skip to content

IT Help and Support

University Information Services

End users sending email

End users should use the email server specified by their email service to send outbound email. Typically, this will be Exchange Online and will have been configured when the email account was added to the user's email client.

Servers sending email from the UDN

UIS provides an outbound SMTP email relay to allow any host on the University Data Network (UDN), registered in DNS, to be able to send SMTP email. ( port 25)

If the volume of email from a computer is likely to be large – that is, peak rates of more than 60 messages per hour – you should contact us so that we can ensure that our rate limiting system doesn't interfere. For more information, see bulk email and rate limiting.

The maximum size of messages sent via is 100MB. Note that binary attachments must be encoded, which increases their size by 1/3, so the maximum size of un-encoded binary attachments is about 70MB.

Servers sending email from outside the UDN

UIS does not offer a service for servers and services outside the UDN to relay email.


SPF, DKIM and DMARC are a trio of technologies that aim to reduce the spoofing of email addresses. These are policies published via DNS TXT records that announce to the world which servers are to be considered authoritative for sending email from specified email domains.

Traditionally, SPF/DKIM/DMARC policies at Cambridge have been very liberal. This made setting up new systems and services easier, but it has also made it trivially easy for bad actors to spoof a Cambridge email address.

UIS' strategy is to tighten up the policies on email domains at Cambridge to reduce the amount of spoofed email. 

Domains are set up to reject email if it does not originate from our UIS central email system, Exchange Online or the SMTP relay service.

MMDs hosted on an institution's own mail servers

We strongly encourage institutional email administrators to set their SPF/DKIM/DMARC policies to the highest possible setting as soon as possible.

Sending email from cloud services

Services hosted in third-party clouds (such as Amazon Web Services (AWS), Google Cloud and Microsoft Azure) will often want to send email too. Owners of such services must ensure that the service sends from a separate domain to that in which users are based. For example: instead of setting your service to send as [service]@[institution] you must setup a new domain (such as [sender]@[service].[institution] and configure your service to send from that domain. You can then set the SPF/DKIM/DMARC policies for that new domain so that only that cloud service can send from it.