Skip to main content

How should IPs be whitelisted for SMTP relay and CIDR range usage?

Written by Joana Knobbe
Updated over a week ago

Keywords: Umbraco Cloud, whitelist, SMTP, CIDR.

When configuring IP whitelisting for SMTP relay or other services, it is essential to understand the best practices for using CIDR ranges and individual IPs. This guide provides an overview of IP whitelisting, specific considerations for Umbraco Cloud, and general best practices.

Overview of IP Whitelisting

IP whitelisting is a security measure that allows only specified IP addresses to access a service. For SMTP relay, this ensures that only authorized IPs can send emails through the relay. When using Umbraco Cloud, you should whitelist the outbound IP addresses associated with your project. If your plan supports static outbound IPs, enabling them will provide a stable set of IPs for whitelisting. It is recommended to whitelist the entire CIDR range provided for your project to cover all included IPs. Note that there is no separate IP used specifically for email traffic.

Using CIDR Ranges vs. Individual IPs

  • CIDR Ranges: If your third-party service supports whitelisting by CIDR range, use the range value. This approach simplifies configuration and ensures that all IPs within the range are covered.

  • Individual IPs: If the service does not accept CIDR ranges, you will need to whitelist each individual IP from the list provided. This ensures full connectivity but may require more effort to configure.

Specific Considerations for Umbraco Cloud

For users of Umbraco Cloud:

  • Whitelist the outbound IP addresses listed for your project.

  • Enable static outbound IPs if your plan supports them to ensure a stable set of IPs.

  • Use the CIDR range provided for your project whenever possible to simplify configuration.

Best Practices for IP Configuration

  1. Verify IP Requirements: Check the documentation of the third-party service to determine whether CIDR ranges or individual IPs are supported.

  2. Enable Static IPs: If available, enable static outbound IPs to avoid changes in IP addresses over time.

  3. Test Connectivity: After configuring the whitelist, test the connection to ensure that the service is accessible.

  4. Monitor Changes: Regularly review and update your whitelist to accommodate any changes in IP addresses or ranges.

By following these guidelines, you can ensure secure and reliable connectivity for your SMTP relay and other services.

Did this answer your question?