Prices & Plans
The Ultimate Email Hosting Plans use LogicBoxes Email Hosting – the industry leading Email Server and Control Panel software. Surf7.net offers a comprehensive solution to you for buying and managing Business class Email.
|World-class Email Hosting solutions
|Pricing & Order
|No. of Email Accounts
||Up to 5
||Up to 15
||Up to 50
||Up to 100
|Email Space per Mailbox
|Price (1 year)
|Price (2 years)
Our feature-packed Email Hosting packages are a perfect match for every need.
|World-class Email Hosting solutions
|Web-Based Email Access
Email Utilities and Tools
Security and Other Features
|World-class Email Hosting solutions
|Total DNS Control
Pre-Sales Frequently Asked Questions
Terms & Conditions
- You do agree to our terms of service available here.
- Domain name once registered is not refundable.
- All Prices are quoted in Ringgit Malaysia.
- For enquiries, please contact us.
Note: All Email Hosting packages come with a 30 day money back guarantee to you. If you choose not to use the package and deletes it within 30 days, you are entitled to a full refund.
Features / Detail Features
Web Based Email
Our webmail consists of rich innovative user-interfaces that are specifically designed for business users. It allows each of your users to manage their email, address book, tasks, appointments, password, email forwarding options, auto-responder etc in an effective manner.
Using our SMTP service, you can compose and send email using any desktop-based email software such as Microsoft Outlook, Outlook Express, Eudora, Netscape Mail etc. Desktop-based email softwares will allow you to compose emails even when you are offline – you would need to connect only when you want to send all the emails that you have finished typing. Hosting companies that do not support this feature force you to compose and send email via their web-based email client only.
Unlimited POP3 & IMAP Access
Our email system allows you to download and view your email using your favorite email client (Microsoft Outlook, Outlook Express, Eudora, Netscape Mail etc.). You do not necessarily have to use the web-based email client only.
Using our POP3 service, you can download all your email when connected to the internet and then view and manipulate the retrieved messages without needing to stay connected. Our service allows you to set your email software to “leave mail on server” – which is very useful if you want to download the same messages from a different computer, or read your messages from the web-based email client at a later date, or just maintain a copy of your messages on the server for backup purposes.
We are one of the few hosting companies that allow you to access your email via IMAP (a modern alternative to POP3). IMAP provides various advantages, such as – freedom for users to download selective messages / attachments only, the ability to create and manipulate server-side folders, perform server-side searches on email messages etc.
Unlimited Email Forwards
Email forwards are email addresses configured such that all incoming emails to them, are forwarded to other email address/addresses. A choice of forward can be anything – corporate name, business department, additional nickname, misspellings etc. An email forward can redirect all incoming emails to – one or more email accounts, mailing lists or other email forwards.
- One of your employees – Mr Jordan – has just left your organisation. You now want to forward all email coming to Jordan to Ms Grace. To do this you can add firstname.lastname@example.org as an email forward that redirects all incoming email to email@example.com.
- John’s primary email address is firstname.lastname@example.org. You want all email coming to email@example.com to be redirected to firstname.lastname@example.org so that John doesn’t need to check 2 different email accounts – you can just add an email forward for the same.
- You want a copy of all email coming to your sales department to go to each individual working in the sales dept i.e. Emma, Ryan and Evan of which Ryan and Evan have email accounts at gmail and hotmail. To do this you can add email@example.com as an email forward that redirects a copy of all incoming email to firstname.lastname@example.org, email@example.com and firstname.lastname@example.org
- You want to receive a copy of all emails coming to David’s email address without David knowing about the same – you can add an email forward to David’s email account such that a copy of all emails coming to email@example.com are also forwarded to your email address by the mail system.
- You can add unlimited Email Forwards using the email administrator control panel. Each of your email users can also set their own email forwarding options from their web based email interface.
Auto-responders / Vacation Messages / Email Bots
Our email administrator control panel allows you to enable / disable auto-responders for any email address. Each of your email users too can add, delete and modify their own auto-responder from their web-based email interface.
