Route outgoing SMTP relay messages through Google

Organization-wide limits

The number of recipients your organization’s account can send to is based on your overall sending practices. The maximum number of non-unique email recipients allowed per organization are:

• 4.6 million in a 24-hour period 
• 319,444 per 10-minute window  

If you exceed the limits, your users might get an error when they try to send a message.

Depending on your email sending practices, we might reduce the recipient address limit for your Google Workspace account. If the number of recipients is limited, the address maps for the account might also be limited. We recommend following best practices for sending mail to Gmail users. For more information, visit:

• Redirect incoming messages with address maps
• Prevent mail to Gmail users from being blocked or sent to spam

User and message limits

If a user exceeds a limit, they get an error when they try to send a message. For more information, visit SMTP relay service error messages.

• Each user can send up to 10,000 messages in a 24-hour period. However, this limit might be lower if your Google Workspace account is still in a trial period. To learn more about account limits, go to Gmail sending limits in Google Workspace.
• A Google Workspace user can't send messages to more than 10,000 unique recipients in a 24-hour period. 
• There is a 100-recipient limit per SMTP transaction for smtp-relay.gmail.com. Exceeding this limit results in an error message. To send messages to additional recipients, start another transaction (new SMTP connection or RSET command).  
• Message count is based on the sender address used in the SMTP relay transaction. If the envelope sender is not a user registered with your Google Workspace account, the per-user limits don't apply. Addresses in the From: and Reply-to: fields are ignored.
• The SMTP relay service does not support multiple envelope recipients (RCPT TO) when using a null envelope sender (MAIL FROM: <>).

Trial accounts limits

Limits are lower for trial accounts. To increase the SMTP relay limits for a trial account, you must pay a Google-generated bill. Increasing relay limits is different from increasing Gmail limits, which can be done by ending your trial.

Per-user recipient and per-account limits

The per-user recipient limits are for unique recipients. Per-account limits are for total recipients. For example, when a user relays 1,000 messages to Recipient-A and 1,000 messages to Recipient-B, it counts as 2 messages toward the per-user limit and 2,000 toward your account limit.

Account limits for an unpaid balance

If you haven't yet paid a bill for your Google Workspace account, your account limits are lower.

SMTP relay and Gmail user sending limits

There are different per-user sending limits for sending email with Gmail, rather than SMTP relay. The SMTP relay and Gmail user sending limits are independent and counted separately from each other.  

Denial of Service (DoS) limits

• Google Workspace SMTP relay servers support security methods that prevent DoS attacks. To avoid impacting these security methods, we recommend that SMTP agents sending large amounts of mail reuse connections. Reusing connections is called connection caching, and it lets servers send multiple messages per connection. Your email provider can help you set up connection caching.
• We recommend that servers present unique identifiers in the HELO or EHLO arguments during SMTP connections. For example, use your domain name or the server name, instead of generic identifiers such as localhost or smtp-relay.gmail.com.

Relay abuse limits

To manage spam, Google monitors messages sent through the SMTP relay service. If we detect a user sending a significant amount of spam, we send an email notification to the super administrators for your Google Workspace account.

Learn more about the spam and abuse policy and handling SMTP relay abuse.

Attachment size limit

Google Workspace support provides technical support only for Google products. To get help with these steps, contact your mail server provider.

In this case, set up Outbound Services on a Hub Transport server. Don't change the default timeout settings for Microsoft Exchange 2007/2010 mail servers. The default timeout setting supports this SMTP relay configuration.

1. For Transport Settings Properties, click GeneralOrganization ConfigurationHub Transport.
2. Click Send Connectors.
3. Right-click the actions pane and select New SMTP Send Connector.
4. For Name, enter Outbound.
5. For Select the intended use for this Send connector, select Internet and click Next.
   
   
6. Click Add.
   
   
    
7. For Domain, enter * (asterisk) so that all mail is routed through the new connector.
   
   
8. Check the Include all subdomains box and click OK.
9. Click Next.
10. Under Network settings, select Route mail through the following smart hostsclick Add.
    
