The MTA for senders and ESPs

Large senders of transactional or marketing email need an MTA that enables them to develop great solutions in a highly competitive market. Halon provides outstanding integration capabilities, reliability and performance; ideal for organisations with sophisticated email delivery needs.

Request demo

Challenges and benefits

• Highly flexible. Lack of flexibility in the MTA can lead to compromises and complexity, resulting in high maintenance costs and risks. The Halon MTA can be tailored to specific needs, allowing for virtually unlimited customisation. It is scriptable and extensible, but lean and compact at the same time. It has integrated blue-green deployment and supports modern development processes.
• Fully adaptable. Incorporating an alternative MTA into an existing environment can be challenging. The Halon MTA can be fully adapted to work seamlessly with surrounding infrastructure, which allows for a cost-effective and non-intrusive implementation.
• Committed. The MTA is an integral part of the sender's operation; a business-critical component. Halon's only focus is to develop and support an MTA for large service providers. The Halon MTA is in active development with quarterly feature releases.

Built for email service providers

The most flexible email delivery platform

• Greater scalability

  Highly efficient and using an asynchronous model, it can handle tens of thousands of concurrent connections and sustain blazing throughput, even in complex scenarios.

• Management and integration

  Valuable real-time insights and full control of sending. Available via web, command line, and queue APIs that together with the scripting enables powerful integrations into your existing environment.

• Signing and authentication

  Support for all the latest authentication standards; including SPF, DKIM, DMARC and ARC. Any settings, including keys and selectors, can be fetched from external data sources via scripting.

• Latest encryption standards

  Supports the latest encryption standards such as MTA-STS, TLS-RPT, DANE, TLS 1.3, S/MIME, client certificates, as well as granular TLS protocol, cipher control and SNI.

• Granular throttling

  Control concurrency and rate using any combination of parameters such as source IP, domain, MX, destination IP or other meta data. Those can be grouped using RegEx or wildcard to implement for example MX rollup.

• Deliverability automation

  Throttles or suspends can be adjusted dynamically based on response patterns, bounces, queue metrics and much more. Infinitely tailorable using the Halon scripting language.

More features

Consolidates email infrastructure

Cut system complexity

In contrast to traditional layered email infrastructure, Halon enables you to rapidly architect the system that you want without compromises. At the same time, Halon will reduce complexity, lower maintenance and increase performance. Halon customers typically cut over 70% of operations expenses, freeing resources for other revenue-generating projects. If you have email storage, Halon takes care of everything else, in an integrated and scriptable fashion.

Integrated blue-green deployment

Reduce deployment time and risks

Run parallel versions of your configuration with traffic splitting. Along with a consolidated and programmatic approach to in-transit email, you can make rapid implementations as well as reliable deployments of changes or new functionality. Revision-managed configuration makes all changes fully visible, and provides instant rollbacks.

Slideshow

Live staging

×

To demonstrate our live staging, I'll make two SMTP connections using the terminal.

Everything that is connection-bound can be tested; the script-based SMTP hooks...

...as well as SMTP server settings. We'll enable SMTPUTF8 and change the banner hostname for the port 25 listener.

For the sake of this demo, we setup the live staging to apply for 100% of new connections.

When pressing "Start", the current working copy will be deployed as a testing configuration.

The previously opened connection is unaffected, as it still references the regular configuration.

When making a new connection however, you can see the new hostname, UTF8 flag, and MAIL FROM response.

Developer-friendly

Keep your system fully flexible

Keep up with your competition through rapid implementation of new technologies, with Halon's email-centric scripting language. It could be DKIM signing with keys delivered from a control panel using a REST API lookup, custom SRS, dynamic routing or tailored outbound policies for maximum deliverability. The web admin's IDE features a sandbox, live staging, REPL interpreter and revision management. Halon provides a powerful software framework that performs better than most in terms of speed and efficiency, while dramatically improving system flexibility.

Script reference Live demo

Choose example

Routing Source IP hash Rate limiting DKIM signing

• Routing
• Source hash
• Rates
• DKIM

• 
• The Halon MTA is a flexible email operations and security platform. It enables organisations that operate large-scale email services to offer competitive features by rapid implementation and to lower maintenance costs through reliable deployment and reduced complexity.

• Product

• Features
• Pricing

• Support

• Knowledge base
• Script reference
• Contact support

• Resources

• Case studies
• Guides

• Company

• About
• Blog
• Press
• Careers
• Contact

© 2018 Halon Security AB. Privacy policy.

if (!$senderip) {
    SetProtocol("smtp"); // Use SMTP for locally generated DSNs
    Try();
}
// Use a more robust lookup like https://wiki.halon.io/API_calls
$route = cache ["ttl" => 3600] http("$apiurl/route", [], [$recipientdomain]);
$route = json_decode($route);
if (!is_array($route))
    Reschedule(3600, ["reason" => "Invalid route", "increment_retry" => false]);
SetDestination($route["storage"]);
SetProtocol("lmtp");

if (GetMetaData()["spam"] == "yes") {
    // Bulk IP
    SetSourceIP("netaddr:4");
} else {
    // Source hash
    $addrs = ["netaddr:1", "netaddr:2", "netaddr:3"];
    $sourcehash = number("0x".md5($senderdomain)[0:6]);
    SetSourceIP($addrs[$sourcehash % count($addrs)]);
}
$ptr = cache ["ttl" => 3600] dnsptr($sourceip, ["extended_result" => true]);
if (isset($ptr["result"][0]))
    SetHELO($ptr["result"][0]); 

// In the post-delivery script
if ($errorcode >= 400)
    rate("delivery-failures", $senderdomain, 1000, 3600);

// In the MAIL FROM script
if (rate("delivery-failures", $senderdomain, 0, 3600) > 999)
    Defer("$senderdomain has more than 1000 failed deliveries during the last hour");

// Per-domain DKIM signing using external database
function Deliver() {
    // Override the deliver function
    global $apiurl, $senderdomain;
    // Use a more robust lookup like https://wiki.halon.io/API_calls
    $dkim = cache ["ttl" => 86400, "size"=> 32768, "ttl_override" => ["" => 60]]
        http("$apiurl/dkim/$1", ["timeout" => 10], [$senderdomain]);
    $dkim = json_decode($dkim);
    if (is_array($dkim))
        DKIMSign($dkim["selector"], $dkim["domain"], $dkim["rsakey"]);
    builtin Deliver();
}