Enabling the auto-responder would result in an automatic reply being sent out by the email system as soon as an email is received for that specific email address. Auto-Responders are commonly used for the following –
- Vacation Messages – Notifying anyone that sends an email to this address that the user to whom this email was sent is currently out of office / town. For example – “I am currently out of the office and have limited access to email. I will be back on Friday, 5th Oct. In case of any urgent work, you may contact Mr John Smith at (123)-123-1234 in my absence.”
- Delivery Confirmations – Notifying anyone that sends an email to this address that their message has been received. For example, an auto-responder for a sales email address – “Thank you for your email. This is to confirm that your message has been received by us. We will be replying to you shortly.”
- Emailbots: Our system allows you to use auto-responders like a fax-on-demand system for email. For example, you can create an email address – firstname.lastname@example.org – such that anyone sending an email to this address would be sent an email brochure containing details about Product X.
- Ability to draft the response in Plain Text or HTML
- Ability to attach the original email
- Ability to automatically disable the auto-responder on a particular date
- Ability to limit the number of auto replies sent to the same email address. This can be quite useful – for example – if you have enabled a vacation message and receive an email from Mr X, then the email system would send back an auto-response which states that you are currently out of office. If Mr X sends you another email on the same day, there is no point sending the same auto response again as he already knows that you are out of office.
- Built-in Protection against Email Loops. Our auto-responders ensure that infinite email loops are blocked. Mail loops could get created in cases such as, an auto-responder sending a reply to another auto-responder.
- Automatically detects emails from mailing lists and does not send an auto-response to such emails.
50 Mailing Lists
Along with every hosting package you get the ability to add 50 mailing lists with 1000 members in each list. While adding a mailing list, you can decide to create it in the form of a newsletter, an announce list, a private discussion list or an open discussion list. You can choose to moderate messages and mailing list subscriptions. The email administrator control panel also allows you to view and edit your member lists, automatically block emails where message size is greater than the size specified by you, add a specific message at the end of all posts, add / remove moderators, etc.
With your email hosting package you get a full-fledged DNS Manager with an easy-to-use Web based Interface for DNS Management.
You can add, modify, delete all types of records through the web based interface. All additions and modifications will reflect instantly
on every DNS server. You can even set and change TTL on a per record basis, and modify all the SOA parameters.
Advanced Email Threat Protection
Anti-Virus Protection for ALL your Email accounts
We provide you with round-the-clock, high-performance, comprehensive protection against the threat of email borne viruses and malicious code for ALL your email accounts. Our AntiVirus software detects nearly 100% of viruses and other malicious programs. Our comprehensive virus patterns database updates at frequent intervals and supports infallible identification.
Our email server blocks out unwanted spam at the server level making email communication more usable. The anti-spam solution blocks as much as 90% of all spam which is 100% guaranteed junk email i.e. genuine mails would never get blocked.
Dictionary Harvest Attack Protection
Spammers have started using advanced methods such as Directory Harvest Attacks (DHAs) to collect corporate email addresses and add them to their spam lists. A typically DHA works by trying to deliver emails to addresses in a spammers dictionary of common email addresses at your domain name for e.g. email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org etc. Email addresses of emails that are not rejected by your email server are assumed to be real and are compiled in to spam lists and sold to several other spammers around the world. So even if you have been giving out your email address to trusted friends and business associates only, have taken extra care to not use it while signing up for any service, and never used it while posting on online forums – your extra-guarded email address still gets spam if successfully harvested through a DHA attack. Further, the damage caused by DHAs isn’t just more spam – as if that wasn’t bad enough – a large DHA or multiple simultaneous DHAs act like a denial-of-service attack and can deteriorate your email service or worse bring down your email server.
Our email systems automatically detect DHA attacks and nip them in the bud. They are designed to protect your accounts from extremely large attacks. Our systems are successfully blocking several such attacks on a daily basis.
Mail Bomb Protection
Email Bombing involves sending of a large number of and/or excessively large-sized unwanted emails to a single email address, with the aim to prevent normal use of the mailbox. Our systems have built-in protection against such attacks.
