Skip to main content

Configure Office 365 for GravityZone Security for Email

Follow these procedures to integrate GravityZone Security for Email with Office 365, for inbound and outbound email delivery.

Configure GravityZone Security for Email for Office 365 accounts.

To configure GravityZone Security for Email for use with an Office 365 account follow the steps below:

1. Configure GravityZone Security for Email Inbound Mail

  1. Go to Products > GravityZone Security for Email > Product Configuration.

  2. Go to Inbound Mail.

  3. Click Add to add a new delivery route and fill in the route information:

    • Under Domain, type in the domain name of the host you want to redirect.

    • Under Cost set route priority.

      The cost defines route priority for multiple routes.The lower the number, the higher the priority.

    • Under Route enter the 0365 domain name (e.g. domain-com.mail.protection.outlook.com)

      Note

      This can be found under O365 > Settings > Domains > Domain Details > MX Value

    EMS_config_office365_1_103597_en.png

  4. Update to save changes.

2. Configure Office 365

  1. Log in to Microsoft 365 Defender.

  2. Click Policies & Rules on the menu in the left side of the page.

  3. Select Threat Policies.

  4. Select Anti-Spam Policies.

  5. Click Connection filter policy.

    The Connection filter policy (Default) panel is displayed.

  6. Click Edit connection filter policy.

  7. In the Allowed IP Address section, add all of the IP addresses according to the correct addresses for your cluster - see Europe, United States.

  8. Select the Turn On Safe List checkbox.

  9. Click Save:

    EMS_config_office365_2_103597_en.png

3. Configure GravityZone Security for Email Outbound Mail

  1. Go to Products > GravityZone Security for Email > Product Configuration.

  2. Go to Outbound Mail.

  3. Click Add.

  4. Under Hostname enter the following string:

    spf://spf.protection.outlook.com

  5. Update to save changes.

Configure Inbound mail on Office 365 to reject non-EMS emails

Please follow the steps in this article to restrict Office 365 and then return to this article to continue configuration.

Configure Outbound mail on Office 365 to send email via the EMS servers

Follow the steps below to configure Office 365 to always send messages using the EMS server:

  1. Log in to your Office 365 Admin Center, and go to Admin Centers > Exchange.

  2. In the left-hand pane, click Mail Flow > Connectors.

  3. Click + to add a new connector.

  4. In the From: field, select Office 365.

  5. In the To: field, select Partner Organization.

  6. Give the new connector a sensible name.

  7. Click Next.

  8. Under When do you want to use this connector? select Only when email messages are sent to these domains, then click the + icon and enter *.

  9. Click Next.

  10. Under How do you want to route email messages, select Route email through these smart hosts.

  11. Add hosts according to the correct addresses for your cluster - see Europe, United States.

  12. Click Next and then click Confirm to create the connector.

Note

If you wish to verify the connector, be sure not to use an internal address. For example, use a personal email address which is not a domain configured for your customer.

If the validation fails check the settings below before contacting technical support:

  • The connector is enabled.

  • The default domain is the domain configured in EMS domain settings (MailFlow > Accepted Domains).

Video tutorials

In this section: