Getting Started

Welcome to ImprovMX!
Aliases
Catchall & Wildcard Aliases
Null Alias Destination
Redirecting to Multiple Destinations
Regexes in Aliases
Rules Routing
Testing Your Aliases
Viewing MX & SPF records
Webhooks
API Reference

Email Deliverability

Email Logs
Error Codes
Gmail Filters to Prevent Emails Marked As Spam
Soft & Hard bounces
Spamhaus / SpamCop Filtering
Testing Gmail Forwarding

DNS Setup Guides

Amazon Route53
Bluehost
Cloudflare
Combining SPF Records
DigitalOcean
GSuite Legacy Setup
Generic DNS Configuration
Gmail's "send mail as"
GoDaddy
Google Workspace Split Delivery
Hostgator
Hostinger
Microsoft 365 Split Delivery
Namecheap
Netlify
Porkbun
Squarespace
Vercel
White Labeling MX Records
Zoho Mail Split Delivery

Your Account

Account Access Logs
Billing Email Address
Delete My ImprovMX Account
Enabling/Disabling Password & 2FA
Log configuration
Moving Domains Across Accounts
Moving Domains Across ImprovMX Accounts
Strict MX Verification Setting
Updating credit card/payment details

SMTP

Introduction to ImprovMX SMTP
Create SMTP Credentials
Adding DKIM and DMARC Records
Apple Mail (MacOS) SMTP
Apple Mail (iOS) SMTP
Gmail SMTP
Microsoft Outlook Incompatibility
Mozilla Thunderbird SMTP

Glossary

IMAP (Internet Message Access Protocol)
MX Records
POP3 (Post Office Protocol v3)
SMTP (Simple Mail Transfer Protocol)

Limits

API Rate Limits
Allowed Attachments
Sending/Receiving Limits
Supported SMTP Ciphers
Using Free Domains on ImprovMX

Competitors

ImprovMX vs. addy.io
ImprovMX vs. Cloudflare
ImprovMX vs. Fastmail
ImprovMX vs. ForwardEmail
ImprovMX vs. ForwardMX
ImprovMX vs. Google Workspace
ImprovMX vs. GoDaddy
ImprovMX vs. Mailgun
ImprovMX vs. Mailchimp
ImprovMX vs. Namecheap
ImprovMX vs. Postmark
ImprovMX vs. ProtonMail
ImprovMX vs. Purelymail
ImprovMX vs. Resend
ImprovMX vs. Sendgrid
ImprovMX vs. SimpleLogin
ImprovMX vs. SMTP2GO
ImprovMX vs. Squarespace
ImprovMX vs. Zoho

Are you SOC 2 or ISO 27001 compliant?

Why we invest in real security instead of compliance certificates.

No, ImprovMX is not SOC 2 or ISO 27001 certified — and that's a deliberate choice (for now).

Compliance certifications like SOC 2 and ISO 27001 are often treated as proof of security. In practice, they're expensive audits that verify you have processes documented, not that those processes actually keep you safe. Companies with these certifications still suffer breaches, and the certifiers themselves can be fraudulent.

What we do instead

Rather than spending money and effort on compliance paperwork, we invest directly in measures that actually protect your data:

  • Annual penetration testing — independent security professionals thoroughly assess our infrastructure, APIs, and email pipeline every year.
  • AI-driven security testing — continuous automated probing for new classes of vulnerabilities.
  • Defense in depth — layered security across network, email validation (SPF/DKIM/DMARC), data handling, access control, and encryption.
  • Round-trip monitoring — we verify email delivery to Gmail, Outlook, Yahoo, and iCloud around the clock.
  • Postmortem transparency — when incidents occur, we publish honest postmortems on our blog.

For the full details on our approach, see our Security & Reliability page.