Platform change for your Cleanmail security service

Alinto operates several types of email security, anti-phishing and anti-spam platforms.

The Quar platform (https://quar.cleanmail.ch) you are currently using is reaching the end of its life cycle and we are migrating domains to Cleanmail, a more modern platform that keeps pace with new security threats.

How will this affect you?

For sovereignty reasons, our Swiss customers will continue to be hosted on a resilient infrastructure in Switzerland.

An intuitive, more modern dashboard will allow you to monitor traffic, logs and quarantines.

In addition to the historical services, a free backup webmail is available. This webmail, which can be deactivated on request, has a minimum retention period of 7 days, allowing you to continue working in the event of a mail server failure, and offers the possibility of redistributing a recent email that may have been deleted.

You can personalize Cleanmail’s operation through customizable and granular policies.

Recommended security policies are available by default in the administration:

Standard policy with quarantine reporting

  • Emails considered spam with a score of 5 are delivered to quarantine;
  • Newsletters with a [PUB] tag are delivered to the recipient’s inbox;
  • A quarantine report is emailed to every user daily at 09:00;
  • From this email, secure direct access to quarantine and backup webmail (retention) is possible.

Policy without quarantine report

  • Identical settings, but the user does not receive a quarantine report.

These policies can be tailored to your specific needs and quarantine reports can be scheduled to run once or twice daily, weekly or monthly.

Compared with Quar, Cleanmail requires the creation of user accounts.

We’ll import all known addresses from Quar and ask you to verify them:

  • Identify and delete obsolete addresses
  • Identify alias addresses

If you have a large number of accounts (> 100), you can send us an export of your email addresses and aliases and we’ll import them for you. This will save you time and effort.

Global reporting mails (on Cleanmail tenant)
For each domain held in Cleanmail, there is now a “Reporting” section in which you can create the following reports:
– Report on the global quarantine of the tenant’s domain(s).
– Report with statistics on received emails (clean, spam, virus and rejected emails).
The frequency of the e-mail reports can be set and the reports can be sent to an external e-mail address of the domain.

How much does the migration cost?

There is no charge for migrating to Cleanmail.

Will there be any service break?

No, there will be no service interruption.

How will the migration process work?

One of our service managers will contact you via our ticketing system.

You will be given your administration access so that you can familiarise yourself with the new environment before going live.

In some cases we may ask you to authorise a subnet (Cleanmail’s IP range) on your server/firewall to allow incoming traffic to pass through to your mail server.

If you’re using the outbound scanner option:

You’ll need to change the DKIM key on the DNS zone, which we’ll let you know about. SPFs will not change from Quar. We also recommend adding a DMARC record, which will be sent to you upon request.

Our service managers will be happy to answer any questions you may have and make sure everything runs smoothly. Thank you in advance for your warm welcome.

Configure Cleanmail CH (cmv5) for automatic user provisioning (O365/AD)

This tutorial describes the steps you need to do in both Cleanmail CH (cmv5) and Azure Active Directory (Azure AD) to configure automatic user provisioning.

When configured, Azure AD automatically provisions and deprovisions users to Cleanmail using the Azure AD Provisioning service.

For important details on what this service does, how it works, and frequently asked questions, see Automate user provisioning and deprovisioning to SaaS applications with Azure Active Directory.

(EN) https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/cleanmail-swiss-provisioning-tutorial

(DE) https://learn.microsoft.com/de-de/azure/active-directory/saas-apps/cleanmail-swiss-provisioning-tutorial

(FR) https://learn.microsoft.com/fr-fr/azure/active-directory/saas-apps/cleanmail-swiss-provisioning-tutorial

Configuring Microsoft 365 for Cleanmail Sign+Encrypt v1

Please note that this documentation only concerns version 1 of the Sign+Encrypt service. Please contact our support team (support@cleanmail.ch) to set up Sign+Encrypt v2.

Please follow the steps in this document to configure your Microsoft 365 (Office 365) for Cleanmail Sign+Encrypt. You will also need the information in the activation e-mails which were sent to you.

If you have questions, please contact us at support@cleanmail.ch, or use the chat using the box in the bottom right corner.

DNS-Flag-Day

Februar 1st 2019 is “DNS-Flag-Day”.

The Domain Name System DNS is the contact app of the Internet. It allows you to view this website by entering the name “www.cleanmail.ch” into the address bar of your browser, and ensures that emails with @cleanmail.ch are delivered to the right mail server(s).

In the last decades, the DNS protocol has been in constant evolution. Unfortunately there are still quite a lot DNS servers which are still on pre-1999 levels on how they understand the DNS protocol. Current DNS server software uses a series of workarounds to ensure that such aged software still works.

On February 1st 2019 many large providers will turn off these workarounds. Even though 20 years of lead time should be sufficient, and even though there are publicly available tools to check the status of one’s own DNS server, some services and service providers will be surprised on this day.

If you encounter unexpected outages on or after February 1st 2019, there is a certain probability that this is due to the “DNS-Flag-Day”. The infrastructure of Cleanmail is on current levels and thus not affected by this change. However, it could well be that other organisations are affected with the result that they can not send emails to us, or that they can not receive emails sent through us. Please note that this behaviour is outside of the control of Cleanmail and can thus not be whitelisted.

Additional information on the DNS-Flag-Day can be found at https://dnsflagday.net/.

 

Support

For technical support please contact us via support@cleanmail.ch, and via sales@cleanmail.ch for administrative and sales questions. The easiest way is maybe via the chat you’ll find on the bottom right (the orange square, clic, write, send, give us your contact information if you don’t get a quick anwser, thank you).

☣️ Please report missed spam as .eml attachment to spam@cleanmail.ch

Please note that this KB is currently only available in German.

If you do not find the resolution for your request in the support database, please contact us.

🔧 See the state of our services, the incidents (DE).

This link will take you to a list of our ♥️ partners and resellers.