Email Server Flooding Protection
Email Server Flooding is a type of denial-of-service attack. It involves sending of a exceptionally large number of unwanted emails to one or more email address on an email server using multiple threads, with the aim to degrade the performance of the email server by choking all available SMTP connections and other resources. Our filtering systems use state-of-the-art technology to detect such attacks and launch counter-measures to protect our email servers.
Features / Security
Our Holistic Security Approach
In order to reduce security risks to minimum, a holistic approach to security is required. Our security processes are born out of a clear definition of the threats to our system.
Security threats are a result of the various interaction points that an application provides to the external world, and the various users that can interact with these interfaces. For instance Your Customers, Your Resellers, Your staff, Our Staff, Anonymous Internet Users and Third Party Servers are interacting with our Systems at any given point of time. Each of these actors need to have different access levels and different rights and permissions.
Privacy – Information within our infrastructure and systems will only be accessible by authorized users
Integrity – Data and information within our infrastructure cannot be tampered with by any unauthorized user
Data Protection – Data within the systems cannot be harmed, deleted or destroyed
Identification and Authentication – Ensures that any user of the system is who he claims to be and eliminates chances of impersonation
Network Service Protection – Ensures that networking equipment is protected from malicious hacking attempts or attacks that threaten uptime
Our Holistic Security Model
Our Security platform and process leverage on multiple levels of security – consisting of Security Systems
and Equipment1 combined with Security Procedures and Practices2 and Auditing Processes3,
to ensure unparalleled security for all the services we provide. The platform tackles security at 7 different levels
Our global datacenter partnerships are a result of a comprehensive Due diligence process. Security and stability are
two of the most important variables in our due diligence process. All datacenters are equipped with surveillance
cameras, biometric locks, authorization-based access policies, limited datacenter access, security personnel, and
similar standard security equipment, processes and operations. What separates us however is the fact that our due
diligence process also incorporates a measure of proactiveness demonstrated by the datacenter towards security.
This is measured by evaluating past practices, customer case studies, and the amount of time the datacenter dedicates
towards security research and study.
Our global infrastructure deployments incorporate DDOS mitigators,
Intrusion Detection systems, and Firewalls both at the edge and the
Rack level. Our deployments have weathered frequent hacking and DDOS
attempts (sometimes as many as 3 in a single day) without any
Protection against Distributed Denial-of-Service (DDoS) Attacks
of Service is currently the top source of financial loss due to
cybercrime. The goal of a Denial-of-Service attack is to disrupt your
business activities by stopping the operation of your web site, email
or web applications. This is achieved by attacking the servers or
network that host these services and overloading the key resources such
as bandwidth, CPU and memory. The typical motives behind such attacks
are extortion, bragging rights, political statements, damaging
competition etc. Virtually any organization that connects to the
Internet is vulnerable to these attacks. The business impact of large
sustained DoS attacks is colossal, as it would lead to lost profits,
customer dissatisfaction, productivity loss etc due to inavailability
or deterioration of service. A DoS attack in most cases would even land
you with the largest bandwidth overage invoice that you have ever seen.
Our Distributed Denial-of-Service protection system provides
unrivaled protection against DoS and DDoS attacks on your
internet-facing infrastructures i.e. your websites, email and mission
critical web applications, by using sophisticated state-of-the-art
technology which automatically triggers itself as soon as an attack is
launched. The DDoS mitigator’s filtering system blocks almost all
fraudulent traffic and ensures that legitimate traffic is allowed up to
the largest extent possible. These systems have seamlessly protected
several web sites from large service outages caused by simultaneous
attacks as large as 300+ Mbps in the past, thus allowing organizations
to focus on their Business.
Our round-the-clock firewall protection system secures the perimeter
and delivers the very best first line of defense. It uses highly
adaptive and advanced inspection technology to safeguard your data,
website, email and web applications by blocking unauthorized network
access. It ensures controlled connectivity between the servers that
store your data and the Internet through the enforcement of security
policies devised by subject matter experts.
