 15:00:55 (+0100)
756 - date.sent: 2017-10-11 14:39:28 (+0100)
(...)
742 - date.sent: 2018-01-17 00:40:21 (+0000)
741 - date.sent: 2018-01-17 00:30:33 (+0000)
740 - date.sent: 2018-01-17 00:26:07 (+0000)
(...)
51 - date.sent: 2022-10-07 16:39:16 (+0100)
50 - date.sent: 2023-06-13 10:15:00 (+0100)
49 - date.sent: 2023-06-07 12:11:35 (+0100)

Here, we see that emails from 2017 have a higher UID (758, 757, ...) than emails from 2023. UIDs must have been reassigned for some reason or another during the existence of this entire email account (moves, copies, imports, etc.).

Depending on how the messaging tool sorts emails, a message from 2017 may appear among recent messages while the message from 2018 is not loaded immediately. This is particularly true for the Mail Infomaniak app, which only loads a series of emails at a time based on the UID (this is subject to change).

Therefore, to resolve any inconsistencies, it is recommended to use an IMAP email software/client such as Thunderbird on a computer, which will allow you to quickly and efficiently sort all messages in a specific folder based on the email date, as the application will display all messages present on the Infomaniak server.

This guide helps you protect the reputation of your domain name, to maintain the trust of Internet users and service providers in your website or business, thereby facilitating the smooth operation of your email.

The web reputation

There are different types of reputation on the Internet, including personal reputation, corporate reputation, and domain reputation.

Domain reputation is essentially a score that determines how email systems decide what to let through to users' inboxes. Fundamentally, the reputation of your domain is a measure of the health and legitimacy of your domain. This reputation can be influenced by the security of your email and website.

For example, the reputation of a domain can decrease if…

• … the site visible at the domain address is hacked, leading to the mass sending of fraudulent emails,
• … the domain's email is exploited for the involuntary sending of spam.

If the reputation of your domain remains poor, your emails may be marked as spam and not reach their intended audience. This can harm email deliverability (see this other guide in English on this topic).

Improving domain reputation

By following these few tips, you can improve the reputation of your domain and, for example, boost all your email marketing efforts:

• Set up and verify SPF, DKIM, and DMARC records that help protect your domain from identity theft attacks.
• Check the reputation of your domain with tools such as Google Postmaster Tools, Sender Score, Microsoft SNDS, McAfee or Talos Intelligence and identify potential issues.
• Only send emails to users who have chosen to subscribe!
• Get trusted links or backlinks…

See this other guide about RBLs.

This guide explains how to connect the desktop app Apple Mail (desktop application on macOS) to an email address hosted by Infomaniak.

Preamble

• Your macOS computer will be automatically configured via configuration profiles .mobileconfig compatible with Apple, unlike a manual configuration.
• It is possible to remove a configuration profile once installed (scroll down to the bottom of this page for the explanations).
• The various services offered by Infomaniak are all compatible with the corresponding standard protocols (IMAP/SMTP for email, for example), therefore if you encounter a problem with third-party software, contact its publisher or a Partner and consult the support policy as well as article 11.9 of the Infomaniak Terms of Service.

Install a configuration profile

Prerequisites

• Create the email address within my kSuite or a Mail Service / kSuite.
• Check that the Mail Service is configured optimally.

You can download the profile from the device concerned or send it from another device (if you already have a working email address, for example):

1. Click here to access the Infomaniak configuration tool (online service https://config.infomaniak.com) — log in if necessary to your Infomaniak account on the Organization on which your email address is managed.
2. Choose to install the profile on this device.
3. Choose to synchronize emails.
4. Choose the email address to configure on Apple Mail (from those you have access to).
5. Create a new device:
   
6. Enter a descriptive name for the new device.
7. Click the button to Download the profile (you can also send it by email using the link on the right):
   
8. Once the file profile-applemail.mobileconfig is on your computer, double-click to open and run it.
9. Click OK:
   
10. Open the System Settings of the computer.
11. Click on Downloaded Profile in the sidebar, then double-click on the new profile to apply it:
    
    • If you have an older version of macOS or cannot find the profile, search for “profile” in the settings, or refer to the official documentation by changing the system version at the top of the page if necessary.
12. Click on Install…:
    
13. A password is then requested…
    1. either you know it because you have already created it in the Devices section of the Mail Service:
       
    2. or you can copy the new password found further down on the assistant page config.infomaniak.com opened earlier:
       
    3. Before the email password is displayed, your Infomaniak account password may be requested for security:
       
    4. Here it is, the randomly generated password is displayed, you just need to copy it:
       
14. Paste the password into the macOS window.
15. Click on Install to start the profile installation:
    
16. Your email address is now configured in the Apple Mail application, which you can open and check:
    

Delete an IMAP account

Refer to the chapter "Stop using an account" by changing the system version at the top of the page if necessary (note: do not delete a POP-configured account without saving your messages first).

Delete an Apple profile

Refer to the official documentation by changing the system version at the top of the page* if necessary.

*Why is it necessary to choose the guide version that exactly matches your macOS / iOS system version? Apple introduces changes, sometimes subtle, with each new system version, for example a path on iOS 15…

…becomes this on iOS 18…

This guide explains how to connect the Apple Mail mobile app on iOS to an email address hosted by Infomaniak.

