Categories

AI
1
Billing
11
Caching Guide
1
Client Portal (WHMCS)
1
Coding
38
Delegated Access
5
DIVI
4
Domains
10
Email Support
29
Facebook Ads Managment
13
Google Cloud
2
Interesting Articles
4
Invoices and Taxation
10
Legal
1
Linux Commands
1
Litespeed
3
MailGun
4
Misc
3
Office 365
4
Policies
27
Rackspace Mail
42
Resales Online Plugin
3
Scams/Phishing
8
SmarterMail
25
SmarterMail (Server Admin)
1
Standard Operating Procedures
7
Thunderbird
1
Tutorials
28
Web Design
4
Web Hosting
22
Website Care Plans
3
Wordpress
6

  Categories

  Tag Cloud

2fa 301 redirect 550-5.7.1 90 day warranty ad account ad sizes ad spend adding users admin access ads adwords align api filters api key apple mail archive archiving auto reply autodiscover autoresponder back date backdate backup email backups banner bash bcc archiving blacklisting block bots breaking up browser refresh bug report business manager cache caching capthca cash change password Charities charity chrome client portal cloud linux complaints concat config content content warnings court order pdf scam cpanel cpanel email cpanel remote mail exchanger credit card credit cards cron css custom wp config debug debug mode delegate delete mail deleted email denied disk usage warning diskcritical divi divi blog dkim dmarc dns dns cache dns only domains email email archiving email migrations email setup email support policy Employee acces envato EU cross-border transactions exchange exchange server facebook facebook ads facebook business manager Facebook invoice Facebook marketplace fail over fallback feedback filezilla ftp filter Finance Analyst find email firewall fix permissions fix perms folder prefix force download force ssl form emails form spam forwarding fragmentation framework ftp ftp over tls full mailbox gmail gmb godaddy google google adwords google analytics google chrome google cloud google local google maps google my business google places google sheets google webmaster tools google workspace migration grant access graphic design gravity forms greylist gsc gwmt gwt hacked wordpress header Hetzner hosting hosting migrations htaccess htaccess tips images imap imap and pop differences imap port imunify360 inbox increase limit INSERT invoice invoices ios ip iphone IPS tag IT jailed shell jerk jquery lead forms legal licenses litespeed local listings lockdown wordpress logo concepts logo design logo project logos lost emails lve mac mac mail mac marbella macmail mail app mail test mail tester many chat manychat mcc migration migration of hosting migrations missing emails mobile modsec moving ms office multiple logins mx mysql nameservers navicat networking marbella nominet office 365 office365 old php versions outage outlook outlook 2010 outlook deliverability issues owa password password protected password reset passwords pay paying cash payment failed payment policy payments paypal pdf files PDO_SQLITE permalinks permissions perms phishing phishing email photos php php 5.1 php 5.6 php 7 php 7.3 php 7.4 php info php versions phpinfo pico policies policy pop ports post launch checklist pram procedure proforma invoice public key pure ftp pure-ftp pureftp rackspace calendars rackspace mail ram receive recover recpatcha redirect refresh relay remote session remote support remove post type remove posts button reporting a bug reporting spam resales online resales online api reset resource abuse rest api root shell rsync safelist senders scam scam warning scams scans search console search folder secure cert secure wordpress security send sending lmiits sent sent items sent messages seo setup setup email shell smartermail smtp smtp port snag snag list snagging softaculous spam spamcop spams spf SQLite3 srv srv records ssh ssl ssl cert status stock stock photo storage boxes store sent messages stripe sub menu subject line swiss symfony system status tasks tax id tax invoice taxes telegram text content third party thunderbid thunderbird tls tos transmit ftp turn off two factor auth uce protect uk tax uk vat untrusted ip UPDATE update php upgrade php uptime Use Smart Addresses vacation message vat verify vertical vies vimeo warning warranty we transfer web design web hosting web project webmail webmaster tool webmaster tools whitelist whitelist sender whm whmcs windows wofeedback wordpress wordpress cache wordpress code wordpress functions wordpress log in protection wordpress scan wp bakery builder wpml wpml flags wpml site key www

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket

SmarterMail Handbook for IT Professionals/Domain Admins Print

  • 0
This article is intended for IT administrators, MSPs, and security-conscious organisations managing email accounts within SmarterMail.

