This guide introduces the Global Security tool, which allows you to verify that the relationships between a domain name and an Infomaniak Mail Service are optimal in terms of security. This involves checking the SPF / DKIM / DMARC records, and the Global Security tool allows you to intervene in the configuration if necessary.

Access the Global Security diagnostic tool

To access Global Security:

1. Click here to access the management of your Mail Service on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant Mail Service:
   
3. Click on Global Security in the left sidebar:
   

Verify the optimal functioning of email

Once you have arrived at Global Security, familiarize yourself with and verify the three security mechanisms inherent to emails: SPF, DKIM, and DMARC policy. These indications should be displayed in green:

Click on Edit or Create to configure SPF, DKIM, and DMARC according to the recommendations below to secure your Mail Service against potential identity theft:

SPF (Sender Policy Framework)

SPF (click here to configure) allows the owner of a domain name to specify which servers are authorized to send emails on behalf of that domain. This helps to reduce the risk of spam and phishing, as the recipient's mail server can verify if the sender is authorized by consulting the sender domain's DNS records:

Under these conditions and in case of a detected problem, you will find a Correct button that will allow you to automatically update your SPF.

If correcting one or the other of the mentioned issues is not possible, it is because it must be done on the configuration set up by the owner or technician of the sender's domain name.

If your domain name points to Wix or another provider, the SPF must be configured with the relevant provider.

DKIM (Domain Keys Identified Mail)

DKIM (click here to configure) is a protocol that allows emails to be signed when they are sent.

When your domain name (or its DNS zone) is managed elsewhere, you will find in this section Global Security > DKIM the DKIM record to add in the DNS zone:

You can configure multiple DKIM records on your domain without a fixed limit, unlike DMARC or SPF, which is crucial if you use multiple third-party email providers for your daily communications.

DMARC (Domain-based Message Authentication, Reporting, and Conformance)

DMARC (click here to configure) allows you to indicate to other mail servers (the email providers of the contacts to whom you send an email) the policy to follow in case of receipt of a "suspicious" email (e.g., not authenticated) from your mail server (hosted by Infomaniak). Additionally, you can be notified of the "incident" by a summary message (called a "DMARC report") providing information on the recent activity of your email related to the domain name.

DMARC requires a valid SPF and DKIM. A wizard allows you to configure DMARC according to Infomaniak recommendations in simple mode or entirely as you wish in advanced mode (this expert mode allows you to enter the record of your choice):
The corresponding necessary entries (type TXT) will then be automatically applied in the DNS zone of the concerned domain name (if administratively possible - domain managed in the same Organization, for example).

To verify the records within your DNS, you can also use an external and free service like the one mentioned at the bottom of this other guide.

Refer to this other guide if you are looking for information on the fourth point of the Overall Security page.

This guide concerns the Discussion List service, which is only offered to Infomaniak users who have activated it in the past and for whom a tool migration was performed in early 2025.

Preamble

• The discussion list service differs from classic messaging or a newsletter service by unique features:
  • Allow users to subscribe to a “subscription” via a simple registration form, the code for which is provided.
  • Allow one or more designated moderator users to accept or reject registrations, send messages to subscribers, and then moderate member responses before publication.
  • Allow users to contribute to the discussion by replying to a single address that redistributes incoming messages to other members automatically.
  • Provide a simple and GDPR-compliant unsubscription option.
• Refer to this other guide regarding the service limits.

Access the discussion list

If the discussion list service has been activated in the past, it is accessible within your Mail Service:

1. Click here to access the management of your Mail Service on the Infomaniak Manager (need help?).
2. Click directly on the domain name assigned to the product concerned.
3. Click on Discussion List in the left sidebar:
   

Creation and configuration of the discussion list

To create a new discussion list:

• Click the Start button …
  
• … or on the button above your existing lists:
  

Otherwise:

1. Edit an existing list by clicking on its name:
   
2. Click on its tab Configuration:
   

The parameters necessary for the proper functioning of the system are as follows:

1. A discussion list revolves around an email address that should not yet exist on the Mail Service of the domain in question (and which cannot be created on it, nor modified thereafter).
2. You can give a name to the list to identify it more easily if you have several or if the email address is not sufficiently explicit.
3. You can also add an additional description.
4. You need to determine the email address(es) that will be moderators (= highest permission on the list).
5. You can define a language for your mailing list.
6. The configuration of “who can subscribe to the list” is important:
   • It is possible to specify that the user will have to confirm their subscription themselves (in addition to a moderator).
7. The configuration of “who can write to the list” is just as important:
   • You can use the service as a one-way tool, such as information dissemination, or as a multi-way tool, such as information exchange, discussion including with non-members (with moderation)...

8. Click on Advanced Options.
   
   

9. It is possible to configure whether responses should be addressed…
   • … to the sender with the source email address visible
   • … to the list (everyone receives) with the source email address visible
   • … to the list as coming from the list's email address itself
10. Allows you to limit the size of emails sent via the discussion list (especially in case of attachment).
11. Allows you to customize a message that will be automatically sent to an email address when subscribing to the list.
12. Allows you to customize a message that will be automatically sent to an email address when unsubscribing from the list.
13. Click the button to save.

Subscription (depending on the settings of point 6 above)

• The subscribers can subscribe by sending a message to the email address in the form list-name-join@list-domain.
• They can also be subscribed manually by the moderator via the interface and in this case, they receive a notification email whose content can be customized.
• If the subscription made by a subscriber must be validated by a moderator, the latter receives an email:
  • The moderator approves the request by clicking on the “mailto:” type link which generates a new message that can be sent to the email address in the form list-name-request@list-domain with the subject accept subscriber-email and in the body of the message the line Approved: list-password, possibly adding a line stop to avoid the execution of other scripts, e.g. in the case where there is a signature.
• If the subscription made by a subscriber must be validated by the subscriber himself, the latter receives an email to which he must reply (by clicking on the link to create a new reply email and pre-filled):
  
  • And in this case, the moderator receives the request in a second step, after validation by the subscriber, and must respond to it to validate the subscription (the simplest is always to click on the link):
    

Unsubscription

• The subscribers can unsubscribe by sending a message to the email address in the form list-name-leave@list-domain.
• When unsubscribing, a confirmation request message is sent to the user.
  • The user approves the request (always by clicking on the “mailto:” type link which generates a new message that can be sent to the email address in the form list-name-request@list-domain with the subject the command specified in the confirmation email and an empty message body).

Sending / receiving messages

• Each subscriber can create a Mail signature and choose their name when sending the email.
• A footer is automatically added to each message sent via the mailing list:
  
• See also the reply-to and from parameters at point 9 above.

Message moderation

• To reject a message, the moderator must click on the “mailto:” type link which generates a new message that can be sent to the email address in the form list-name-request@list-domain.
• When a moderator is also a member of the list, they do not receive the messages they send themselves, but obviously receive those sent by other moderators.

Forms (subscription/unsubscription)

To offer a website visitor to subscribe to your list, you can generate a code that you will simply need to insert on the site of your choice; example with Site Creator:

The Form tab allows you to specify the URL to which the user will be redirected after signing up or unsubscribing:

• In case of an error when using the form, an error page can display the email address moderation-owner@list-domain allowing you to contact the moderators.
• A user already subscribed to the list can sign up multiple times without any specific message being displayed.

Error management

The system indicates the number of errors encountered by an address and the date:

This guide explains how to sort emails currently present in your Infomaniak inbox or in subfolders, for example to quickly delete specific messages with the same structure, classify messages by subject or sender, etc.

Preamble

• Unlike the guide Sort incoming emails based on certain criteria which details how to set up, from the Infomaniak interface, filters that will apply to all future incoming messages, it is possible with the free software Thunderbird to apply sorting rules to already received and already present messages in an email account.

Quickly sort an IMAP mailbox

To do this:

1. Install and then open Thunderbird.
2. Configure your Infomaniak mail within the application.
3. Open the Tools menu and click on Filters:
   
4. Check the selected address and click on New...
   
5. Configure the filter according to your preferences (in this case the rule is that all messages with the subject containing ER will be moved to the trash):
   
6. Click on OK to return to the list of your filters and then click on Run now:
   
7. The result is immediately visible as the messages are moved to the trash and disappear from the window.

This guide covers data protection regulations in Switzerland and Europe, and the measures taken by Infomaniak to secure your customer data and data within Web Hosting and Mail Services.

Understanding the difference between data security and data confidentiality

Data security aims to prevent any unauthorized access to your information. It relies on measures such as encryption, firewalls, or VPNs. A security breach can have disastrous consequences: imagine a hacker stealing your entire customer database and demanding a ransom to recover it. This type of attack – ransomware – can paralyze a business overnight.

Data confidentiality concerns who can access your information and how it is used. Even if your data is secure against hacking, it can be collected, analyzed, and resold… legally.

Example: you carefully store your customers' information, but unbeknownst to you, a service you use shares – anonymously – this data with third parties. Result? Your competitors can obtain valuable analyses of your market and target your own customers without ever needing to hack.

LPD & GDPR

In Switzerland, the LPD (Federal Data Protection Act) and nLPD (for the "new Law" in effect since September 2023) protect the confidentiality of residents by regulating the collection and processing of personal data by organizations.

On the other hand, the GDPR (General Data Protection Regulation) of the EU, in effect since May 2018, influences global companies processing the data of European residents, including in Switzerland. While the LPD applies to the data of Swiss residents, the GDPR concerns that of EU residents. Swiss companies managing European data must comply with the GDPR requirements, including the designation of a Data Protection Officer and the conduct of Impact Assessments in case of risky processing.

Your role as an Infomaniak Client

Regarding the data you host that belongs to you — and especially if it contains personal data of your visitors, contacts, or customers — it is your responsibility to ensure its compliance.

When processing this personal data, it is essential to inform users about the purpose and methods of this processing. This is usually done through a privacy policy or a data processing agreement (DPA).

Agreement between data controller and processor

A DPA (Data Processing Agreement), called in German AVV (Auftragsverarbeitungsvertrag), in Italian ATD (Accordo di Trattamento dei Dati) and in Spanish CTA (Contrato de Tratamiento de Datos), translates to Data Processing Agreement or Personal Data Subprocessing Contract.

It is a mandatory contract provided for by the GDPR between a data controller and a processor. It defines the purpose, duration, and nature of the processing, as well as the obligations and security measures. Its objective is to protect the personal data entrusted to a service provider.

This GDPR certificate (in PDF format) can be generated and downloaded from the Manager (accessible to organization users who are owners or administrators):

1. Click here to access DPA management on the Infomaniak Manager (need help?).
2. Click the Generate button to download the customized PDF document:
   

Here are some tips on this subject:

It is crucial to differentiate between the security of the infrastructures where your data is hosted and the management and implementation of your data on your side. As a host, Infomaniak acts as a subcontractor for your GDPR obligations. In this context, its privacy policies and cookie usage, as well as its terms and conditions, provide the necessary guarantees regarding its compliance as a subcontractor.

Infomaniak's Role

Like companies that work with user data, Infomaniak must comply with the LPD and, because some of its users are European citizens, the GDPR as well:

• the data privacy policy details the data that Infomaniak retains to provide and execute its services
• the policy related to the protection of your personal data describes Infomaniak's commitments as a subcontractor that hosts all of your data, including personal data

This guide explains how to copy the content of an Infomaniak email address (all email messages, folders, subfolders, in short, the entire structure of your mailbox) to another of your existing addresses at Infomaniak, thanks to the Infomaniak import tool!

Preamble

• The operation does not affect the data already present on the destination address, nor that of the source address.
• Any duplicates are managed: identical content will only be copied once.
• It is possible to specify a second address to import during the same process.
• If necessary, refer to this other guide to import messages from an external email provider other than Infomaniak.

Copying emails from one account to another

Prerequisites

• Add a device password to the source address (the one whose content must be retrieved).
  • The password for logging in to the Infomaniak account with the same name is not the one expected.
  • You need a password specific to the email address in question = a device password.

To import the email content:

1. Go to the address https://import-email.infomaniak.com/.
2. If necessary, log in to your Infomaniak account on the Organization of your choice; indeed, the import will be to an email address attached to the Infomaniak Web interface Mail (online service ksuite.infomaniak.com/mail) of the account you are using.
3. Click on single import.
4. Fill in the left field with your starting email address (whose content is to be copied).
5. Fill in the right field with the password of this same source email address (see prerequisites above).
6. Click on Confirm:
   
7. If necessary, enter a second email address to be imported at the same time:
   
8. Choose which email address to import the emails to; the drop-down menu lists the email addresses currently attached to your Infomaniak Web interface Mail (online service ksuite.infomaniak.com/mail) of the Infomaniak account with which you are logged in:
   
9. It is obviously impossible to copy emails to the same address:
   
10. After selecting the desired destination address from the list, click on the blue button Import emails:
    
11. The copy starts and continues in the background, you can close the window that appears.
12. A confirmation email will be automatically sent to all email addresses concerned by the operation once the import is complete, mentioning the number of messages copied.

Copy the content of multiple Infomaniak addresses in bulk

Prerequisites

• Add a device password to each Infomaniak source address (those whose contents will need to be retrieved).
  • The password for logging in to the Infomaniak account with the same name is not the one expected.
  • A password specific to each of the email addresses concerned is required = one device password per address.

To import the content of multiple Infomaniak email addresses (maximum 25 at a time):

1. Click here to access the bulk import tool (online service https://import-email.infomaniak.com).
2. Select Import multiple email addresses from a CSV file (format .csv).
3. Download the example CSV template to create one with the necessary information for copying (see prerequisites above).
4. Upload the file using the Select a CSV file button:
   
5. Once the file is uploaded to the tool's page, select Import email address.
6. Wait while the content of the addresses is being copied (a confirmation email is sent once the copy is complete).

This guide explains how to activate the Infomaniak anti-spam filter, which can significantly reduce the number of unsolicited messages that may arrive in your Infomaniak email address if you share it with third parties.

Preamble

• Spam is an unsolicited message, often of an advertising or fraudulent nature, aimed at promoting products, services, or carrying out online scams; fortunately, Infomaniak has implemented strategies to combat this form of digital pollution.
• Thanks to the anti-spam filter, the messages you actually want to see quickly will no longer be drowned among dozens of other unwanted messages, as the latter will be automatically placed in a special folder, the Spam folder (or in the spam destination folder - see below) and then automatically deleted after 30 days.
• Moreover, the filter is automatically activated when creating an email address within an Infomaniak Mail Service or when subscribing to a my kSuite / my kSuite+ offer.

Activate the option from the Infomaniak Web Mail app

Prerequisites

• Have permission to manage the filter: it is possible that the Mail Service manager has revoked this right from their admin account.

To access your Infomaniak email settings:

1. Click here to access the Infomaniak Web Mail app (online service ksuite.infomaniak.com/mail).
2. Click on the Settings icon in the top right corner.
3. Check or select the relevant email address in the dropdown menu of the left sidebar.
4. Click on Filters and rules:
   
5. Activate the spam filter option, the effect is immediate (wait for the on-screen confirmation message); in this case, all future messages with a header indicating a high spam score (and blocked senders) will go to the Spam folder:
   
6. Simply click the toggle switch again to deactivate the filter; in this case, all future messages will go to the inbox, including messages with a header indicating a high spam score.

Activate the option from a Mail Service

To access your Infomaniak email settings:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on the relevant email address in the table that appears.
4. Click on Filters in the left sidebar.
5. Enable the spam filter option, the effect is immediate:
   
6. Simply click the toggle switch again to disable the filter; in this case, all future messages will go to the inbox, including messages with a header indicating a high spam score (they can be processed downstream by your software/email client if it supports reading this type of header).

Note that you can activate it in bulk on multiple addresses at the same time.

Customize the anti-spam filter

Modify the location of spam

You can choose the default location of the folder where messages considered as spam will be automatically placed (similar to special IMAP folders).

Where you have activated the spam filter:

1. Click on Modify:
   
2. Click on the folder name to choose another one (create a new one in advance if necessary):
   
3. Click on the Validate button:
   

Report a filtering issue or manually block senders

Report unfiltered Spam or an email filtered when it is not Spam (false positive): refer to this other guide on this subject.

You can also specify in advance which senders should always go to the Spam folder (or vice versa, if they should not be filtered): refer to this other guide on this subject.

For added security, enable the external mail mention.