Preamble

• Your iOS device will be automatically configured using Apple-compatible .mobileconfig configuration profiles unlike a manual configuration.
• It is possible to delete a configuration profile once installed (scroll to the bottom of this page for instructions).
• The various services offered by Infomaniak are all compatible with the corresponding standard protocols (IMAP/SMTP for email, for example), therefore if you encounter a problem with third-party software, contact its publisher or a Partner and consult the support policy as well as section 11.9 of the Infomaniak Terms of Service.

Install a configuration profile

Prerequisites

• Create the email address in my kSuite or a Mail Service / kSuite.
• Create a password for the email address on the device you are going to configure.
• Check that the Mail Service is configured optimally.

Download the profile from the relevant iOS device or send it from another device (if you already have a working email address, for example):

1. Click here to access the Infomaniak configuration tool (online service https://config.infomaniak.com) — log in if necessary to your Infomaniak account on the Organization where your email address is managed.
2. Choose to install the profile on this device:
   
3. Choose to synchronize emails:
   
4. Choose to synchronize another application than the Infomaniak Mail application:
   
5. Enter the password for the email address (attached to Mail Infomaniak (Webmail)) that you want to synchronize on iOS.
6. Press the blue Verify button:
   
7. Press to copy the validated password.
8. Download the configuration profile and authorize its opening:
   
9. Open the settings of the iOS device:
   
10. Press the recently downloaded profile:
    
11. Press Install:
    
12. Unlock your iOS device:
    
13. Press Install:
    
14. Paste the password of the previously verified email address (point 7 above).
15. Press Next:
    
16. There you go, your email address is now configured in the Apple Mail application that you can open and control:
    

Delete an Apple profile

Refer to the official documentation by changing the version of your system at the top of the page* if necessary.

*Why is it necessary to choose the guide version that exactly matches your macOS / iOS system version? Apple introduces changes, sometimes subtle, with each new version of its system, for example a path on iOS 15…

… becomes this on iOS 18…

 

This guide explains how to quickly create/obtain a password from an Infomaniak Mail Service when you need to access an Infomaniak email address on third-party software, such as Outlook or Thunderbird.

Preamble

1. When creating an email address, no password is defined:
   • An email address can be accessed on Infomaniak Mail apps without a password other than the one that already allows you to access your Infomaniak account.
   • You just need to authorize your account or invite a contact to be a user of the email address.
2. You then simply create specific passwords for each device (Outlook, iPhone, CRM, etc.) as needed:
   • You can create multiple passwords for the same email address without interrupting existing connections.
   • Each password can be revoked individually, without affecting other users or devices linked to this address.
   • A password is never displayed again after its creation; modify it or create a new one if necessary.

Generate an email address password

Prerequisites

• Order a Mail Service from Infomaniak.
• Create one or more addresses on this Mail Service.
• Be Administrator or Legal Representative within the Organization.

To add a password to the example address demonstration@example-domain.ch:

1. Enter the login credentials for your Infomaniak account and its password on the page https://manager.infomaniak.com/:
   
2. Validate the entry on the Manager with the 2FA (two-factor authentication) method defined initially:
   
3. Once on the dashboard, click on Mail Service:
   
4. Once on your Mail Services, click on the name/domain name to which the email address in question belongs:
   
5. Once on the Mail Service to which the address belongs, click on the email address in question:
   
6. Once on the email address in question, click on the Devices tab and then on Add a device:
   
7. At this stage, it may be necessary to re-enter the login password (the one at point B above):
   
8. Then choose to not specify a particular user ("Without user").
9. Enter a descriptive name that allows you to identify the reason why you created this device (here the user needs a password to be able to send emails from a site, and adds as useful information today's date):
   
10. There you go: the new password is displayed, you can change the characters (16 minimum) if necessary (be careful, it will not be possible to display it again later).
11. Save it at the bottom of the page to use it as you wish:
    

You clicked the “Finish” button (above “P”) without noting the password? No problem, modify or generate a new one!

1. Click on the action menu ⋮ located to the right of the device just created and click on Modify the password:
   
2. Click on the button on the far right of the field to generate a new random password and/or enter the secure characters you wish to use (16 minimum) for the new password, then click on the button to save the modification:
   
3. There you go, the password that replaces the old one is displayed permanently, you can enter it on your device(s) in place of the previous one (be careful, it will not be possible to display it again later).

Do you need a password for a secondary and temporary user? No problem, generate a second one!

1. Click on the button to Add an additional new device:
   
2. Then choose to not specify a particular user, and enter a name that allows you to identify the reason why you created this device (here the user needs a password for a one-week intern):
   
3. There you go, the password is displayed, you can use it for the purpose of your choice (be careful, it will not be possible to display it again later, however as before, it will of course be possible to modify it or generate a new one):
   

Alternative: create a password for a user

Rather than creating a password yourself and having to communicate it to the user at a later time, you can directly allow a user who does not have as many permissions as you to obtain the password for the device they need:

1. Add the new user (existing in the Organization or not) as described in this other guide:
   
2. Once the user is added, switch to the devices tab to add a new device:
   
3. If necessary, enter the password to log in to your Infomaniak account and then select the user created in step 1.
4. Click on the first option to send a setup assistant for the user's device.
5. Click on the Continue button:
   
6. Copy the invitation link valid for 30 days to send to the user.
7. If necessary, send the invitation to the user's email address:
   

In point 4 above, you can also choose to generate a password:

• The created password will be displayed, you can modify it one last time, copy it and keep it safe (password manager for example); it will no longer be able to be displayed afterwards.

