On-premise Optemail Installation, Configuration and Options Guide

  • On your dedicated Optemail server, double-click the downloaded “OptEmail-setup.exe” file to begin the installation of Optemail.


  • If prompted by User Account Control, click YES to allow the Optemail installer to make changes to your server.




  • Select your language from the dropdown and click OK.



  • Click NEXT to continue with the install.



  • Review and accept the license agreement click NEXT to continue.




  • Hit NEXT to accept the default installation location.



  • Hit NEXT again to accept the default Start Menu folder.



  • Click NEXT to create a desktop icon.


  • Hit INSTALL to initiate the installation.



  • The Optemail install will take a few minutes to complete.



  • When the installation is complete, click FINISH.



Optemail Configuration

  • When the installation completes, the Advanced configuration window should automatically appear.



  • Enter the Fully Qualified Domain Name (FQDN) you want your server to identify itself as during SMTP requests. Enter the FQDN of your Internal Mail Server.
  • If you need to route your email to another email relay server after it has been optimized, check the Enable box under Outbound Mail Server and enter the FQDN or IP address of the server. Some examples of Outbound Relay Servers include Encryption Servers, DLP Servers, Antivirus Services and SPAM Filtering Services. These can be internal or external to your organization.
  • Next, you must configure your list of internal domain. Click Configure Internal Domains.


  • Enter all your internal email domains your Optemail server will be handling. For example, if you are using Microsoft Exchange for internal email services, you would enter all the “Accepted Domains” you have listed on your Exchange server. Optemail will identify these domains as internal and route mail destined to these domains to your internal mail server after they have been optimized. Click OK when you are done.


  • Next, you’ll need to Configure Relay Permissions. This list must include the FQDNs or IP addresses of your internal Exchange servers. Click Configure Relay Permissions to make your modifications.
  • The first item in the list will correspond to your Internal Mail Server entry from step #4. Should you have additional Internal Mail Servers, add them to this list to allow them to relay through your Optemail server.

When configured to route SMTP mail to Optemail, local scanners can also have files optimized. Simply, modify your scanners’ SMTP settings to point to your Optemail server and add your scanners’ IP addresses to this list.

You can add any internal 3rd party relay devices or services that need to utilize SMTP.

Click OK when you are done. 



  • After configuring your internal domains and relay permissions, you’ll need to enter your license key. Click Change Optemail Key and enter the key provided to you by Optemail. A simple copy and paste is all you need. Click OK when done entering your license key.





  • Click OK (or NEXT) to save your configuration. (We’ll come back to the Security/DKIM button in a moment.)
  • After hitting OK, you should be prompted to setup your Optemail Reporting Options. Enter your desired email address and adjust the frequency of the reports to your liking.




Optemail Options

Once the initial Optemail configuration is complete, the Optemail Viewer window should appear. This is your main Optemail interface. From here you can view email attachments as they are being optimized, and gain access to your Optemail configuration and report options. You can also restart Optemail from here, as well as bypass email optimization if needed. You can access the Optemail viewer any time; just locate the shortcut on your desktop created during the installation and click away.





  • To access your Advanced Configuration Options, click the Advanced button. 
  • From here, you can go back and modify all the Optemail settings you made during installation. Clicking OK commits your changes and restarts all Optemail processes.

Optemail gives you the option to configure an additional layer of security through DKIM (DomainKeys Identified Mail). This helps your organization to protect itself against spoofing and helps to ensure your messages reach your intended recipients. This is an OPTIONAL feature and requires further configuration outside the scope of Optemail. When you click the Security/DKIM button, a new window will appear with your RSA key along with the option to Enable DKIM Signing. It is important that you follow the instructions listed to modify your External DNS records before you enable DKIM signing in Optemail. Click DONE when everything is in order.




Important Considerations


Firewall – Many firewall configurations include Access Control Lists (ACLs) that allow inbound SMTP traffic to your internal mail server(s) from the outside world. These mail servers’ internal IP addresses are likely statically mapped to external public IP address and allow port 25 access from the outside world. It is required that you do the same for your new Optemail server(s). Also an important NOTE: Some firewalls such as Cisco firewalls/routers, implement ESMTP Inspection by default. ESMTP Inspection could prevent successful TLS communication and actually inhibit secure communication. We recommend you turn off ESMTP Inspection.


3 rd Party Hosted Services – If you employ a 3rd Party Hosted Service such as SPAM filtering or Antivirus services, we recommend you change your service to route your mail to your Optemail server instead of your existing internal mail server so inbound messages can be optimized before hitting your mail server(s).


MX Records – If you are using your Optemail server as the first recipient in the email chain, you will need to modify your MX records to point to your Optemail server. The outside world locates your mail server via MX & A Record lookups. Your MX Record, which previously pointed directly to your mail server, will point to your Optemail server instead. For example, you may have an A Record of mail.yourdomain.com that points to your internal mail server, and an MX Record that in turn points to mail.yourdomain.com. You would simply change the A Record that points to your internal mail server to point to your new Optemail server’s external IP address. Per above, additional firewall configuration is required to allow SMTP traffic to your Optemail server.


SPF Records – If you are utilizing Optemail for Outbound optimization, we recommend you create or modify your DNS SPF records to include your Optemail server IP(s) as an added layer of protection, and to help ensure your messages reach your intended audience.


TLS – Optemail always uses Opportunistic TLS when routing your inbound and outbound email. We recommend you enable Opportunistic TLS where available on your resources to ensure a secure route whenever possible.


Receive Connectors (Inbound Mail Gateways, Smart Hosts, etc) – Since all inbound mail is first routed to your Optemail server for optimization, then routed to your Internal Mail Server, you must configure your Internal Mail Server to explicitly receive email from your Optemail server. In most cases, you can just create a new receive connector on your Internal Mail Server with the IP address of your Optemail server listed as an eligible remote server. Here you can also likely enable options for TLS as mentioned above.


Send Connectors (Outbound Mail Gateways, Smart Hosts, etc) – Optemail can also be used for outbound message optimization. In order to utilize this functionality, you must configure your Internal Mail Server to route all your outbound email to your Optemail server via a new or existing send connector. This send connector would be set up (usually with a wildcard *) to route ALL mail to your designated Optemail server IP where your messages will be optimized, and routed to out to the outside world.


Review Your Message Headers – During your testing phase, and from time to time thereafter, we recommend you take a look at your email message headers to ensure they are routing your mail properly, and to confirm TLS, SPF and DKIM are utilized properly.

Neuxpower logo
Neuxpower Support Article Logo

Have more questions? Submit a request