Firewall, Email & Video Configuration ensures that members are able to fully leverage all aspects of the MindFi platform.
Need help? General questions about completing the guide or support troubleshooting can be sent to [email protected].
Firewall Configuration
We highly recommend that you enable a wildcard domain to your firewall-allowed domain list so that all MindFi features and content can be accessed by your members.
Purpose | Domains to whitelist |
MindFi domains | |
Allows access the MindFi application | |
Allows for video coaching sessions | |
In-app chat between user and therapist |
|
Allows for Content Delivery Network (CDN) url for static assets | *.googleusercontent.com - Google Proxy *.mcusercontent.com - Mailchimp CDN |
Allows for universal app deep links in order to direct to content within our application | mindfi.app.link - MindFi App Deep Link mindfi.page.link - MindFi App Deep Link |
Allows in-app communication with our customer support team via our service provider, Intercom |
Testing the Firewall Configuration
If you have followed the steps above, your members shouldn’t have any issues when using our applications. In case you have any questions or issues during this setup please reach out to [email protected].
Email Enablement
All emails delivered by the platform follow industry-standard configurations including: SPF, DKIM, and DMARC.
Emails coming from the MindFi platform to users (e.g., invite emails) will be sent from [email protected]
Operational emails and other engagement emails may be sent from [email protected]
Email Domains
In order for email delivery and interaction to operate as smoothly as possible, we recommend allowing the following email domains:
mindfi.co
email.mindfi.co
mail.mindfi.co
Note: These are email domains, not mail server hostnames.
Server Hostnames
To ensure messages aren’t blocked or quarantined, partners should also allow the following wildcard hostnames:
*mindfi.co
*.mail.mindfi.co
*.email.mindfi.co
This includes subdomains like o2740.abmail.mail.mindfi.co, which are used by our third-party email providers.
Sender Address Safelisting
To ensure all user-facing communication is reliably delivered, please also safelist the following email addresses and domains:
*@mail.mindfi.co
*@email.mindfi.co
Firewall Configuration (if needed)
Depending on your firewall rules, it may be necessary to allow the following IP addresses:
205.201.128.0/20
198.2.128.0/18
148.105.0.0/16
It is not recommended to use IP addresses for whitelisting as IP addresses are ephemeral and are subject to change. Please use domain whitelisting where possible.
Video Session Enablement
MindFi members meet with their therapists and coaches virtually through our peer-to-peer video call. We use an external service called Dyte.io to enable this functionality. In order for this to work properly, the following actions need to be taken:
Step | Whitelisting |
Open firewall ports (outbound) which Dyte uses for secure HTTP communication for video calls (Not enabling this will lead to call drops or reduced call qualities) | Ports* 443 (TCP) 3478 (TCP and UDP), 5349 (TCP), 10,000-60,000 (UDP) |
Ensure access to these domains | *.dyte.io *.cloudflare.com *.realtime.cloudflare.com api.flagsmith.com |
If it is not possible to allow the above domains, allow these IP addresses | 2a06:98c1:3200::1/128 2606:4700:48::1/128 141.101.90.1/32 162.159.207.1/32 These IP addresses are subject to change |
*Opening UDP Port 3478 will give a better experience. UDP is highly recommended over TCP for better quality audio and video. The protocol favors timeliness over reliability which is consistent with the human perceptive preferences; where we can fill in gaps but are sensitive to time-based delays. This port only accepts inbound traffic after an outbound request is sent. The connection is bidirectional but is always initiated from the corporate network/client so it is not possible for an external entity to send malicious traffic in the opposite direction. For the best possible experience, we recommend opening UDP ports 1025 - 65535.