Modify or remove an existing password

When access is no longer needed, revoke only the password concerned: other accesses to the email address remain active.

This guide explains how RBLs work, the questionable policy of some of them, and the ways to resolve a potential email block.

Preamble

• RBLs (Realtime Blackhole List) or DNSBL (DNS Black List) are lists containing addresses / IP / provider names / servers, known as major spam senders.
• These are often large generalized blacklists, allowing to spot messages considered as unwanted and those who send them, that some providers maintain (smtpcheck, uceprotect: non-exhaustive list)…

Adding the email address to the RBL

When an email address is identified as belonging to an unwanted sender, it is blocked to prevent the reception of unsolicited messages. A block in the RBL does not expire. Addresses will be listed indefinitely.

If you receive a message indicating that your email address is blocked by RBL, this means that the Infomaniak security system has detected suspicious or unwanted activities associated with this email address. This may include mass sending of unsolicited messages, participation in phishing campaigns or other malicious behaviors.

Resolving an email block (RBL)…

… if the error mentions your address and RBL

If you get errors of the type

anna.a@domain.xyz is rbl blacklisted - http://chk.me/rbl

when sending an email and you think it’s a false positive, contact Infomaniak support.

To avoid having your email address blocked by the RBL blocking system in the future, follow the best practices for using email:

1. Do not send unsolicited messages or mass messages to unknown recipients.
2. Regularly sort the list of recipients used.
3. Do not participate in phishing or cybercrime activities.
4. Ensure the best level of security where your emails are used:
   1. strong password
   2. up-to-date software
   3. up-to-date operating system (iOS, Android, Windows, macOS, etc.)
   4. up-to-date associated domain configuration

... if the error mentions an organization like Sorbs or Barracuda

If you get errors of the type

554 5.7.1 Client host blocked using sorbs

or similar:

1. Follow the procedure of the mentioned organization (e.g. http://www.barracudacentral.org) to get your address removed from the list.
2. Temporarily change your Internet service provider or connection method - WIFI vs 4G/5G - to send your messages.
3. Inform your correspondent and their email provider to take the necessary steps and/or to stop using an unreliable RBL.
4. Wait a few hours and try again.

Fewer and fewer professionals (ISP, hosts, etc.) use service providers like Backscatterer / UCEPROTECT which are primarily for profit, and there are many other very effective lists, such as ABUSIX or SPAMCOP, which are well-maintained and whose real goal is to fight spam, one of the priorities of Infomaniak.

This guide presents the security model that allows you to assign users to an email address or to dedicate a password different for each device or software that needs to access it.

Preamble

• Forget the time when a single, fragile password protected your mailbox:
  • Previously, changing your code was a headache: you had to update it on all your devices at the risk of blocking your accesses.
  • Now, you can create multiple passwords for the same email address without interrupting existing connections.
  • Each password can be revoked individually, without impacting other users or devices linked to this address.
• A password is never displayed again after its creation; modify it or create a new one if necessary.
  • If you change your phone, you only modify the access of this mobile; your other installations remain connected without interruption.
  • In case of loss of a device, you only revoke its specific password without affecting the others.
  • You keep control over who accesses what, without having to reveal your main password.

Add a device

= Add a password to read the address on a device (iPhone, Outlook, etc.)

To set a new email password:

• When creating an email address, no password is defined (as using the address on Infomaniak Mail apps does not require a password other than the one that already allows you to access your Infomaniak account).
• From the Mail Service, you then simply create specific passwords for each device (Outlook, iPhone, CRM, etc.) according to your needs.
• You can also manage devices from the Web Mail app directly.
• When access is no longer necessary, revoke the concerned password: other accesses to the email address remain active.

Add a user

= Allow viewing the address on Infomaniak Mail interfaces

To authorize a user (including yourself) to view the email address on Infomaniak:

• From the Mail Service, you add the address to your Infomaniak Mail apps or decide which external user should access the email address.
• When access is no longer necessary, still from your Mail Service, remove the user's access: other accesses to the email address remain active.

This guide concerns the notifications you can receive with the mobile app Infomaniak Mail (app for iOS / Android smartphone or tablet).

Be notified according to the specific email address

The mobile app Infomaniak Mail allows you to manage multiple email addresses and you can choose to receive notifications only for some of your email addresses and not others.

To access the notification settings of the application, refer to point C of this other guide.

Resolve an issue…

… on iOS

Check in the settings of the mobile app Infomaniak Mail that notifications are enabled for the email address in question:

… on Android

On Android devices, particularly Samsung with One UI 6.1 and above, the system settings screen for notifications no longer allows you to specify by default which of your email addresses should trigger a notification:

The solution is to enable, from the main page of Android notifications, by clicking on “Advanced settings” at the bottom of the window…

… the option “Manage notification categories for each application”:

Then go back to the notification page of the Infomaniak app and you can tap on “Notification categories”…

… to find the specific notification choice by email address:

Receive all notifications

If you have authorized the application's notifications on your mobile device, you will receive a notification for each new message that arrives.

