A mailbox is usually created in under two minutes, but secure email delivery depends on what you configure after creation. The goal is not only to send mail, but to keep inbox placement stable and prevent abuse.
Step 1: Create the Mailbox with Operational Limits
Start by defining a business mailbox name, strong password policy, and mailbox quota. Quotas prevent one account from consuming the entire shared plan and simplify incident response when mail loops happen.
- Use role-based names (for example: support@, billing@, sales@).
- Set unique credentials and rotate them on role changes.
- Enable mailbox size limits and alerting where available.
Step 2: Configure DNS Authentication
Deliverability is mostly a DNS discipline problem. Configure SPF, DKIM, and DMARC before users start sending production messages. This reduces spoofing risk and improves trust with major providers.
- SPF: authorize valid outbound servers only.
- DKIM: sign outbound messages from your domain.
- DMARC: define policy and reporting mode, then tighten gradually.
Step 3: Connect Clients Over Encrypted Protocols
Use IMAP/SMTP with TLS only. Legacy clear-text protocols create avoidable risk and can trigger compliance issues. Verify certificate trust and standard ports in each client profile.
Step 4: Add Monitoring and Recovery Basics
Email issues are often discovered by customers first. Add monitoring for queue growth, bounce spikes, and authentication failures. Keep retention and recovery policies documented.
- Review outbound bounce reasons weekly.
- Track login failures by mailbox and source IP.
- Test mailbox restore at least once per quarter.
A secure mailbox setup is mostly process: clear ownership, DNS authentication, encrypted client connections, and regular monitoring.
2026 update: after creating the mailbox, enable MFA on admin access, configure SPF/DKIM/DMARC for the domain, and restrict forwarding rules to approved addresses only. This reduces spoofing and data leakage risk.
IMAP vs POP3: which to choose
IMAP leaves messages on the server. You see the same messages on every device (phone, computer, web). It's today's default and what we recommend. Downside: it needs server storage, and if the server is far away sync can be slow.
POP3 downloads messages to the device and removes them from the server (you can configure it to leave a copy). Suits you if you use one device only or want to save plan storage. Downside: if the device dies, mail is lost.
Setting up aliases and forwarders
Instead of creating a new mailbox for every role (info@, sales@, support@), you can create aliases — additional addresses that route to the main mailbox. This is more efficient because aliases don't consume extra plan space.
Alternatively, forwarders let you redirect mail from one mailbox to an external address (Gmail, Outlook). Common use: receive business mail in your personal Gmail too, without switching devices.
Common setup issues
Mail client can't connect
Verify: exact server name (usually mail.yourdomain.com or the primary domain), port 993 for secure IMAP or 587 for SMTP, SSL/TLS enabled, and username = full email address (not just the part before @).
Mail sends but doesn't receive
Sign of an MX record issue. Verify the MX points to your hosting provider's server, not an external provider like Google Workspace.
You receive but messages you send land in the recipient's Spam
Missing SPF / DKIM / DMARC records on the domain. On our plans these are configured automatically, but in the past some customers accidentally removed them during DNS changes.