Network Intrusion Detection system
Our network intrusion detection, prevention and vulnerability
management system provides rapid, accurate and comprehensive protection
against targeted attacks, traffic anomalies, “unknown” worms,
spyware/adware, network viruses, rogue applications and other zero-day
exploits. It uses ultramodern high-performance network processors that
carry out thousands of checks on each packet flow simultaneously with
no perceivable increase in latency. As packets pass through our
systems, they are fully scrutinized to determine whether they are
legitimate or harmful. This method of instantaneous protection is the
most effective mechanism of ensuring that harmful attacks do not reach
We have standardized on hardware vendors that have a track record of
high security standards and quality support. Most of our infrastructure
and datacenter partners use equipment from Cisco, Juniper, HP, Dell etc.
Host Based Intrusion Detection System
With the advent of tools that are able to bypass port blocking
perimeter defense systems such as firewalls, it is now essential for
enterprises to deploy Host-based Intrusion Detection System (HIDS)
which focuses on monitoring and analyising the internals of a computing
system. Our Host-based Intrusion Detection System assists in detecting
and pinpointing changes to the system and configuration files – whether
by accident, from malicious tampering, or external intrusion – using
heuristic scanners, host log information, and by monitoring system
activity. Rapid discovery of changes decreases risk of potential
damage, and also reduces troubleshooting and recovery times, thus
decreasing overall impact and improving security and system
applications run on myriad systems with myriad server software.
Operating Systems include various flavors of Linux, BSD, Windows.
Server Software includes versions and flavors of Apache, IIS, Resin,
Tomcat, Postgres, MySQL, MSSQL, Qmail, Sendmail, Proftpd etc etc.
We ensure security despite the diverse portfolio of software
products we utilize by following a process-oriented approach
Timely Application of Updates, Bug Fixes and Security Patches
servers are registered for automatic updates to ensure that they always
have the latest security patch installed and that any new
vulnerabilities are rectified as soon as possible. The largest number
of intrusions result from exploitation of known vulnerabilities,
configuration errors, or virus attacks where countermeasures ARE
already available. According to CERT, systems and networks are impacted
by these events as they have “not consistently” deployed the patches
that were released.
We fully understand the requirement for strong patch and update
management processes. As operating systems and server software get more
complex, each newer release is littered with security holes.
Information and updates for new security threats are released on an
almost daily basis. We have built consistent, repeatable processes and
a reliable auditing and reporting framework which ensures that all our
systems are always up-to-date.
Periodic Security Scans
Frequent checks are run
using enterprise grade security software to determine if any servers
have any known vulnerabilities. The servers are scanned against the
most comprehensive and up-to-date databases of known vulnerabilities.
This enables us to proactively protect our servers from attacks and
ensure business continuity by identifying security holes or
vulnerabilities before an attack occurs.
Pre-Upgrade testing processes
Software upgrades are
released frequently by various software vendors. while each vendor
follows their own testing procedures prior to release of any upgrade,
they cannot test inter-operability issues between various software. For
instance a new release of a database may be tested by the Database
vendor. However the impact of deploying this release on a production
system running various other FTP, Mail, Web Server software cannot be
directly determined. Our system administration team documents the
impact analysis of various software upgrades and if any of them are
perceived to have a high-risk, they are first beta-tested in our labs
before live deployment.
of the application software that is used in the platform is built by
us. We do not outsource development. Any 3rd party Products or
Components go through comprehensive training and testing procedures
where all elements of such products are broken down and knowledge about
their architecture and implementation is transferred to our team. This
allows us to completely control all variables involved in any
particular Product. All applications are engineered using our
proprietary Product Engineering Process which follows a proactive
approach towards security. Each application is broken down into various
components such as User Interface, Core API, Backend Database etc. Each
layer of abstraction has its own security checks, despite the security
checks performed by a higher abstraction layer. All sensitive data is
stored in an encrypted format. Our engineering and development
practices ensure the highest level of security with regards to all
weakest link in the security chain is always the people you trust.
Personnel, Development staff, Vendors, essentially anyone that has
privileged access to your system. Our Holistic Security
Approach attempts to minimize security risk brought on by the “Human
Factor”. Information is divulged only on a “need-to-know” basis.
