Credentials

As with any sending platform, integration is the key. Omnivery provides multiple methods of integration, but all need to be authenticated. The Credentials menu allows you to configure and secure your access credentials for different integration methods.

SMTP Users

SMTP stands for Simple Mail Transfer Protocol—the protocol that email clients and servers use to communicate with each other. The SMTP protocol can be used by applications to send email, as well as by email clients like Outlook, Thunderbird, Apple Mail, or the email client on your mobile device.

SMTP users can only access our SMTP submission endpoint to send messages and have no access to the Omnivery user interface. If you intend to use the SMTP protocol to send emails, you will need to set up SMTP users. You can have as many users as you need.

Each SMTP user is identified by a username and password. We enforce a minimum password length of 8 characters with at least one capital letter and one special character. It's good practice to add a note describing the use of each credential for better tracking.

Please make sure you always use secure passwords, as SMTP credentials are more likely to be subject to brute-force attacks. We highly encourage you to use an API integration, as it provides a considerably higher level of security.

SMTP submission

SMTP submission is done via server smtp.omnivery.net. You will have to authenticate using your credentials first before the server will accept any submission. Complete documentation can be found here.

Our servers use RBL blocklists to prevent access from compromised IP addresses. In addition, failed attempts are logged, and repeated failed attempts may result in credentials and IPs being locked out.

API Keys

Regardless of what type of API integration you are using, the API key is required for authentication. Each API key created under credentials only allows you to send messages using the sending domain it belongs to.

To further secure the API key, its usage can be restricted to specific IP addresses. This can be done by clicking the lock icon and adding the allowed IPs or IP ranges to the list.

We strongly recommend securing your API keys by filtering the IPs that are allowed access. This may not be possible for cloud-based integrations where the IP addresses vary (Make, Zapier, etc.).

For practical purposes, the keys can be identified by a note describing the intended use of each individual API key.

Refer to the documentation for your integration on how and where the API key needs to be added.