This guide explains how to enable or disable the Infomaniak ad filter that automatically sorts emails detected as Newsletters or activity notifications into specific folders.

Preamble

• The filter…
  • … is automatically enabled when creating an email address within an Infomaniak Mail Service or when subscribing to a my kSuite / my kSuite+ offer.
  • … allows you to focus on relevant and important emails, which improves your productivity by reducing distractions from ads and spam.
  • … helps keep your inbox cleaner and better organized by separating advertising emails, which facilitates the management of important emails.

Enable the option from the Infomaniak Web Mail app

Prerequisites

• Have permission to manage filters: it is possible that the Mail Service manager has removed this right from their admin account.

To access your Infomaniak mailbox settings:

1. Click here to access the Infomaniak Web Mail app (online service ksuite.infomaniak.com/mail).
2. Click on the Settings icon ‍‍ in the top right corner.
3. Check or select the email address concerned in the dropdown menu of the left sidebar.
4. Click on ‍ Filters and rules:
   
5. Enable the ad filter option, the effect is immediate:
   
6. To disable the filter, simply click the toggle switch again; in this case, all future received messages will go to the inbox.

Enable the option from a Mail Service

To access your Infomaniak mailbox settings:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product concerned.
3. Click on the email address concerned in the table that appears
4. Click on Filters and rules in the left sidebar menu
5. Enable the ad filter option, the effect is immediate:
   
6. To disable the filter, simply click the toggle switch again; in this case, all future received messages will go to the inbox.

Note that you can activate it in bulk on multiple addresses at the same time.

Customize the advertising filter

Email location

In the same place (point 5 in the images above), by clicking on Modify, you can choose the default location of the 2 folders in which the messages will be automatically placed (similar to the special IMAP folders).

This guide presents the email authentication mechanisms and the ways to resolve the Sender Mismatch error.

Preamble

• The "Sender Mismatch" error occurs when the address used to send an email does not match the authentication address used when connecting to the SMTP server.
• This error is related to two specific elements:
  • The Return-path (also called "envelope sender"), which is used by the mail server to manage returns and delivery errors,
  • and the From header, which is the sender's address visible to the recipient in the message.

Resolve the Sender Mismatch error

Technically, when sending an email via a mail software/client, you must authenticate using a username (= your email address) and a password.

If, after authentication, the sender's address specified in the "From" header or in the "Return-path" is different from the address used for authentication, the Infomaniak server may consider this an attempt at forgery. It is this inconsistency that triggers the "Sender Mismatch" error.

To correct this error:

• Check that the email address used for sending is the one you authenticate with (or a valid alias).
• Do not modify the Return-path or From header to another unauthorized address (if necessary, refer to this other guide to test another mail application or to correctly configure your current mail software/client).

This guide details the steps to take when you want to “release” the management of an email address that is currently “limited” by the use of an Infomaniak account with the same name.

Preamble

• For example, the email address benevol on the Mail Service example.xyz will no longer be shareable with other users from the moment an Infomaniak account is created with a login ID in the form of the email address benevol@example.xyz.
• Therefore, a procedure exists for the administrator of a Mail Service to activate the release of the corresponding Infomaniak account if necessary.
• The corresponding email address, previously attached and readable, will no longer be, but the account data is not deleted.
  • Only the login address must be proposed in a different form by the user in question.

Request the release of the blocking Infomaniak account

To activate the deletion of the login ID when it is identical to an email address that can no longer be shared, the administrator of the Mail Service must go to the Manager:

1. Click here to access the management of your product on the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the product in question.
3. Click on the email address concerned in the table that appears.
4. Under the General tab, it is possible to see the users who consult this address, and among them, the corresponding user is found.
5. Click the Add button in the Users section (an operation that is not currently possible):
   
6. In the right-hand sidebar, the assistant for releasing the address opens; click the radio button to activate the operation.
7. Click Continue:
   
8. Confirm the user disconnection operation:
   
9. The linked user disappears from the users page:
   
10. In parallel, they receive an SMS similar to the example below, on the phone number they provided when they signed up:
    
11. This SMS indicates the procedure to follow to reconnect to their Infomaniak account with another email address of their choice (see below).

