Configure Microsoft Office 365 and Email Security.cloud for outbound mail
search cancel

Configure Microsoft Office 365 and Email Security.cloud for outbound mail

book

Article ID: 178795

calendar_today

Updated On:

Products

Email Security.cloud

Issue/Introduction

  • How to configure Microsoft Office 365 and Email Security.cloud for outbound mail
  • Configuring Office 365 connectors to use Email Security.cloud smart host

 

 

Resolution

Configure Symantec.cloud outbound routes to use Microsoft Office 365

  1. Log in to the Symantec.cloud Management Console.
  2. Go to Services > Email Services > Outbound Routes.
  3. Under Hosted Email Services, select Microsoft Office 365.
  4. Click Add.

Note: Allow between 1 - 4 hour for this change to propagate and take effect across the Symantec.cloud infrastructure.
 

Configure settings on Microsoft Office 365 console for outbound mail

Configure Microsoft Office 365 to route its outbound email through Symantec.cloud.

  1. Log in to the Microsoft Office 365 admin center.
  2. Click Admin > Exchange > Exchange Admin Center.
  3. Select mail flow > connectors.
    All currently existing connectors for your organization appear.
  4. Click on the plus symbol (+) to add a new connector.
  5. Under Select your mail flow scenario, select the following:
    • From: Office 365
    • To: Partner organization
  6. Click Next.
  7. Type a name and description for the new connector.
  8. Check Turn it on, and then click Next.
  9. Ensure Only when email messages are sent to these domains is checked, and then click the plus (+) icon.
    1. If you want to configure custom routing for individual domains, please select "Only when I have a transport rule".
    2. Create a transport "Rule" with condition to redirect to emails to this connector with the "sender domain" condition and use your domain. (Please note this may require domain verification via Office365 preferred method)
    3. For any custom routing assistance with Office365 console, please refer to Microsoft support.
  10. In the add domain dialog box, type a single asterisk (*) to use as a wildcard, and then click OK.
    This forwards your outbound email to Symantec.cloud.
  11. Select Route email through these smart hosts, and then click on the plus (+) icon.
    The add smart host dialog box appears.
  12. Type the fully-qualified domain name (FQDN) as provided by Symantec.cloud. The FQDN is typically in the format clusterXout.XX.messagelabs.com. (The "X" is a placeholder. This will be the cluster number your account is on, and dependent upon country. Contact Tech Support if this information is needed.)
  13. Click Save, and then click Next.
  14. Choose if you want to have all emails use TLS when sending to Symantec.cloud, and then click Next.
  15. To validate the connector, type a recipient email address on a domain outside of your organization.
  16. Once the connector is successfully validated, click Save.

See Enterprise organizations and Office 365 at Microsoft.com for more information.

Adding Symantec.Cloud to your SPF records

A Sender Policy Framework (SPF) record is a type of Domain Name Service (DNS) TXT record that identifies which mail servers are permitted to send email on behalf of a domain. SPF records detect and prevent spammers from sending messages with forged "From" addresses on a domain. Symantec recommends that you include Symantec Email Security.cloud references in your SPF Record, even if your email is not generally routed outbound through Symantec.cloud. Including these references help prevent situations where email flows through Symantec servers for other reasons, such as email sent to another customer.

Implementing the SPF record also helps Symantec.cloud more accurately detect spoofed messages that pretend to be from your domain.

See the following knowledge base article to Implement SPF records in Email Security.cloud

Note: Make sure to set the TXT record TTL to the lowest possible to allow quick replication across DNS servers. It may take upto 24 hours for the TXT record to replicate across the internet.

 


 

Questions and Answers

  1. Would adding Hosted Email Service to the outbound routes affect existing mail flow from our on-premise Exchange environment in any way?
    Adding a Hosted Email Service provider as part of your outbound routes in the ClientNet Portal will not affect existing mail flow as long as the current sending server IP addresses remain. The Sending Server IP Addresses and Hosted Email Services configuration can be enabled at the same time and the service would accept mail from both, on-premise and cloud environments.