MailerSend
Blog

IP allowlisting is your key to more secure email sending

Amy Elliott Amy Elliott
· 5 min read · Tips and resources · December 13th, 2022
Phishing attacks are among the most damaging threats to businesses. Check out how MailerSend’s IP allowlist helps thwart malicious attacks and protect your sending reputation.

At MailerSend, we take security seriously. In addition to building a robust sending infrastructure based on the latest and greatest security protocols, we’re committed to bringing you the features that will allow you to take your account security into your own hands. 

With the release of our IP allowlist feature, you can now easily restrict the IPs that can access and send emails from your account. Let’s jump right in and get to know IP allowlisting, and how you can set it up in minutes from the MailerSend app.

What is IP allowlisting?

IP allowlisting is a measure you can use to ensure no other server has unauthorized access to your account. Sometimes known as IP whitelisting, it’s a straightforward yet reliable way to make your online accounts and activity more secure. All it involves is adding approved IP addresses or an IP address range to your allowlist.

Doing so will mean that only the IPs added to the allowlist will be able to access and use your account and other features of the service. For example, with MailerSend, this would be your API and SMTP credentials. Even if your account is compromised by a malicious actor with access to your username and password, they won’t be able to send emails from your account because their IP won’t be present on your allowlist.

Remember: User access levels should be restricted so that only specific accounts can edit the IP allowlist. If all users have access and an attacker is able to obtain anyone's credentials, they will be able to edit the IP allowlist and use your account.

Ready to make your account more secure?

Add your IPs to the allowlist now, it only takes a minute!

Set up the IP allowlist

How does IP allowlisting work?

Let’s take a look at a scenario that shows how IP allowlisting could save the day when it comes to your MailerSend account.

Bob makes a boo-boo

It’s just any old, regular work day—or so it seems. Bob is about to leave the office when he receives an urgent email from MailerSend—it would appear that his account credentials were used to log in on an unknown device. Could he follow the link in the email and log in to verify the activity?

Bob clicks on the link and enters his credentials but nothing happens. Strange. He types the MailerSend dashboard URL in the address bar, and when all appears OK, Bob shrugs his shoulders and heads out for the day.

While Bob enjoys his dinner and family time at home, the hacker that sent him the email is attempting to use Bob’s credentials—that he entered in the fake interface—to log in to his MailerSend account and begin a full-scale email phishing attack.

But there’s one problem for the hacker. Bob’s company has set up IP allowlisting, only allowing specific IP addresses to access their API and SMTP credentials and to send emails. Since the hacker has a different IP address from those that are approved, he can’t send a thing. Bob’s company quickly realizes what has happened, changes all account credentials, and asks staff members to brush up on their cyber security knowledge and enable 2FA.

This story has a happy ending. Bob learned a few things about cyber security and any serious damage was prevented by the IP allowlist. It could have been a very different story, however, if Bob’s company never used the feature.

The hacker could have gained full access to the account and started sending thousands of emails. They could have gained access to people’s sensitive information, account details and even credit card details. The cost of damages to the company could have ended up in the millions of dollars.

And that’s how this super simple feature that takes minutes to set up can help secure your business’ email. Even if a malicious actor gains access to the account, the IP allowlist will prevent them from being able to use it. Let Bob's boo-boo be a lesson to us all. 😉

The benefits of IP allowlisting

We’re only human! IP allowlisting puts a safeguard in place when human errors happen. While it shouldn’t be used as the be-all and end-all of your account security, the IP allowlist will:

1. Prevent unauthorized access to your API and SMTP credentials.

2. Give you greater control over the security of your account.

3. Allow for secure remote access for users and servers.

4. Protect your sender reputation from attackers’ spammy sending practices.

5. Protect your business reputation by stopping attackers from sending out unsolicited emails under your company’s name and domain.

6. Help you avoid any legal or financial penalties as a result of the potential damage.

Who is IP allowlisting for?

If you want to protect your business and your sender reputation from the ramifications of a security breach (who doesn’t?) then IP allowlisting is for you. In MailerSend, all Premium accounts have access to our IP allowlist feature and we recommend that everyone makes use of it to boost their account’s security. 

Unfortunately, security breaches can and do happen. So why not make use of the features on offer to ensure that your account is as secure as possible? Not to mention it’s super easy and quick to add an IP address to the allowlist. There’s really no excuse!

Secure your account now

What are you waiting for? Add your IPs to the allowlist to instantly make your account more secure.

Set up the IP allowlist

What about static vs. dynamic IPs?

When you add IP addresses to your allowlist, the IPs being used must be static. If your server’s hosting provider has a dynamic IP, this could result in your server not being allowed to send emails, as when the IP address changes, it won’t match up with the IPs on the allowlist.

It’s important to remember that the IP addresses that will be making the API and SMTP requests will belong to your local testing environment or hosting provider on production. You’ll want to make sure that these are static IP addresses—your hosting provider may have dynamic IPs, so keep this in mind.

Alternatively, ask your hosting provider for the list of their dynamic IPs so you add them all.

How to add IPs to your allowlist in MailerSend

We want all of our users to have the most secure experience possible, and it couldn’t be easier to add an IP address to your allowlist. Got your authorized IPs at the ready? This only takes a minute! 

1. From the MailerSend dashboard, go to Settings and select the IP allowlist tab

2. Click Add IP address and go ahead and give your allowed IP a recognizable name. 

3. Enter your IP address manually or click Add current IP and click Save

And that’s it! In just a few clicks you’ve secured your account from unauthorized use. 

Note: Remember if you don’t add any IP address to the allowlist, there will be no restrictions. All IP addresses will be allowed access. If you add one or more IP addresses, only those IP addresses on the allowlist will be given access.

For more information, check out our knowledge base article on how to whitelist IPs.

Remember, there are no excuses when it comes to security

Prevention is always the best medicine. The few minutes it takes to identify which IP addresses you want to allow and add them to your IP allowlist will be well worth it if your account becomes compromised. The time, effort and money it can take to fix such attacks can be devastating to a business, so do yourself a favor and set up IP allowlisting!

Do you have any other security tips for protecting your transactional messaging? Let us know in the comments.

Amy Elliott
I’m Amy, Content Writer at MailerSend. As a child, I dreamt about writing a book and practiced by tearing pages from an A4 notepad and binding them with sugar paper. The book is pending but in the meantime, I love taking a deep dive into technical topics and sharing insights on email metrics and deliverability.