Resolve an issue…

If you see a new message arriving in your inbox, but this one has not triggered any notification on your device, there may be several reasons.

1. Start by opening the application to make sure it is working, update it if necessary.
2. Open another application or turn off the device screen (if the Infomaniak Mail app is open, in the foreground, screen on, the device may not emit any notification).
3. Send a new test message to your email address to trigger a notification.
4. Is the test message in the inbox? Indeed, a message going to spam or another folder may not trigger any notification.

… on Android

1. Have you waited for several dozen minutes? Indeed, fast notifications (push type) require going through a Google service to work, but some devices that do not go through Google services (such as Fairphone), notifications can arrive at much longer intervals.

This guide explains how to manage users of an existing email address.

Prerequisites

• Order a Mail Service from Infomaniak.
• Create one or more addresses on this Mail Service.
• Be Administrator or Legal Representative within the Organization.

Managing and removing a user

The current model for managing mail access allows each user of an Organization to connect independently and securely to the same email address, without sharing a global password.

In the case of one or more existing users already in the Organization, the added email address can automatically be added to their Infomaniak Mail interface.

If a user should no longer have access to an email address and its content, simply remove them from the interface, but there are 2 possibilities:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned.
3. Click on the email address concerned in the table that appears:
   
4. On the table of users currently accessing the concerned address, click on the action menu ⋮ to the right of the concerned user.
5. Choose whether you want to disconnect all of the user's devices: they will no longer have access to the email address on messaging software/clients but will continue to have access to the address on the Infomaniak app (Web, mobile…).
6. You can choose to remove all of their access to the address, and they will never be able to access it again.
    

If you know that the user is using messaging software/client (but not listed among the users) you can also revoke a specific device without affecting other accesses/passwords/users.

This guide presents, in the same way as adding devices (email passwords), the methods to allow a user (friend, colleague, client, family member, etc.) to view and use an email address created within an Infomaniak Mail Service, on the Infomaniak Web App Mail (online service ksuite.infomaniak.com/mail).

Preamble

• Refer to this other guide if you wish to access it yourself, with your own user account.
• No password should be transmitted to the user you are inviting.
• The email address will be automatically added to the Infomaniak Mail interface of the user, after accepting the invitation.
• If the email address in question is used as a login identifier for an Infomaniak account, it cannot be shared for security reasons.

Invite to use the email from the Mail Service

To allow an already active user to access the email address you wish to share:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question.
3. Click on the email address concerned in the table that appears:
   
4. Click on Add above the table of users currently accessing the email in question on Mail:
   
5. Enter the password to log in to your Infomaniak account if prompted.
6. Choose (a) one of the users existing within your Organization or (b) an external user to the Organization:
   

Choice [ a ]: existing user in the Organization

When the third party who needs to access the email is already part of the Organization, it's a breeze:

1. The email address in question will be automatically visible and accessible to the selected user on the Infomaniak Web App Mail (online service ksuite.infomaniak.com/mail) with the specified permissions.
2. Click the button to Add the user:
   
3. After adding, it is always possible to restrict the user by clicking on the icons corresponding to the permissions…
4. … or even revoke their access to the email address:
   

The user in question has access to the email address concerned:

Choice [ b ]: external user to the Organization

If the third party is not at all attached to the Organization, either because they do not yet know Infomaniak, or because they have their own Organization on their side:

1. Click on the radio button to select the choice of new user.
2. Click to configure the user's rights:
   
3. Modify, if necessary, the permissions granted to the user for the email address concerned.
4. Save the changes:
   
5. Click on the button to Add the user:
   
6. The invitation is created (in the form of a URL type https://welcome.infomaniak.com/iw/abcdef-12345..…) and the user will just have to execute the link (see below) for the email address concerned to be added to their Infomaniak Mail.
7. It is possible to send the invitation by email:
   
8. The invitation is visible under the email address user tab, and it is possible to delete it at any time:
   

If the third party already uses the Infomaniak Web Mail app…

The user (third party) executes the invitation link while being logged into their Infomaniak account…

1. …or if they log into their account after executing the invitation link:
   
2. If necessary, the user can still switch accounts before attaching the address if necessary:
   
3. The user in question has access to the email address concerned once they have chosen which Organization:
   

If the third party does not yet use Infomaniak…

After executing the received invitation link and indicating their email address, the third party will be invited to create an Infomaniak account:

1. They will need to provide their details and create a password to log into their Infomaniak account:
   
2. They will need to provide a phone number and accept the general terms and conditions:
   
3. They will need to add a two-factor authentication (2FA) method to secure access to their Infomaniak account:
   
4. Once the 2FA method is added, that's it: the user is redirected to the Infomaniak Mail web app, which will display the email address to which the invitation link referred:
   

Invite to use email from the Infomaniak Mail web app

To access the same process as above but from the Infomaniak Mail web app (online service ksuite.infomaniak.com/mail):

1. Click here to access the Infomaniak Mail web app (online service ksuite.infomaniak.com/mail).
2. Click on the action menu ⋮ to the right of the email address concerned.
3. Click on the Settings of the email address:
   
4. Click on Invite a user:
   
5. Enter the password to log in to your Infomaniak account if prompted.
6. Modify, if necessary, the permissions granted to the user for the email address concerned and click on Next:
   
7. The invitation is created and the user will only need to execute the proposed link for the address in question to be added to their Infomaniak Mail.
8. It is possible to send the invitation by email:
   

In case of a problem

If the Invite button is not visible or remains grayed out, check that:

• your user account has sufficient permissions to administer the product in question
• the email address concerned does not yet exist as a login identifier for an Infomaniak Organization
• the table under the button does not mention a user listed with an email address identical to the email address concerned

Example: you want to invite someone to view the address anna.a@domain.xyz but the button is grayed out because a user anna.a@domain.xyz appears in the table.