Recover access to the Infomaniak account

To be able to log back into your Infomaniak account now that access is no longer possible with the old email address, the Infomaniak account user must go to the address mentioned in the SMS:

1. Click here to access the login page.
2. Enter the username specified in the SMS (usually the initials of your account and a sequence of numbers).
3. Enter the usual password (it has not changed):
   
4. Enter the new requested information:
   
5. You will be logged back into your account:
   

The creation and management of classic/normal email addresses is done directly from the Mail Service of the Infomaniak administration interface (Manager):

Create a main email address

Prerequisites

• Add and choose the name of the email address

Next:

• Select the first box (visible above: email address for 1 or more users).
• Click on the Continue button at the bottom right.

Choose who should be able to access the email address

Click in the text field to choose who should be able to access the email address among:

1. Yourself (you will be able to directly access and use the email address on the Infomaniak Mail apps - Web, mobile, …).
2. Existing users in your Organization (they will be able to directly access and use the email address on the Infomaniak Mail apps - Web, mobile, …)
3. An external user who already has an email address to whom you send an invitation link to the email address that you must specify in the field below
4. An external user who does not yet exist for whom you will create an Infomaniak account that will have the same login identifier as the address you wish to create.
5. YOU and/or a new user to whom you will subsequently send an invitation link by your own means (the address will not be visible anywhere at first)

Option 1: yourself (your identifier)

In the list of users, you click on your login identifier (yourself):

1. Manage your possible access rights to the answering machine, add device, etc. by clicking on “Default rights”.
2. Choose a possible signature template.
3. Click on Create the address:
   
4. That's it:
   
   1. The email address is now visible on the Infomaniak Mail apps (ksuite.infomaniak.com/mail, mobile app, etc.); click if necessary on the created address to view it:
      
   2. Manage the options of your address (such as the out-of-office message, the filters, etc.).
   3. Configure if necessary different devices so that they also access this email address.
   4. Create additional addresses according to your needs.

Option 2: Select other users in the Organization

In the list, you choose other existing users within the Organization:

1. Manage their potential access rights to voicemail, device addition, etc. by clicking on “Default rights”.
2. Click on Create the address:
   
3. That's it: the email address is now visible on their Infomaniak Mail apps (ksuite.infomaniak.com/mail, mobile app, etc.).

Option 3: Invite an external user who already has a personal email address

You want to enter the existing email address of an acquaintance, colleague, etc. to give them access to the new email address you are creating:

1. Enter the user's email address (whether they already have, or not yet, an Infomaniak account) in the search field.
2. Click on the line to add them as a user:
   
3. Manage their potential access rights to voicemail, device addition, etc. by clicking on “Default rights”.
4. Click on Create the address:
   
5. That's it:
   
   1. Manage the address options (such as the out-of-office message, filters, etc.).
   2. Configure, if necessary, different devices to access this email address as well.
   3. Create additional addresses as needed.
6. The user receives an invitation to view the email address, valid for 30 days:
   
7. The button directs them to a page where they can either create a new account or log in to a potential account they may already have with Infomaniak. Once done, the address will automatically be visible on their Infomaniak Mail apps (ksuite.infomaniak.com/mail, mobile app, etc.).
8. The current invitation is visible in the email address management within your Mail Service:
   
   • By clicking on Resend, you can view the link to copy it, and/or resend it.

Option 4: Fully create the Infomaniak account associated with the new email address

You are redirected to the user creation within the Organization, which will allow you to add the user from scratch, creating the desired email address at the same time. Some restrictions may then exist: refer to this other guide on the subject.

Option 5: Decide later

1. The email address is directly created (still without password, and this time without any user, so the address will not be visible anywhere initially) and works fully.
2. You can, of course, manage the users and the passwords directly from the email address management.

Additional actions (button ‍)

Click on the chevron ‍ to the right of the Create an email address button to access additional actions:

1. Create a generic email address of type:
   1. no-reply (for sending confirmation, validation, invoice, etc.)
   2. catchall (allows you to receive all messages for which there is no specific email address on your domain)
2. Create multiple email addresses: allows you to create multiple email addresses at once using a CSV file.
3. Create “virtual” addresses serving as redirection.
4. Import content from other email addresses.