Relay servers and their benefits
Email Relay allows you to route emails through your (company's) server while sending emails from Zoho Recruit. Once the relay server is setup, the sent emails will follow a path like this:
Zoho Recruit - to - Relay server - to - Recipient
.
Sending emails through a relay server lets you effectively stop spamming or mislabeling when emails are sent (especially bulk emails). Many businesses that send out bulk emails like notifications, invitations, automatic interview emails etc. to their candidates regularly, face higher chances of spamming and sometimes even the authenticity of an email becomes questionable. In such cases, a relay server can be beneficial.
Here are some of the benefits that relay servers can provide:
- Some organizations are required to store copies of emails that are sent to the candidates as part of their compliance goals. If the emails are routed through the relay server, you can always keep a backup of the sent emails in the server.
- Often, important notifications and messages are shared with clients and candidates via email. It is best to have access to all such emails and attachments sent by your team even after they discontinue service in your organization. You may need them for reference in the future.
- Usually, bulk emails are prone to virus threat and to prevent a potential malware attack to the recipients system, its best to run antivirus checks on the outbound emails before sending it to the customers.
- The bulk emails are intended to address a enormous population and therefore consists of content that is common for all the recipients. Just in case, you want to share some additional information such as disclaimers or notices with a selected set of candidates or clients, then instead of sending separate emails, you can just append the information to the outbound emails before sending.
- Often, the bulk emails are prone to email spoofing, where the email header is tampered to give an appearance of spam email. Sending emails from the relay server can help you avoid spoofing.
- The bounced and failed delivery emails can be accessed from the relay server.
Points to consider before setting up a relay server
- You can only send emails that originate from Zoho Recruit via the relay server. That is, workflow emails, individual emails, and mass emails. You may choose to send all or some of these emails from a relay server.
- You can manually set limits to the number of emails that can be sent from the relay server.
- Emails that are sent from the Zoho Recruit's server will continue to be sent from this server and the daily limit of the outbound emails will depend on your subscription.
- It is advisable to white list all the IP addresses of Zoho Recruit in your relay server to avoid any deliverability issues. But, note that white listing IPs may be necessary if you set up an open relay server (an SMTP server that allows not just mail destined to or originating from known users but every user to send emails).
Authenticating Email Protocols In Relay Server
- When a relay server is not set
The outbound emails originate from the user's domain (@company.com) and sent to the recipient via Zoho Recruit's server. To receive the delivery failed and bounced emails, the return path (variable envelop from address) is set to Zoho Recruit's server. This change causes a mismatch of IP addresses between originating email and return path that fails an essential email authentication protocol, called SPF. In order to avoid deliverability issue, Zoho Recruit signs DKIM (alternate email authentication protocol). Signing DKIM ensures that the emails pass the DMARC policy and are successfully delivered.
- When a relay server is set
The outbound emails are sent from Zoho Recruit's server to the relay server from where they are sent to the recipients. Some vendors tend to change the return path of the emails to their server in order to manage the bounced and failed delivery emails within the relay server.
Once a relay server is set there are two possibilities with respect to the return paths:
- If the return path is retained as Zoho Recruit's server
The outbound email is sent from Zoho Recruit's server to the relay server. At this point, the IP address of the originating email is authenticated against the IP address mentioned in the return path. Since the return path is retained to Zoho Recruit's server, both the IP addresses will match resulting in SPF validation to pass. The email is then sent to the recipient from the relay server, at this point another IP address authentication will be carried out between the email origination and return path. This time, originating email's IP address is the relay server and the return path's IP address is Zoho Recruit's server, which will cause SPF failure due to mismatch of IP addresses. Because of this the email deliverability will be unsuccessful and the email may land as spam in the recipient's inbox.
To prevent such instances, it is recommended to enable DKIM (it automatically passes the DMARC policy) which in turn ensure successful email delivery.
- If the return path is set to a relay server
The outbound email is sent from Zoho Recruit's server to the relay server. An IP address authentication is carried out and the originating email's IP will match with that of the return path's which will result in positive SPF validation. The email will be sent to the recipient from the relay server and the IP authentication will display a match of IP addresses because in this case both the originating email and return paths have the same IP addresses (relay server). This will result in SPF validation and the email will be delivered successfully.