Solution: to be able to invite a new user to view the address concerned, refer to this other guide.

If a message indicates that it is not possible to proceed for security reasons, refer to this other guide.

If the user cannot access the address

When a user is added, the email address is automatically added to their Infomaniak Mail apps:

It can switch between its addresses at any time via the dropdown arrow located at the top left of the screen:

To achieve this, it is sometimes necessary to first choose to display, from the upper left part, all Organizations:

If the address on which the invitation depends is still not displayed, try to refresh the browser page (Command ⌘ + R on macOS and Ctrl + F5 on Windows).

This guide is about the DMARC policy and the optional security reports sent by email that can be activated or deactivated upon request.

Optional DMARC reports

The DMARC reports are optional and provide the following information:

1. Third-party senders or servers that send emails on behalf of your domain.
2. The percentage of messages from your domain that successfully pass the DMARC verification process.
3. The servers or services that send emails failing DMARC verifications.
4. The DMARC actions performed by the receiving server for unauthenticated messages from your domain (none, quarantine, or reject).

When the reports indicate that most emails successfully pass DMARC verifications, it is recommended to strengthen your DMARC settings by enforcing stricter measures. This will enhance the protection of your domain against spoofing.

The written report is delivered as a ZIP archive containing the report in XML format. It is sent by email to the address you specify in the configuration, and will come from dmarc@infomaniak.com or other providers such as Microsoft, Google, Yahoo, etc.:

It is also possible to receive copies of problematic emails.

Analyzing a DMARC report

Infomaniak is neither able to analyze your potential DMARC reports and records, nor able to comment on the validity or compliance of these, as this is entirely your responsibility.

It is recommended to use an external service to analyze a DMARC report, such as https://dmarcadvisor.com/dmarc-analyzer/.

Deactivating a DMARC report…

… from a Mail Service

To deactivate the sending of a DMARC report if you still have a Mail Service (otherwise, see below):

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned.
3. Click on Global Security in the left sidebar.
4. Click on Edit (in the DMARC section).
5. Remove the registered addresses and validate at the bottom of the page to Apply the changes:
   

... from the DNS zone of a domain

If the Mail Service is no longer in use but you continue to receive email reports, you need to act directly on the domain name and delete the dmarc record from its DNS zone (or simply edit it to completely remove the 2 tags rua and ruf):

The difference between RUA and RUF

It is important to understand what you are disabling by removing ruf:

• RUA (Aggregate): a daily summary (explained above); it provides statistics: "Yesterday, 50 emails were successful, 10 failed."
• RUF (Forensic/Failure): an email sent instantly as soon as a single message fails the DMARC tests; it often contains the original content of the email (subject, body).

This guide presents, in the same way as adding devices (email passwords), the methods to allow you (you, with your Infomaniak account login credentials) to view and use an email address that you have created within an Email Service Infomaniak, on the Infomaniak Web App Mail (online service ksuite.infomaniak.com/mail).

Preamble

• Refer to this other guide to invite another user besides yourself.
• No password is required.
• The email address will be automatically added to the Infomaniak Mail interface.

Accessing your own email address

To use the existing email address demonstration@exemple-domaine.ch:

1. Enter your login credentials for your Infomaniak account and your password on the page https://manager.infomaniak.com/:
   
2. Validate the entry on the Manager with the 2FA method (two-factor authentication) initially defined:
   
3. Once on the dashboard, click on Email Service:
   
4. Once on your Email Services, click on the name / domain name to which the email address in question belongs:
   
5. Once on the Email Service to which the address belongs, click on the email address in question:
   
6. Once on the email address in question, click the Add button to add a user:
   
7. At this stage, it may be necessary to re-enter the login password (the one from point B above):
   
8. Then choose the option to add an existing user, and click on the field below, which displays the list of users in the Organization to which you are connected, and click on your user (your Infomaniak account login credentials). Validate the addition with the button at the bottom right:
   
9. It's done, your own user has been added:
   
10. Then click on the icon at the top of the screen to open the kSuite tools and click on the Infomaniak Web App Mail:
    
11. The email address has been successfully added to the Web App Mail (click if necessary on the chevron to expand the address menu and access it). An informational email has been sent to the user (you, in this case) to notify of the operation:
    

When your identifier is added as a user with access to the email address, the mailbox is automatically added to your Infomaniak Mail apps:

You can switch between your addresses at any time via the chevron located at the top left of the screen:

To achieve this, it may be necessary to first choose to display, from the top left, all Organizations:

If the address still does not appear, try to refresh the browser page (Command ⌘ + R on macOS and Ctrl + F5 on Windows).

This guide explains how to set up a DMARC policy for your email hosted by Infomaniak, an essential element to prevent potential delivery issues.

