Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

You can use with individual domains. However, there are a few points you need to keep in mind, so please read this article carefully.

Note the following requirements:

  • You still need a normal account with your e-mail address.
  • If you registered your own domain somewhere in such a way that it belongs to you, you can view the MX records in the DNS data of your domain on 
  • In addition, you need to store a security key in the DNS data so that we know that the domain belongs to you. We will explain the details in a moment.
  • Once this has been done, you can create other e-mail addresses as aliases for your account. You continue to log in using your usual e-mail address; however, this account now receives e-mails with the created e-mail addresses of your own domain and you can select the created aliases as the sender when sending e-mails.
  • All accounts have their own, individual security key. This makes it possible to associate external domains to several accounts, if desired, simply by adding their different security keys to the DNS configuration.
  • It is not possible to use our enforced TLS sending (‘’) with your own domains.
  • It is possible to use an address from an external domain as your main account.

Step 1: The security key

Log in to your Office and go to Settings in the settings area. The ‘Add external addresses’ option is available under ‘E-mail Aliases’. Enter the desired e-mail address.

Our system then checks the DNS data to see whether this domain already contains the security key. If everything is OK, the alias will be created and can be used instantly. You can then proceed to step 2 of these instructions.

If there is no DNS security key, for example, because this is the first time you are registering an e-mail address of a domain with us, the system presents you with a DNS entry. To set the DNS security key you have to set the TXT record of this your domain (or any sub-domain). Once you have updated this entry, you can try to register your e-mail address again.

The figure below shows an example:

  1. Create a TXT record named “”.
  2. Then set the value of the TXT record to “c9652...xxxx....115a7”.

Note: Due to the DNS cache times, it may take several hours before a newly created security key is visible on our systems!

own domian and securitiy keys

Step 2: Set the correct MX records

When our system finds the security key in the DNS, you can register e-mail addresses as aliases under this domain. Once you have done this and no errors have occurred, you can change your domain’s MX records so that they appear on the mail relays. Set the following MX records in the DNS: IN MX 10 IN MX 10 IN MX 20

Replace ‘’ with your own domain.

Note: As soon as your MX records appear on our server, we will receive all of your domain’s e-mails. If the target mailboxes were not set as aliases on our end, our system will reject the e-mails with a failure notification (‘User unknown’)! For this reason, always create mailboxes first and then change the corresponding MX records!

Step 3: Howto set the SPF records

SPF records should be configured in the DNS zone of your web domain. All you need to do is create an “include” statement for the SPF entries of Add a TXT or SPF record for your domain with the following content:


As a result, your current configuration will inherit the SPF settings of That means the IP addresses of our outgoing mail systems (which are used for sending your e-mails) will be passed on automatically. If you use more than one server for sending e-mails, you should extend the statement above to include their IP networks as well.

Please note that we cannot offer any further support for individual SPF setups. Also note that we tend to frown upon the use of “-all” in SPF records, when used for ordinary web domains. This is the reason, why our SPF records are set to "~all".  For details on this particular issue, please consult this talk about SPF/DKIM by the Heinlein Support GmbH.

Can I use DKIM?

In order to enable DKIM for your embedded domain, you just need to add the following public keys as records to your DNS server.

If your provider offers a web frontend:

Code Block
Subdomain: MBO0001._domainkey
Ressource Record: TXT
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2K4PavXoNY8eGK2u61LIQlOHS8f5sWsCK5b+HMOfo0M+aNHwfqlVdzi/IwmYnuDKuXYuCllrgnxZ4fG4yVaux58v9grVsFHdzdjPlAQfp5rkiETYpCMZwgsmdseJ4CoZaosPHLjPumFE/Ua2WAQQljnunsM9TONM9L6KxrO9t5IISD1XtJb0bq1lVI/e72k3mnPd/q77qzhTDmwN4TSNJZN8sxzUJx9HNSMRRoEIHSDLTIJUK+Up8IeCx0B7CiOzG5w/cHyZ3AM5V8lkqBaTDK46AwTkTVGJf59QxUZArG3FEH5vy9HzDmy0tGG+053/x4RqkhqMg5/ClDm+lpZqWwIDAQAB

If this fails to work, please substitute all in the string above beginning with p=MIIBI.... with the strings below, including the ".

If you need to write it as a bind configuration:

Code Block
MBO0001._domainkey IN TXT ( "v=DKIM1; k=rsa; "
  "ZqWwIDAQAB" )

In addition to that, we offer a backup key. Please also add this to your configuration.