Note
- The return path is by default set to Zoho Recruit's address and many vendors don't change it to the relay server's address. Since SPF failure in these cases is inevitable, it is mandatory to enable DKIM and ensure that the DMARC policy is signed.
- We recommend you to sign DKIM with Zoho Recruit to rule out any possibilities of unsuccessful delivery. However, you can enable it with the vendor too.
Whitelist Zoho Recruit IPs in the Relay Server
Emails may be sent to the relay server from different IP addresses of Zoho Recruit and to prevent any unsuccessful deliveries as a result of IP mismatch, it is essential to white-list all our IPs in the relay server. It is mandatory to white-list the IPs, if an open relay server (it uses IPs as a criteria to filter the inbound emails) is used. Though it is not necessary, to white-list these IPs in the relay servers that use host's username and password as an authentication mechanism, it is still recommended to publish these IPs in the relay servers.
Server Name (Access URL)
|
IP addresses
|
USDC (recruit.zoho.com)
|
8.39.55.8
204.141.43.8
136.143.191.8
204.141.32.129
8.40.222.129
|
EUDC (recruit.zoho.eu)
|
185.20.209.160
31.186.243.160
87.252.213.160
89.36.170.160
|
CNDC (recruit.zoho.com.cn)
|
163.53.93.46
124.251.121.56
|
INDC (recruit.zoho.in)
|
103.89.74.227
103.89.75.228
|
AUDC (recruit.zoho.au)
|
1. 103.138.128.75
|
Configuring Email Relay Settings
You can route the emails sent from Zoho Recruit's server to your company's server using email relay. Based on your subscription, you can add multiple domains and set relay servers for each domain. You can add a maximum of three relay servers in a single domain. Before you begin setting up the email relay, ensure you have the following information from your email administrator:
1.
Port number
- The port number of your company's SMTP server. The Email relay supports the following port numbers: 25, 465, 587.
2.
Secure connection
- Whether you choose SSL or TLS certificate, it is advisable to authenticate the certificate (authenticating the certificates is not a mandatory step). To do so, you will need to mention the host's name and password on the certificate.
Setting the type of emails sent from the relay server
You can select the type of emails that should be sent via the relay server. Only the emails that originate from Zoho Recruit such as, workflow emails, mass emails or individual emails can be sent through a relay server. You can use different relay servers for each type of email, for example you can use the server one to send all the mass emails and server two to send all the workflow related emails.
Setting maximum send limit from the relay server
You can specify the number of emails that should be sent on a daily basis from the relay server. Once the maximum limit is reached, the subsequent emails will be sent from the Zoho Recruit server.
To configure email relay setting:
- Go to Setup > Channels > Email > Email Deliverability > Email Relay.
- In the Email Relay Settings page, click + New Server.
- In New Server Details page, enter the Server Name.
- Choose a Port number from the drop-down list.
- Specify the Maximum Limit. If the maximum limit to send emails is reached in the relay server, the subsequent emails will be sent from Zoho Recruit's server.
- Choose either of the Secure connections: SSL or TLS.
- Choose Never, if you do not want a secure connection.
- Click Yes or No in Authentication Required.
If you choose Yes, enter the host's Username and Password for authentication.
- In Advanced Details, do the following:
- Domain in this server: Select a Domain from the drop-down list. All the domains that you have added for Email authentication will be listed here. You can additionally add a new domain by clicking Add New Domain.
- Type of email: Select the type of email from the drop-down list.
- DKIM Authentication: Check Enable, to allow Zoho to sign DKIM for the emails routed via the relay server.
- Click Copy to Clipboard and paste the public key in your DNS setting.
10. Click Configure.
Under server information in the Email Relay Settings page, you will be able to view all the configured servers. In case you are not using a server temporarily, you can toggle it off. You can also delete a server if you want to discontinue sending emails from it.
Note
Due to any reason, if the outbound emails fails from the relay server they will be automatically routed through Zoho Recruit's server.
After three repeated failures (in a day), the user will be sent a warning email and the relay server will not be used until the next day.