Preamble

• The DMARC (Domain-based Message Authentication, Reporting, and Conformance) protocol enhances the security of your domain by relying on SPF and DKIM checks.
• It instructs recipient servers on how to handle emails that fail these authenticity tests, with three protection policies (None, Quarantine, Reject) detailed below.
• In case of authentication failure, the recipient can send you a DMARC report; this data is essential to identify configuration errors or stop phishing attempts using your domain name.

DMARC Policy and Acceptance Percentage

For the instructions that can be given to recipient servers when a suspicious message is detected, 3 policies (p = policy) exist and can be refined with a percentage (pct):

None (none): The email is delivered normally (observation mode)

With "p=none", no email is rejected or quarantined based on the DMARC verification. However, the reception percentage can be used to collect data on unauthenticated emails, indicating how many of these emails should be subject to the DMARC policy. E.g., "p=none; pct=10" means that 10% of unauthenticated emails will be subject to the DMARC policy, while the remaining 90% will be accepted.

Quarantine (quarantine): The email is sent to spam

With "p=quarantine", unauthenticated emails can be quarantined, but the reception percentage determines the proportion actually subject to this policy. E.g., "p=quarantine; pct=50" means that 50% of unauthenticated emails will be quarantined, while the remaining 50% will be accepted.

Reject (reject): The email is purely and simply blocked/deleted

With "p=reject", unauthenticated emails are rejected. The reception percentage determines the proportion of unauthenticated emails that will actually be rejected. For example, "p=reject; pct=20" means that 20% of unauthenticated emails will be rejected, while the remaining 80% will be accepted.

Create a DMARC Record

There are 2 ways to manage DMARC.

If you have a Mail Service with Infomaniak, the simplest way is to go to the Global Security tool to manage your DMARC security policy and reports:

However, since the DMARC record is a type of DNS record, usually of type TXT, you can also manage it from the DNS zone of the domain name:

1. Click here to access the management of your domain on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the domain in question.
3. Click on DNS Zone in the left sidebar menu.
4. Click the button to add a record:
   
5. Click the radio button DMARC to add a record.
6. Click the Next button:
   
7. Leave (or add if necessary) the value _dmarc in the Source field.

8. The Target field must contain the parameters you wish to use, separated by ;:

   Tag Name	Purpose	Example
   v	Protocol version	v=DMARC1
   pct	Percentage of messages subjected to filtering	pct=20
   ruf	URI for forensic reports	ruf=mailto:authfail@domain.xyz
   rua	URI for aggregate reports	rua=mailto:aggrep@domain.xyz
   p	Policy for the organizational domain	p=quarantine
   sp	Policy for the subdomains of the organizational domain	sp=reject
   adkim	DKIM alignment mode	adkim=s
   aspf	SPF alignment mode	aspf=r

   which can result in, for example, v=DMARC1;p=reject;pct=100;rua=mailto:postmaster@dmarcdomain.com (source)

9. Leave the default value for the TTL.
10. Click the Save button:
    

This guide explains how the Infomaniak Mail mobile app (for iOS/Android smartphones or tablets) works when you first open it after installation and during subsequent logins.

Start the setup assistant

When you first open the app, a step-by-step assistant suggests you choose the theme (pink or blue accent color) that you can also modify later:

It also shows you the main ergonomic features available with the app (long press, swipe).

In the final step, you can…

1. … create an account, that is, get a new free email address…
2. … or simply log in to your Infomaniak account with your usual credentials (your email address to log in to Infomaniak):
   

Multiple email addresses

Once logged in, after two-factor authentication (2FA) is completed, you still need to authorize access to your device's contacts and notifications:

You will then find all the email addresses already linked to Infomaniak Mail that you used to check on your web browser via the address ksuite.infomaniak.com/mail.

You can switch from one address to another…

1. … by tapping at the top left of your inbox:
   
2. … then on the chevron ‍ to the right of your displayed email address:
   
3. … then on the address to view:
   

To add another one, refer to this other guide.

To remove one, refer to this other guide.

Multiple Infomaniak accounts

Imagine that in addition to your personal Infomaniak account with your favorite email addresses linked, you get a login from your employer to a user account with different company email addresses within this professional account…

To add the additional Infomaniak account:

1. Tap at the top right of the inbox:
   
2. Press Add an account to log in to the desired Infomaniak user account:
   
3. Press the button to enter the Infomaniak account login information:
   
   
    

To easily switch from one user account to another:

1. Click on one or the other of the attached user accounts, and thus view the email addresses attached within these accounts:
   

To detach an attached Infomaniak account in the application and no longer be able to view the email addresses attached within this account, simply…

1. … go there one last time
2. … then press the user menu at the top right:
   
3. … to then log out at the bottom of the screen:
   

You will be automatically switched to one of the remaining accounts.

This guide for the Web app Mail Infomaniak (online service ksuite.infomaniak.com/mail) or the mobile app Infomaniak Mail (application for iOS/Android smartphone or tablet) explains how to activate encryption for emails sent from Infomaniak Web and mobile services.

Preamble

• When encryption is activated, emails and attachments are encrypted as soon as they are received on Infomaniak servers, via the public keys of senders and recipients.
  • Each email address generates a key upon its first use, securely stored in Infomaniak datacenters.
• The keys are based on elliptic curve cryptography (ECC) and use the OpenPGP standard.
  • They are themselves encrypted in AES-256-GCM with automatic decryption via Infomaniak authentication.
• In search results, only the subject of encrypted messages will be visible, while their content will remain secure during storage.