Authorization expires upon the expiry of the requirement. Personnel are
coached specifically in security measures and the criticality of
Every employee that has administrator privileges to any of our
servers goes through a comprehensive background check. Companies that
skip out on this are putting to risk all sensitive and important data
belonging to their customers, as no matter how much money is invested
into high-end security solutions, one wrong hire – having the right
amount of access – can cause greater damage than any external attack.
In a vast deployment of globally distributed servers, audit processes
are required to ensure process replication and discipline. Are all
servers being patched regularly? Are the backup scripts running all the
time? Are offsite backups being rotated as desired? Are appropriate
reference checks being performed on all personnel? Is the security
equipment sending out timely alerts? These and many such questions are
regularly verified in an out-of-band process that involves
investigation, surveys, ethical hacking attempts, interviews etc. Our
audit mechanisms alert us to a kink in our security processes before it
is discovered by external users.
Features / 24 X 7 Server Monitoring
Our infrastructure comprises of high availability clusters of different machines, with varied operating systems and applications,
spread across multiple continents.
An effective monitoring system is extremely crucial for ensuring maximum uptime. Today, any web services company manages hundreds
of servers with a large number of services running on each server. Manually checking each service on just one server
24 x 7 is extremely difficult – across a number of servers – is humanly impossible. Companies that do not have a good monitoring
system, or worse, don’t have one at all, have larger downtimes and are increasing the risk of potential damage caused due to service
disruptions. An undetected minor issue can change into a major issue rapidly, increasing the amount of damage caused.
Our monitoring systems and tools provide our system administrators with an all-encompassing view into the health of our globally
distributed infrastructure. We monitor a large number of parameters related to the health of our servers and individual services
that reside on them.
Services monitored include –
- Network Connectivity
- Server Disk Space
- Server CPU Usage
- Server Memory Usage
- Web Services – HTTP, HTTPS & FTP
- Email Services – SMTP, POP & IMAP
- Database Services – MySQL, MSSQL
- DNS Services
- All Log Files
If any server or service fails, or any resource utilization exceeds specified limits, then a notification pops-up immediately on the
screen of all our Infrastructure Monitoring Staff. The notification system also handles escalation of issues i.e. if the issue is
not resolved within ‘x’ minutes, SMS alerts are sent out to higher level system administrators, and subsequently to Management.
All of this allows us to detect and resolve any issue within minutes of it happening and ensures maximum uptime for your customers.
Features / Data Protection & Disaster Recovery Plans
We understand that data is the lifeblood of most companies today and organizations increasingly require 100% uptime,
where data is constantly online and accessible. We have therefore implemented solid solutions that allows you to protect
your data in the unfortunate event of software malfunction, system failure, events of loss of data due to hacking or viruses etc.
Live Backup (RAID Technology)
We use cutting-edge RAID Hardware to protect all data on the server against harddisk failures. This technology works by creating
a mirror of all data on more than one harddisk automatically, without any delay i.e. all data is written to multiple harddisks
simultanously so that if any harddisk fails, that harddisk will be marked as deactivated and the system will still continue to
function as though nothing has happened by using the copy of the data on the other harddisk(s). The best part is that you do not
require to make any changes or special code modifications in your website/web application for this technolgy to function.
RAID systems offer a significant advantage over non-RAID systems, both in terms of data protection and ability to maintain 100%
uptime, as the system continues to function perfectly in case of disk failures. RAID technology also marginally improves the
performance of the various services on the server.
As soon as a harddisk fails, notification alerts are sent out, so that the failed harddisk can be replaced by the system
administrators. As such, the system continues to perform normally despite disk failures, using the mirror of the data on the
Daily & Weekly Server Backups
Important data exists across various locations on a server. Our subject-matter experts have conducted comprehensive research and have
prepared complex backup scripts that automatically maintain copies of all important files and folders, in a secure manner, on a
regular pre-defined interval, such that we can restore a server in the shortest possible time, in the event of a total failure.
Your Own Backup Policy Manager (Only Applicable for Web Hosting Packages)
All our services involve your crtitical data. Most of our Products have a built-in Backup Manager that provides comprehensive and
cost effective protection by allowing you to define highly flexible backup policies that will protect your critical data.
A web-based backup policy manager provides an easy-to-use one-step wizard to define the backup scope, backup frequency and backlogs