    
11. Select Fully qualified domain Name (FQDN) and enter smtp-relay.gmail.com.
    
    
     
12. For Configure smart host authentication settings, select None and click Next.
    
    
     
13. For Source Server, click Add and list each outbound hub server that will act as a bridgehead.
    
    
    
    
     
14. Click OKNext.
15. For New Connector, click New.
    
    


16. Click Finish.
    
    
17. Send a test message to confirm that your outbound mail is flowing.

Google Workspace support provides technical support only for Google products. To get help with these steps, contact your mail server provider.

To send messages on an Edge server, configure a send connector. You can create and edit send connectors in the Exchange Management Console. Don't change the default timeout settings for Microsoft Exchange 2007/2010 mail servers. The default timeout setting supports this SMTP relay configuration.

To create and configure a send connector on your Hub Connector Server:

1. Click Organization ConfigurationHub Transport.
2. Click Send Connectors.
3. Double-click EdgeSync – name of your site to internet.
   
   
    
4. On the Address Space tab, verify that the asterisk (*) domain has been added.
   
   
    
5. On the Network tab, uncheck the Enable Domain Security (Mutual Auth TLS) box and select Route mail through the following smart hosts.
   
   
    
6. Click Add.
7. Select Fully qualified domain name, enter smtp-relay.gmail.com, and click OK.
   
   
8. On the Source Server tab, verify that the appropriate Edge subscriptions are listed.
9. From the Exchange Management Shell, run the start-edgesynchronization command.

   

10. On the Edge servers, verify that the new send connector settings have been received and are identical to those on the hub server.
11. Check your receive connectors on the Edge server and verify the following points:
    • The Network tab has the IP range of all hub servers.
    • The Authentication tab has the Exchange Server Authentication option selected.
    • The Permission Groups tab has the Exchange Servers option selected.

12. Send a test message to confirm that your outbound mail is flowing.

Google Workspace support provides technical support only for Google products. To get help with these steps, contact your mail server provider.

Change the retry interval and configure the smart host to route traffic to Google:

1. Right-click SMTP Virtual Server and select Properties.

2. Click the Delivery tab.

3. For Outbound, change the default retry intervals to the following values:

   • First retry interval (minutes): 1
   • Second retry interval (minutes): 1
   • Third retry interval (minutes): 3
   • Subsequent retry interval (minutes): 5

4. Click Connectors, right-click the SMTP Connector (or the internet Mail SMTP Connector), and select Properties.

5. On the General tab, enter smtp-relay.gmail.com.

6. If you selected the Any address option for allowed senders and you send mail from a domain that you don't own. Or, if you send mail without a “From” address, for example bounce messages or vacation notifications, you need to choose one of the following options: 

   • Configure your mail server to use SMTP AUTH to authenticate as a Google Workspace user.
   • Present one of your domain names in the HELO or EHLO command.

   For detailed instructions, contact your mail server provider.

7. Click OK to save the changes.

These instructions, which were written for Domino R5/R6, are designed to work with a majority of deployments.

Don't change the default timeout settings for Domino R5/R6 mail servers. The default timeout setting supports this SMTP relay configuration.

Set up a smart host and adjust the Retry Interval:

1. Open Domino Administrator.

2. Click Administrationthe Configuration tab.

3. Click Configurations.

4. Double-click the name of your Domino server.

5. At the top, click Edit Server Configuration.

6. Click the Router/SMTP tab.

7. For Relay host for messages leaving the local internet domain, enter smtp-relay.gmail.com.

8. Click the Restrictions and Controls tabthe Transfer Controls tab.

9. For Initial Transfer Retry Interval, enter a value of one minute or higher.

10. Click Save & Close.

11. If you selected the Any address option for allowed senders and you send mail from a domain that you don't own. Or, if you send mail without a “From” address, for example bounce messages or vacation notifications, you need to choose one of the following options: 

    • Configure your mail server to use SMTP AUTH to authenticate as a Google Workspace user.
    • Present one of your domain names in the HELO or EHLO command.

    For detailed instructions, contact your mail server provider.