Activate email encryption…

…from the Infomaniak Web Mail app

To automatically encrypt a message sent to an email address:

1. Click here to access the Web app Mail Infomaniak (online service ksuite.infomaniak.com/mail).
2. Compose a new message as usual.
3. Click on the padlock icon to the left of the Send button to activate encryption:
   
4. Confirm the action if a confirmation window appears.
5. The icon now represents a closed padlock and the color of the whole is changed:
   
6. Press the Send button.

The action must be performed for each new send.

A. Recipient whose email is managed with Infomaniak

If the recipient of the encrypted email has an email address managed with Infomaniak, encryption is done in a completely transparent manner for both the sender and the recipient. A note will indicate the encryption of the message…

1. …in the recipient's inbox:
   
2. … when opening the received message:
   
3. ... and in the sender's sent folder:
   

B. External recipient

If the recipient of the encrypted email has an email address managed outside of Infomaniak services, encryption is still possible, but it requires setting a password:

1. Click here to access the Infomaniak Mail app (online service ksuite.infomaniak.com/mail).
2. Compose a new message as usual, but addressed to an email address outside of Infomaniak.
3. Click on the lock icon to the left of the Send button to enable encryption.
4. A modal opens to allow you to create a password:
   
   • Enter a password and copy it to send it by your own means (kPaste for example) to the recipient (you can agree on a password in advance so the recipient is already informed):
     
5. The icon now represents a closed lock without an orange chip, and you can send the email as usual:
   
6. Recipients will then receive a message notifying them that an encrypted email is waiting for them:
   
   1. By clicking on the provided button, they will be redirected to a secure web page where the password must be entered.
   2. Once the password is validated, the encrypted message can be viewed on the same page valid for 30 days.

... from the Infomaniak Mail mobile app

To automatically encrypt a message sent to an email address:

1. Open the Infomaniak Mail mobile app (app for iOS/Android smartphone or tablet).
2. Compose a new message as usual.
3. Press the lock icon at the bottom of the composition window to enable encryption:
   

A. Recipient whose email is managed with Infomaniak

If the recipient of the encrypted email has an email address managed by Infomaniak, encryption is done completely transparently for both the sender and the recipient:

1. Closed locks are displayed on the screen.
2. Press the send icon:
   

B. External recipient

If the recipient of the encrypted email has an email address managed outside of Infomaniak services, encryption is still possible, but it requires setting a password:

1. . Sending will not be possible as the send icon will remain grayed out and symbols will appear on the locks:
   
2. Press the lock icon.
3. A modal opens to allow you to create a password.
4. Leave the suggested password or enter a new password and copy it to send it by your own means (kPaste for example) to the recipient (you can agree on a password in advance so the recipient is already informed).
5. Press the cross in the top left corner if you have finished managing the password.
6. Here we go, the sending can now be done in an encrypted way:
   

This guide explains how to report spam or declare a false positive if spam messages slip through the cracks in an Infomaniak Mail Service, or conversely if a valid email has been inadvertently classified as spam; you can intervene in a few clicks.

Report spam

Prerequisites

• Check that the spam filter is active.

Next, to automatically move an email from your inbox that has evaded the anti-spam filter to the Spam folder:

1. Click here to access the Infomaniak Mail Web app (online service ksuite.infomaniak.com/mail).
2. Select the message in the inbox and then click on the Spam icon in the toolbar:
   
3. You can also open it and declare it as Spam later:
   
4. Another option: open it and click on the action menu ⋮ on the right:
   

Once you have clicked on Report as spam:

• The email is moved to the Spam folder (or to the manually defined folder)
• The sender's address is added to the blocked users list
• The filter is refined for better handling over time.

Declare a false positive

Conversely, if you act on an email falsely considered as spam (false positive) by clicking on the "This is not spam" icon:

• The email is moved to the inbox...
• The sender's address is added to the list of authorized users...
• This also affects the filter and its criteria.

This guide explains how to manage Soft Bounce & Hard Bounce errors that may occur when sending emails, particularly when using the Infomaniak Newsletter.

Hard Bounce

A hard bounce is an email that cannot be delivered for permanent reasons.

• email sent to a false address
• recipient's email domain that is not a real domain
• recipient's server that does not accept emails
• etc.

Soft Bounce

A soft bounce is an error message indicating that the email is not delivered to its recipient and corresponds to a presumably temporary delivery issue: the email address is valid, the sender can resend the email.

Several reasons can explain a soft bounce and therefore why the recipient's server temporarily refuses the email:

• the recipient's inbox is full: due to insufficient storage capacity, the recipient no longer receives messages
• there is a problem with the recipient's mail server: the server is temporarily unavailable or down, or the user has inadvertently set filters that prevent the receipt of certain messages
• when the content of the email, particularly its attachments, is too large, the delivery issue occurs at the time of sending

Unless the recipient has permanently abandoned their inbox without deleting their account, the soft bounce is a temporary issue.

Example of the Infomaniak Newsletter tool after a send with a good score of 0% "Permanent Bounces" and 0.31% "Temporary Bounces":

Also refer to this other guide.

