Cloud Platform provides the Platform Email service as a robust transactional email sending solution. This service is an advancement to the existing email service, which has certain limitations causing email outages and maintenance overhead. The Platform Email service overcomes those limitations by leveraging the capabilities of Amazon Simple Email Service (Amazon SES). This service provides credibility to emails, prevents email spoofing, and enhances the deliverability of emails by implementing DMARC on the SPF and DKIM sender authentication frameworks. This service is FedRAMP, ISO, and PCI compliant. For highly-targeted reputation management, enhanced security, and better deliverability, this service requires you to register a specific domain with proof of ownership.
For FedRAMP customers, enabling DMARC is a requirement to maintain FedRAMP Authorization (SI-8). Platform Email supports this requirement by integrating DMARC policies, ensuring secure and compliant email communication.
Use of the acquia-sites.com domain to send email through the native Drupal configuration on Cloud Platform does not provide adherence to the DMARC policy in compliance with FedRAMP requirements. Instead, you can configure the Platform Email service to send emails, as this ensures that messages are sent from a domain with properly configured SPF, DKIM, and DMARC records, maintaining compliance with FedRAMP SI-8 requirements.
To implement DMARC with quarantine or reject policies, you must utilize the Platform Email service and configure your domain's DMARC policy to reject.
The Platform Email service offers the following enhancements over the existing email service:
Enhanced security It provides enhanced security through email authentication standards, such as Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC). For an email sending solution, these standards are crucial as they provide credibility to emails, prevent email spoofing, and enhance the deliverability of emails.
Improved email reputation It has enhanced controls to protect the shared email reputation. Acquia monitors bounce rate and complaints and block them whenever necessary. This ensures that the overall reputation is maintained. Spam emails or other forms of email abuse from a customer cannot cause an outage for other customers.
Encryption It supports end-to-end encryption of emails.
Robustness It is highly robust and secure because its usage is not shared.
Before you begin
Cloud Platform supports limited outgoing emails, such as Drupal registration confirmation emails and node subscription emails, in accordance with the Acceptable Use Policy. Therefore, you cannot use it to send mass emails such as marketing messages or newsletters. The Platform Email service also does not support email attachments.
For sending mass emails, you must instead use external email services or applications with a specified service level for email. For more information, see Using a third-party email service.
The Platform Email service is provided as a courtesy and has no uptime or service level agreements associated with it.
Process flow
The following diagram depicts the high-level process flow of the Platform Email service:
The following table describes the steps mentioned in the diagram:
Step
Description
1
Customer’s user with appropriate role or permissions configures an email sending domain through the Platform Email page in the Cloud Platform user interface. Alternatively, the user can leverage Acquia CLI.
2
The Platform Email page displays the SPF, DKIM, and TXT records (DNS records) for the domain. It also shows a notification that the user must add the DNS records to the customer’s DNS provider for verification of domain ownership.
3
The user copies the DNS records from the Platform Email page.
4
The user adds the DNS records to the customer’s DNS provider.
5
The Platform Email service attempts to verify the DNS records with the DNS provider at regular intervals. Depending on the verification result, Platform Email updates the domain status.
Emails are sent from the Drupal website to recipients through Amazon SES.
Did not find what you were looking for?
If this content did not answer your questions, try searching or contacting our support team for further assistance.
Managing emails with Platform Email
Overview
Cloud Platform provides the Platform Email service as a robust transactional email sending solution. This service is an advancement to the existing email service, which has certain limitations causing email outages and maintenance overhead. The Platform Email service overcomes those limitations by leveraging the capabilities of Amazon Simple Email Service (Amazon SES). This service provides credibility to emails, prevents email spoofing, and enhances the deliverability of emails by implementing DMARC on the SPF and DKIM sender authentication frameworks. This service is FedRAMP, ISO, and PCI compliant. For highly-targeted reputation management, enhanced security, and better deliverability, this service requires you to register a specific domain with proof of ownership.
For FedRAMP customers, enabling DMARC is a requirement to maintain FedRAMP Authorization (SI-8). Platform Email supports this requirement by integrating DMARC policies, ensuring secure and compliant email communication.
Use of the acquia-sites.com domain to send email through the native Drupal configuration on Cloud Platform does not provide adherence to the DMARC policy in compliance with FedRAMP requirements. Instead, you can configure the Platform Email service to send emails, as this ensures that messages are sent from a domain with properly configured SPF, DKIM, and DMARC records, maintaining compliance with FedRAMP SI-8 requirements.
To implement DMARC with quarantine or reject policies, you must utilize the Platform Email service and configure your domain's DMARC policy to reject.
The Platform Email service offers the following enhancements over the existing email service:
Enhanced security It provides enhanced security through email authentication standards, such as Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC). For an email sending solution, these standards are crucial as they provide credibility to emails, prevent email spoofing, and enhance the deliverability of emails.
Improved email reputation It has enhanced controls to protect the shared email reputation. Acquia monitors bounce rate and complaints and block them whenever necessary. This ensures that the overall reputation is maintained. Spam emails or other forms of email abuse from a customer cannot cause an outage for other customers.
Encryption It supports end-to-end encryption of emails.
Robustness It is highly robust and secure because its usage is not shared.
Before you begin
Cloud Platform supports limited outgoing emails, such as Drupal registration confirmation emails and node subscription emails, in accordance with the Acceptable Use Policy. Therefore, you cannot use it to send mass emails such as marketing messages or newsletters. The Platform Email service also does not support email attachments.
For sending mass emails, you must instead use external email services or applications with a specified service level for email. For more information, see Using a third-party email service.
The Platform Email service is provided as a courtesy and has no uptime or service level agreements associated with it.
Process flow
The following diagram depicts the high-level process flow of the Platform Email service:
The following table describes the steps mentioned in the diagram:
Step
Description
1
Customer’s user with appropriate role or permissions configures an email sending domain through the Platform Email page in the Cloud Platform user interface. Alternatively, the user can leverage Acquia CLI.
2
The Platform Email page displays the SPF, DKIM, and TXT records (DNS records) for the domain. It also shows a notification that the user must add the DNS records to the customer’s DNS provider for verification of domain ownership.
3
The user copies the DNS records from the Platform Email page.
4
The user adds the DNS records to the customer’s DNS provider.
5
The Platform Email service attempts to verify the DNS records with the DNS provider at regular intervals. Depending on the verification result, Platform Email updates the domain status.
Cloud Platform