This may help someone whenever to choose OVH as a registrar
for their domain name with the offer of "free" 100MB web hosting
and one 5GB e-mail address and 2000 e-mail re-directs.
https://www.ovhcloud.com/en-gb/domains/free-web-hosting/
While when signing up for the free old "start10m" 10MB hosing plan/5GB 1 e-mail in
OVH Control Panel there was a note that
"The Start 10M plan is included with your solution, but it only comes with basic features."
it is not clear exactly that DKIM/MTA-STS will not be supported.
Enabling "hostingfree100m" still includes the above message:
The Start 10M plan is included with your solution, but it only comes with basic features.
Also on the "free-web-hosting" below:
https://www.ovhcloud.com/en-gb/domains/free-web-hosting/
you can read about all the benefits of registering domain with OVH and get:
"A 5 GB email account"
Use your business email address linked to your domain name with a POP/IMAP account,
and get a 5 GB disk space to store all your emails.
"Communicate with a professional email address"
You have a 5 GB email account linked to your domain name, so you can send
and receive emails from a professional email address that your contacts
will recognise and associate with your brand. You can check your mailbox
from your computer, smartphone or directly via your web browser, and we
also keep your account secure with anti-spam and anti-virus protection.
But what it does not tell you is, that your "free" professional email address
with 5 GB email account will not support DKIM/MTA-STS!
In the section of "Your questions answered" you will not find it either!
However, there are interesting question included ;)
"Which services are not available with the free hosting?"
Some services are only available with Personal or Professional hosting plans,
such as pre-installed CMSs (WordPress, Drupal, Joomla!, PrestaShop, etc.),
multiple website hosting, unlimited FTP or SSH access, and mailing lists.
So you do not need unlimited FTP or SSH access, CMS and mailing lists so
you think this sounds great, but if you are planning to also send e-mails
with your professional email address you will soon be disappointed.
You probably now asking why do I need DKIM/MTA-STS?
DKIM (DomainKeys Identified Mail)
---------------------------------
(only available to Exchange and Email Pro plans) !!!
Well, if your e-mails that you sent are not "signed with DKIM key",
they will always end up in the recipients SPAM folder and
your professional email address will not look that professional any more!
There may be some companies that do not take SPAM seriously and have
not implemented DKIM, but majority of big players have and suddenly
you FREE e-mail will be free but not professional, but if you upgrade
to "paid for service" you can get access to such a future:
https://help.ovhcloud.com/csm/en-dns-zone-dkim?id=kb_article_view&sysparm_article=KB0058258
Should OVH let potential customers know that it's a trap before
they purchase in good faith?
Is offering "free" e-mail service without having a DKIM working today
second class/broken service?
MTA-STS (Mail Transfer Agent Strict Transport Security)
-------------------------------------------------------
(only available to Exchange and Email Pro plans) !!!
as you can not on "hostingfree100m" create certificates for sub-domain
"mta-sts.domain.name".
I have asked OVH support to remove "www" subdomain and only use naked domain
and replace the "www" with "mta-sts" but been advised that it's not possible!
I have been unable to find any article related MTA-STS on OVH Help pages either :(
Google has a good article on how to "Help prevent spoofing, phishing, and spam"
https://support.google.com/a/topic/9061731
that includes SPF, DKIM, DMARC and BIMI.
Also on "Advanced Gmail security"
https://support.google.com/a/topic/2683828
that includes article on increase email security with MTA-STS and TLS reporting
Hardenize also offer great article with regards to "Policy for Email Infrastructure"
https://www.hardenize.com/labs/policy
and what your e-mail should be supporting:
https://www.hardenize.com/downloads/hardenize-policy-for-email-infrastructure-preview3-20210519.pdf
- Support STARTTLS
- Configure TLS appropriately for SMTP
- Use valid TLS certificates issued by public CAs
- Keep detailed SMTP server connection logs
- Consider requiring STARTTLS
- Use DMARC reporting
- Use DMARC to quarantine or reject spoofed email
- Use SMTP TLS Reporting
- Use SPF
- Use DKIM
- Use DANE if using DNSSEC
- Use MTA-STS
- Monitor for look-alike domain names
- Be aware of BIMI
but it looks like OVH does not think that supporting DKIM/MTA-STS is a must on free accounts :(
Hostingfree100m/free 5GB (1 address) MXPLAN 1 without DKIM/MTA-STS
Related questions
- Email Alias Support: Is it possible to use the Email Alias as the "Sent From" address
8508 
29.01.2021 19:11
- 521 No Redirect Entry for this address
6859 31.12.2017 18:00
- E-mail creation
5757 24.10.2024 14:16
- Catch all on Hosted Exchange?
5278 05.10.2018 15:36
- Recommendations to use OVH as smtp relay with DKIM
4871 16.09.2024 15:10
- Do I need an MX Plan to redirect emails back?
4434 15.04.2022 15:47
- How to configure postfix to send smtp mail (using ssl0, a relay, other ?) when have dom
3893 07.11.2023 15:10
- Configure MX records on Namecheap in order to use the domain with OVHCloud email
3554 24.10.2024 14:15
- How to sync Email Pro
3469 08.02.2018 18:36