SmarterMail includes a range of security controls designed to help organisations enforce password policies, implement multi-factor authentication, monitor account compliance, and improve overall mailbox security.

Overview

Our hosted SmarterMail platform includes support for:

  • Secure Webmail login
  • Encrypted SSL/TLS connections
  • Two-Factor Authentication (2FA)
  • Google Authenticator support
  • Recovery Email verification
  • App Passwords for email clients and devices
  • Forced domain-wide 2FA policies
  • Password complexity requirements
  • Password expiration policies
  • Password compliance reporting
  • Password age monitoring
  • Password violation auditing

Table of Contents

Available Security Features

SmarterMail provides several layers of security that can be configured at either user level or domain level.

Authentication Security

  • Two-Factor Authentication (2FA)
  • Google Authenticator support
  • Recovery Email verification
  • App Passwords for client access
  • Domain-wide 2FA enforcement

Password Security

  • Minimum password length requirements
  • Prevention of common passwords
  • Password expiration policies
  • Password age reporting
  • Password violation logging
  • Expired password tracking

Connection Security

  • Secure SSL/TLS encrypted connections
  • Encrypted Webmail sessions
  • Secure IMAP, POP and SMTP connectivity

Security Features Available to End Users vs Domain Administrators

The table below helps explain which security features are controlled by individual mailbox users and which are managed centrally by a Domain Administrator.

Feature End User Domain Administrator
Change mailbox password Yes Yes
Enable Two-Factor Authentication Yes Can enforce domain-wide
Use Google Authenticator Yes Can require 2FA
Use Recovery Email verification Yes Can require 2FA
Generate App Passwords Yes No
Set password policies No Yes
Set password expiry rules No Yes
View password violation reports No Yes
View password age reports No Yes
Manage domain-wide security settings No Yes

Accessing Domain Settings

Domain Settings allow administrators to manage security policies across all mailboxes within a domain.

Log in as a Domain Administrator and navigate to:

More → Domain Settings

The left-hand navigation menu provides access to all available administrative controls.

Managing Password Requirements

To review or modify password policies, select:

Password Requirements

This section allows administrators to define password standards for all users within the domain.

Available options include:

  • Minimum password length
  • Prevent use of commonly compromised passwords
  • Skip enforcement for existing passwords
  • Automatic password expiration policies
Recommendation:
We recommend enabling common password prevention and enforcing a minimum password length of at least 12 characters wherever possible.

Enforcing Two-Factor Authentication

SmarterMail allows administrators to require all users on a domain to use Two-Factor Authentication.

To access this setting:

Domain Settings → General

Within the Users / Aliases section you will find the option to enforce Two-Factor Authentication across the entire domain.

Important:
Before enabling mandatory Two-Factor Authentication, ensure users have reviewed the setup process and understand how to configure either Google Authenticator or Recovery Email verification.

Please refer to our user guide for assistance:

How to Enable Two-Factor Authentication (2FA) for Your Email Account

Password Reporting & Auditing

SmarterMail includes reporting tools that assist administrators in identifying accounts that may not meet organisational security standards.

Available reporting includes:

  • Expired passwords
  • Password age reports
  • Password policy violations
  • Accounts requiring password updates

These tools can be particularly useful for organisations operating under internal security policies, insurance requirements, or regulatory compliance frameworks.

Security Best Practices

  • Enable Two-Factor Authentication for all users.
  • Use Authentication Apps instead of recovery email where possible.
  • Enforce minimum password lengths of at least 12 characters.
  • Prevent commonly used passwords.
  • Regularly review password age reports.
  • Use App Passwords instead of sharing mailbox passwords with devices and applications.
  • Review administrative settings periodically as part of security audits.

When configured correctly, these controls can significantly reduce the risk of unauthorised mailbox access and improve the overall security posture of your organisation.

Was this answer helpful?

Related Articles

Understanding Aliases, Disposable Addresses & Plus Addressing in SmarterMail This article explains the differences between SmarterMail Aliases, Disposable Addresses, and... SmarterMail Alias Accounts This article explains how SmarterMail Aliases work, how to create them, and how they can... How to Set Up Email Forwarding in SmarterMail You are reading this article to understand how to enable email forwarding in SmarterMail.... SmarterMail Email Client Settings This post describes the settings needed to use our SmarterMail Email system.If you are on... SmarterMail DNS Settings You are reading this article because you either:a. Currently have your email hosted with another...
« Back