Web frontend:

Code Block
Subdomain: MBO0002._domainkey
Ressource Record: TXT
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxEKIg2c48ecfmy/+rj35sBOhdfIYGNDCMeHy0b36DX6MNtS7zA/VDR2q5ubtHzraL5uUGas8kb/33wtrWFYxierLRXy12qj8ItdYCRugu9tXTByEED05WdBtRzJmrb8YBMfeK0E0K3wwoWfhIk/wzKbjMkbqYBOTYLlIcVGQWzOfN7/n3n+VChfu6sGFK3k2qrJNnw22iFy4C8Ks7j77+tCpm0PoUwA2hOdLrRw3ldx2E9PH0GVwIMJRgekY6cS7DrbHrj/AeGlwfwwCSi9T23mYvc79nVrh2+82ZqmkpZSTD2qq+ukOkyjdRuUPck6e2b+x141Nzd81dIZVfOEiwIDAQAB


Code Block
MBO0002._domainkey IN TXT ( "v=DKIM1; k=rsa; "
  "OEiwIDAQAB" )

Optional: DMARC

DMARC specifies how receiving servers verify e-mails send from your domain using our servers.

A DMARC-Entry can look like this:

Record-Type: TXT 
TTL: 400
Text/Data: v=DMARC1;p=none;;

Important options are:

rufforensic report will be send to:
ruaaggregated report will be send to:
phow to handle e-mails of main domain

Please note that if the options are set too strict your e-mails may be rejected by the receiving server. Sometimes forwardings can also break a DKIM signature.

If you want to give DMARC a try we recommend to use our example above and check the incoming reports before you further adjust your settings.

Optional: How to enable auto-configuration in e-mail clients

If you would like to use the auto-configuration assistants offered by e-mail clients like Thunderbird or KMail, then you can do so by referring to an autoconfig XML file that is available on our web server. The easiest way to get this done is to add a reference in two particular DNS records for your domain name. These are the CNAME and the SRV records.

Set the following CNAME record to enable automatic e-mail configuration:

Code Block
autoconfig IN CNAME

Set the following SRV record to enable automatic e-mail configuration:

Code Block
_autodiscover._tcp IN SRV 0 0 443

Alternatively, you can upload an XML file that contains the required autoconfig data to your own web server. Please note the required location and naming conventions:

We have a template for this XML file, which you can simply obtain by opening it with a browser or using either this command:

Code Block
curl -o config-v1.1.xml 

or that one:

Code Block

All you need to do is insert the corresponding entries for <domain>, <displayName> and <displayShortName>. Please see the example below:

Code Block
<clientConfig version="1.1">
  <emailProvider id="">
     <displayName>  Mailserver (Beschreibung)</displayName> 
     <displayShortName>EGCOM (Kürzel, z.B. Initialen)</displayShortName>

     <incomingServer type="imap">

Further Questions – Help and FAQ

I do not have a domain. Can I register one on

No. is intended for anonymous use. Since we would need your address data for a domain registration, this would be in conflict with our “anonymous use” policy. In addition, works as a prepaid system, and if we were to register domains, the risk would be too great that complications would arise and we would have to delete them at some stage.

Can I take advantage of this offer with domains from other providers?

No. Changing the DNS MX records means that all e-mail traffic runs exclusively through It is not possible to redirect individual e-mail addresses to us. However, you could still use the option to have e-mail addresses from other providers as senders.

I don’t know what the DNS is. What should I change and where and how?

This option requires a certain amount of technical expertise regarding how domains work which includes knowing what DNS is. If you have purchased your own domain, you will probably have done that through a specific provider (registrar). Contact your registrar for help with setting up your DNS for

Can help me solve problems with DNS setup for my own domain?

No. Please contact the provider that you purchased your domain at.

What can I do if I no longer want to run my own domain on

You can switch at any time. Change your domain’s MX records to the desired new provider and don’t forget to delete the created aliases from your account.

Can I use catch-all addresses with my own domain with

Yes, that's possible. Have a look at the article using catch-all alias with your own domain.

Is there a limit to the number of e-mail addresses?

Yes. As far as is concerned, the aliases created under your own domain are normal aliases. The possible number varies depending on the package. Please refer to our table of packages. If you create additional aliases, it may be necessary to switch to a better mail package when your permitted aliases are no longer sufficient.

NOTE: Aliases for username postmaster@, abuse@, hostmaster@ and webmaster@ are not counted and is for free.

Can I remain anonymous while using my own domain name?

Yes. While in principle, a domain name will always allow others to retrieve related ownership information using a registrar website or other whois-database, there is a way to remain anonymous by hiding this information behind a “whois-proxy server”.

Many ordinary domain providers in Germany are offering this kind of service to customers. For instance, the company “CPS Datensysteme” has proxies covering more than 200 different top-level domains:

Internationally, there are a number of reliable (!) providers that allow anonymous domain registration:

Can I use this for my organisation/business?

Yes and No. has been designed for use by freelancers or small businesses. If there are several people who want to use email accounts with the same domain name, each of them will need their own account. For each of these accounts a security key needs to be added to your DNS entries. Unfortunately shared calendars and address books cannot yet be used in such configurations.

Content by Label
cqllabel in ("external","adress","domain","e-mail") and type = "page" and space = "MBOKBEN"
labelsexternal e-mail adress domain

Page properties

Verwandte Vorgänge