skip to content

IT Help and Support

University Information Services

This is one of two pages discussing different ways to configure a computer to send email from the CUDN without encountering problems. They discuss the choice of outgoing SMTP server, and some implications of our security policies. They are concerned only with outgoing mail (SMTP) settings and not with incoming mail (IMAP or POP).

Other cases

The sections on the other page cover email sent manually by individual users. It is also common for email to be sent in a way which is not manual, or which is not associated with a particular individual. This includes:

  • Email from college or department email servers which provide service to many people;
  • Email sent from a form on a web server, or some other multi-user application;
  • Email from networked photocopiers, scanners, printers etc.;
  • Email sent by automated jobs, such from the "cron" program on Unix.

Some examples from UIS's own systems include email from the help-desk ticket system and from nightly maintenance jobs on many of our computers.

In all these cases, email should be sent via the smart host port 25, without TLS or authentication, unless arrangements have been made to send directly to the public Internet.

If you have a device which requires an IP address to send email to, or which cannot use the DNS correctly, you can use This IP address behaves the same as, but it is static whereas's IP addresses change. Please do not use this IP address unless absolutely necessary - use if possible.

If the volume of email from a computer is likely to be large - peak rates of more than 60 messages per hour - you should contact us so that we can ensure that our rate limiting system doesn't interfere. For more information, see bulk email and rate limiting.

Restrictions on sending email

All devices on the CUDN wishing to send mail via PPSW must be registered in DNS.

Although we don't restrict your choice of email address, the central email systems are quite strict about it being technically correct. This is to ensure that if there is an error it is detected as soon as possible, and that if a message cannot be delivered its sender gets a failure report. Furthermore, we require that email domains within Cambridge are registered in the DNS with an MX record; a host name may not be used in an email address (see Managed mail domains). We are happy to provide advice on configuring your software to work with these rules.

The maximum size of messages sent via is 100MB. Note that binary attachments must be encoded which increases their size by 1/3, so the maximum size of un-encoded binary attachments is about 70MB.

The CUDN routers block port 25, which is the port used to send email between organizations across the Internet. This means that computers on the CUDN cannot send email directly to computers outside the University, but must instead send it via a message submission server (SMTP server) or smart host as described in the preceding sections. This block helps us to ensure that email from the University is of a reasonably good quality, from the point of view of conformance to technical standards. In particular, it makes it considerably harder for insecure computers on the CUDN to be exploited to send spam or viruses.

There is also a mechanism to limit the rate of outgoing email in order to protect the central email systems against the consequences of spews of junk email sent through Although this mechanism should not affect normal email, it may affect bulk email, so you should contact us if you need to send a lot of email. We will be happy to adjust the limits to accommodate your requirements. There is more information about the rate limiting system.

Finally, the central email systems filter outgoing email for viruses and other potential security problems. This includes certain file types that may include executable code. You can avoid the file type restrictions by zipping files before sending them as email attachments; this also reduces the size of the message. The scanner is documented at the central email scanner.


Institutions that wish to impose their own restrictions on sending and receiving email should configure their firewalls as follows:

  • Allow connections to and from (and  2001:630:212:8::e:0/112 if you use IPv6) which are the address ranges used by the central email systems.
  • Allow outgoing connections to anywhere on ports 110, 143, 465, 587, 993, 995 which are used by roaming MUAs.
  • Do not use host names to configure any blocks, since this causes problems when the DNS changes.

Beware of firewalls built in to anti-virus software which can interfere with sending email.

UIS Service Desk

Phone padded  Service status line: (01223 7)67999
Website  Sign up for SMS/email status alerts
Website  Read major IT incident reports

UIS bITe-size bulletin

A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >

Latest news

Jackdaw upgrade on Monday 18 July – other systems will not get updated user data

5 July 2022

Jackdaw, the University’s user information database, will be taken offline between 09:00 and 18:00 on Monday 18 July. Systems taking data from Jackdaw will not receive updates while the upgrade is happening.

Apps Anywhere (Citrix) virtual desktop service closing in September

29 June 2022

As part of our review of managed desktop provision, UIS has decided not to continue providing its Citrix-based 'Apps Anywhere' virtual desktop service. The University’s needs have changed significantly since we purchased Citrix licences 3 years ago. Widespread adoption of laptops and collaboration tools such as Microsoft...

UDN border router upgrades and IPS config changes coming in July

24 June 2022

What's happening The primary router connecting the University Data Network (UDN) to Janet will be replaced with new equipment on Tuesday, 12 July from 07:30. If we encounter problems that can’t be resolved by 08:30, we will back out the replacement and revert to the previous router. In this scenario, we will try again on...