This guide details the specific rules to follow when using a password containing the “dollar” character $ to send an email via the Infomaniak SMTP in a script (PowerShell, Python, etc.).

Preamble

• If you encounter an authentication error (e.g., auth failed, invalid login or password) when sending an email via SMTP, even though the password is correct and works in software like Outlook, the issue may be due to the handling of the $ character in your script or configuration file.
• To ensure reliable execution of your SMTP scripts, it is strongly recommended to avoid any special characters with syntactic meaning, particularly $, in passwords used in scripts and configuration files.
• The problem may also occur when connecting to databases.

Rules to follow

The character $ is a special symbol in many languages and environments. When used in a password in a script or configuration file, it may be mistakenly interpreted as a variable or control character.

Here are common cases where you should not use the character $ in a password:

• PowerShell: $ is used to declare variables. A password containing $ can cause syntax errors or be truncated.
• Bash / Shell (Linux): $ is also a variable prefix. It can trigger unexpected substitutions.
• YAML files (e.g., Home Assistant, GitHub Actions, Docker Compose): $ can be interpreted as an environment variable.
• Files .env, .ini, or other configuration files: the tools that read these files may attempt to interpret the variables.
• Commands or URLs with authentication: a password containing $ may be incorrectly encoded or fail during parsing.

To correct or prevent this type of error:

• Avoid using the character $ in passwords intended for use in scripts or automated systems.
• If you must use it, always properly enclose the password string according to the language:
  • In PowerShell: use single quotes 'password$Test' if possible.
  • In Python: ensure the string is properly enclosed in single or double quotes, without interpretation.
  • In Bash: escape the $ with a backslash \$.

This guide explains how to modify access rights to products for a user in your Organization on the Infomaniak Manager.

Preamble

• Since you opened your account with Infomaniak, you are part of at least one Organization.
  • If you were alone and it was not an invitation, an Organization was created in your name and you automatically become the legal representative.
  • Otherwise, you belong to the Organization that invited you (to join its kSuite, to manage a product, etc.).
• It is possible to modify a user's role within your Organization.
• You can then define whether a user…
  • … is part of your Organization and should become:
    • Legal representative
    • Administrator
    • Collaborator (this is the part that is detailed below…)
  • … is external to your Organization (limited rights):
    • External users are not included in the sharing of calendars and address books for the entire Organization.

Who can access what…

Prerequisites

• Switch beforehand to the desired Organization if you do not find the expected list of users.
• Be Administrator or Legal representative within the Organization.
• Have added a user as a collaborator.

The guide below allows you to manage access to products for collaborators and external users. Indeed, a legal representative or an Administrator already has access to all existing products within the Organization and visible on the Infomaniak Manager.

To modify the product access of an Organization user:

1. Click here to access user management on the Infomaniak Manager (need help?).
2. Click on the action menu ⋮ located to the right of the user concerned.
3. Click on Modify product access:
   
4. You can grant access to everything with maximum permissions in 1 click.
5. Otherwise, click on the product category to which you want to grant access.
   
6. Select the necessary product(s).
7. If you have selected multiple products, decide whether a future additional product should automatically be visible to the user (and with what type of permissions).
8. Click the Save button:
   
9. Rights are granted immediately.
10. Click the pencil icon ✎ to modify permissions:
    
11. Restart at step 5 if you need to grant access to multiple products.

Service usage / Service management

Be careful, on your product table, it is important to distinguish between product access (type kDrive for example, within the kSuite) and product management access:

It is possible to authorize a user to use kDrive (they will be able to create a PDF for example) without granting them kDrive service management rights (they will not be able to change the offer, invite a new user, terminate, etc.).

Technical rights / Statistical rights

With certain services like kDrive, it is possible to give a collaborator TECHNICAL and/or STATISTICAL rights (adds access to the dashboard, share links, storage statistics, active users, connected devices, activity on kDrive):

Other services like domain names do not have a STATISTICAL section:

Certain specific services like ticketing allow granting even more detailed rights:

Easier access: Work Teams

To facilitate the addition of access rights to a product that is on your Organization, there are Work Teams. These allow you to create groups that are linked to Infomaniak products with the desired rights, very practical for giving a new collaborator in your Organization access to the products they will need in their daily activities.

This guide explains which DKIM to add to secure Infomaniak messaging if it revolves around a domain name whose DNS is that of Cloudflare.

Preamble

• If you manage your emails at Infomaniak, as well as the associated domain name, but the DNS management is with Cloudflare, then you need to add the DKIM on the Cloudflare interface.

Add a DKIM on Cloudflare

Prerequisites

• Refer to this other guide to allow you to display the DKIM corresponding to your Infomaniak messaging.
• Display the DKIM to be able to copy-paste it. Example:
  

Follow the procedure below to correctly activate DKIM, thus improving the security and deliverability of emails for the domain in question:

1. Click here to access your Cloudflare account.
2. Select the domain in question.
3. In the DNS section, search for and delete any NS records for "_domainkey" pointing to Infomaniak.
4. Click on the Add a record (Add record) button to open the input form.
5. Fill in the fields using the data obtained from the Infomaniak Manager, respecting the standard configuration for a TXT type DKIM record:

Make sure the Proxy Status (cloud) is set to DNS Only (grayed out) for email authentication records.