How SendGrid works with BMS

Introduction

The ubiquitous email traverses a cyber landscape that is replete with different types of nodes which consist of servers, authentication and reputation checks, and filtering from the time a user sends an email from his mail program till it reaches the recipient's inbox. As the email traverses this path, there is a quiet actor that checks, guides, and regulates the email to its final destination. This actor is called SendGrid. SendGrid sends emails in two different ways - through SMTP relay or through Web API. BMS server is not a mail server; therefore, it uses SendGrid as the default SMTP server to deliver emails.

How it works

After a message is composed and once the user hits Send, the SendGrid is the actor that facilitates the SMTP handshake, and the handshake in turn makes the communication possible. The sender communicates the final destination of the message through SendGrid. The SMTP server then contacts the recipient server and exchanges multiple pieces of communication.

The recipient server then responds in one of the four ways:

  • I have identified the person and the message will be delivered to the recipient inbox
  • I have identified the person but the message will not be delivered to the recipient inbox
  • I have identified the person but there are some things that I have to identify; so, the message will not be delivered at this time. At the same time, it won't be sent back.
  • I have not identified the person; so, I will be sending the message back.

Once an email goes out of the BMS system, it reaches the SendGrid server which in turn sends it to the recipient's mail server. The mail server then in turn sends it to the individual's mailbox. Sometimes unfortunately, SendGrid may block or not deliver genuine emails for some reason. It is at this time that our support team members pitch in by getting into SendGrid and manually sending the emails or releasing the blocked emails. A support member can check if the email is processed and delivered by going into the Event History page of the individual email.
SendGrid_event_history.png

Also, other than the outbound mail server, SendGrid assists in the area of DNS (domain name system) and authentication. SendGrid helps establish trust in the recipient server to accept the message. Usually, the recipient server checks for SPF (sender policy framework) record, DKIM (domain keys identified mail) record and DMARC (domain-based mail authentication reporting and conformance) record. SendGrid's sender authentication feature assists in setting up SPF and DKIM.

The recipient server then checks for the reputation of the message by checking the reaction of its other recipients sent from the same IP and domain and where it previously decided to place the message from the same IP and domain.

You can configure the outbound email from BMS by going to Admin > My Company > Outbound Email. Port 587 actually overcomes the limit set by the hosting companies.

Our outbound SMTP email relay: sg.cloud.kaseya.net

BMS and throttling

Throttling is defined as the process of controlling the amount of email messages sent to one ISP or remote server at one time. Throttling is normal behavior with Office/Exchange servers. When BMS receives throttling, it tries multiple times to resend the email and then bypasses the throttling. In case you see an error in the outbound logs, it is because the resending process failed.

Overcoming the limit on messages

For example, there is a limit of 30 messages per minute by Microsoft; This can be circumvented by SendGrid in place. With SendGrid, you can send 100 messages with each connection with SMTP. Additionally, with SMTPAPI, 100 messages can be sent with each connection and there can be 1000 recipients for each message.

Security

To enforce a foolproof security system, SendGrid scans all applications for vulnerabilities using a strong combination of source code analysis, dynamic testing, and two-factor authentication. Additionally, SendGrid encrypts data in transit using TLS, conducts an independent penetration test on an annual basis, and has SOC 2 Type 2 certification. To know more about BMS security, see BMS Getting Started | About the product > Security Standards and Compliance section.

Audit

You can check the logs generated by outbound emails. The logs show the status of each outbound email sent from BMS with the help of SendGrid. You can check these logs under Admin > Logs > Outbound Email.

outbound_email_log.PNG

Feedback loop

Finally, there is a feedback mechanism called feedback loop. These are provided by mailbox providers and the sender can receive notifications through it to inform the sender when a recipient has trashed the message as junk or spam.