12. Send a test message to confirm that your outbound mail is flowing.

Step 1: Increase server timeouts

1. Open the Groupwise ConsoleOne interface.

2. Right-click the Internet Agent object and select Properties.

3. Select the SMTP/MIME Settings tab and click Timeouts.

4. Set the following values:

   • Commands: 5 minutes
   • Data: 3 minutes
   • Connection Establishment: 2 minutes
   • Initial Greeting: 5 minutes
   • TCP Read: 5 minutes
   • Connection Termination: 15 minutes

5. Click ApplyOK.

Step 2: Set up a smart host

1. Open the Groupwise ConsoleOne interface.

2. Right-click the Internet Agent object and select Properties.

3. If the SMTP/MIME Settings page is not the default page, click the SMTP/MIME tabSettings.

4. Set the number of SMTP Send Threads to the maximum number of simultaneous connections the Groupwise server will safely support.

5. For Relay Host for Outbound Messages, enter smtp-relay.gmail.com.

6. Click ApplyOK.

7. If you selected the Any address option for allowed senders and you send mail from a domain that you don't own. Or, if you send mail without a “From” address, for example bounce messages or vacation notifications, you need to choose one of the following options: 

   • Configure your mail server to use SMTP AUTH to authenticate as a Google Workspace user.
   • Present one of your domain names in the HELO or EHLO command.

   For detailed instructions, contact your mail server provider.

8. Send a test message to confirm that your outbound mail is flowing.

In Sendmail, the server timeout default is one hour. If the timeout value is less than one hour, update the value to one hour before setting up SMTP relay.

To set up the SMTP relay service for Sendmail: 

1. Add the following line to the /etc/mail/sendmail.mc file:
   define(`SMART_HOST', `smtp-relay.gmail.com')​​

2. Stop and restart the sendmail server process.

3. If you selected the Any address option for allowed senders and you send mail from a domain that you don't own. Or, if you send mail without a “From” address, for example bounce messages or vacation notifications, you need to choose one of the following options: 

   • Configure your mail server to use SMTP AUTH to authenticate as a Google Workspace user.
   • Present one of your domain names in the HELO or EHLO command.

   For detailed instructions, contact your mail server provider.

4. Send a test message to confirm that your outbound mail is flowing.

1. In Server Admin, select Mail and click Settings.

2. For Relay all mail through this host, enter smtp-relay.gmail.com.

3. Click Save.

4. If you selected the Any address option for allowed senders and you send mail from a domain that you don't own. Or, if you send mail without a “From” address, for example bounce messages or vacation notifications, you need to choose one of the following options: 

   • Configure your mail server to use SMTP AUTH to authenticate as a Google Workspace user.
   • Present one of your domain names in the HELO or EHLO command.

   For detailed instructions, contact your mail server provider.

5. Restart the mail service.

6. Send a test message to confirm that your outbound mail is flowing.

In Qmail, the server timeout default is 1,200 seconds. If the timeout value is less than 900 seconds, update the value to at least 900 seconds before setting up SMTP relay.

To set up a smart host for Qmail:

1. Edit (or create) the /var/qmail/control/smtproutes file and append the following line:
   :smtp-relay.gmail.com:25
2. If you have internal domains where traffic shouldn't be routed to Google, add routing settings to the appropriate mail server to the /var/qmail/control/smtproutes file, with the following syntax: <InternalDomain>:<ServerForInternalDomain>

3. If you selected the Any address option for allowed senders and you send mail from a domain that you don't own. Or, if you send mail without a “From” address, for example bounce messages or vacation notifications, you need to choose one of the following options: 

   • Configure your mail server to use SMTP AUTH to authenticate as a Google Workspace user.
   • Present one of your domain names in the HELO or EHLO command.

   For detailed instructions, contact your mail server provider.

4. Stop and restart the Qmail server.
5. Send a test message to confirm that your outbound mail is flowing.

Don't change the default timeout settings for Postfix mail servers. The default timeout setting supports this SMTP relay configuration.

To set up a smart host for Postfix:

1. Add the following line to your configuration file (example path /etc/postfix/main.cf):
   relayhost = smtp-relay.gmail.com:25
2. Restart Postfix by running the following command:
   # sudo postfix reload

3. If you selected the Any address option for allowed senders and you send mail from a domain that you don't own. Or, if you send mail without a “From” address, for example bounce messages or vacation notifications, you need to choose one of the following options: 

   • Configure your mail server to use SMTP AUTH to authenticate as a Google Workspace user.
   • Present one of your domain names in the HELO or EHLO command.

   For detailed instructions, contact your mail server provider.

4. Send a test message to confirm that your outbound mail is flowing.