How to Configure Esva for Office365

Similar documents
Office 365 Standalone Security

How to Configure Office 365 for Inbound and Outbound Mail

Setting up Microsoft Office 365

Office 365 Inbound and Outbound SMX configuration. 4 th January 2018

Using Trustwave SEG Cloud with Exchange Online

Using Trustwave SEG Cloud with Cloud-Based Solutions

Office 365 Integration Guide Software Version 6.7

To create a few test accounts during the evaluation period, use the Manually Add Users steps.

You should not have any other MX records for your domain name (subdomain MX records are OK).

You can find more information about the service at

TrendMicro Hosted Security. Best Practice Guide

Step 2 - Deploy Advanced Security for Exchange Server

Mail Assure. Quick Start Guide

Configuring Gmail (G Suite) with Cisco Cloud Security

Troubleshooting IMAP Clients and ViewMail for Outlook

Connecting to Mimecast

Important Information

Office 365: Secure configuration

Workshare Protect Server 3.8. Solutions Guide

Step 1 - Set Up Essentials for Office 365

Lotus Protector Interop Guide. Mail Encryption Mail Security Version 1.4

Sophos Appliance Configuration Guide. Product Version 4.3 Sophos Limited 2017

The Multi Domain Administrator account can operate with Domain Administrator privileges on all associated Domain Administrator users.

Mail Assure Quick Start Guide

Workshare Protect Server 3.9 on Microsoft Azure. Admin Guide

Anti-Spoofing. Inbound SPF Settings

Appliance Installation Guide

Getting Started Guide moduscloud

MAILGUARD AND MICROSOFT EXCHANGE 2013

Step 1 - Set Up Essentials for Office 365

Comodo Dome Antispam MSP Software Version 2.12

Comprehensive Setup Guide for TLS on ESA

Configure Exchange 2003 Server

WORKSHARE PROTECT SERVER 3.6 SOLUTIONS GUIDE

Understanding the Pipeline

Admin Guide Defense With Continuity

Managing Spam. To access the spam settings in admin panel: 1. Login to the admin panel by entering valid login credentials.

Ciphermail Webmail Messenger Administration Guide

Integrating Trend Micro Hosted Security with Google Gmail

Set up a Customer Site

Important Information

WeCloud Security. Administrator's Guide

iq.suite Azure Edition

Managing SonicWall Gateway Anti Virus Service

Microsoft Exchange Online

Trustwave SEG Cloud Customer Guide

Symantec ST0-250 Exam

SMTP Settings for Magento 2

Symantec ST Symantec Messaging Gateway Download Full Version :

Comodo Antispam Gateway Software Version 2.12

Step 4 - Choose Your Deployment

Enterprise Vault.cloud Journaling Guide

Cisco Encryption

Welcome to ContentCatcher 3.0! If this is your first time using ContentCatcher 3.0, here s a great way to start. We ll walk you through the essential

Instructions Microsoft Outlook 2013 Page 1

Christensen Software Exchange Server Configuration Guide

Instructions Microsoft Outlook 2007 Page 1

2 Initial Setup with Web Wizard

Enabling and Activating Anti-Spam

Set Up with Microsoft Outlook 2013 using POP3


Version Installation Guide. 1 Bocada Installation Guide

NSE6_FML exam.14q

Configuring SMTP Routing

ACCURATE STUDY GUIDES, HIGH PASSING RATE! Question & Answer. Dump Step. provides update free of charge in one year!

ACE Live on RSP: Installation Instructions

CSC Network Security

A. On the VCS, navigate to Configuration, Protocols, H.323, and set Auto Discover to off.

WHITEPAPER Rewrite Services. Power365 Integration Pro

Secure Messaging Crypto-Gateway Configuration for Office 365

Managing Certificates

Mail Assure. User Guide - Admin, Domain and Level

Exchange 2010 Smtp Error Code Unable To Relay

Instructions Microsoft Outlook 2010 Page 1

Implementing Cisco IP Telephony & Video, Part 2 v1.0

VMware Workspace ONE UEM VMware AirWatch Cloud Connector

Setting Up a Cisco Unified Communications Manager SIP Trunk Integration, page 1

VMware AirWatch Cloud Connector Guide ACC Installation and Integration

Power Tools. Mimecast Training. Student Workbook. V 1.2

Microsoft PRO- Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010

HOW TO SETUP CFS POLICIES WITH LDAP AND SSO TO RESTRICT INTERNET ACCESS ON CFS 3.0

Comodo Dome Antispam MSP Software Version 1.0

IBM Proventia Network Mail Security System. Administrator Guide. Version 1.6. IBM Internet Security Systems

Security by Any Other Name:

Load Balancing Nginx Web Servers with OWASP Top 10 WAF in Azure

Office 365 Journaling

How-To Configure Message Routing Between Cisco Cloud Security and Office 365

NetMotion Integration with GreenRADIUS - Quick Start Guide

Test-king q

Dell SonicWALL Security 8.2. Administration Guide

Welcome to ncrypted Cloud!... 4 Getting Started Register for ncrypted Cloud Getting Started Download ncrypted Cloud...

Firewall XG / SFOS v16 Beta

Student Lab Manual MS101.1x: Microsoft 365 Security Management

SMTP Scanner Creation

AD Sync Client Install Guide. Contents

Load Balancing Web Servers with OWASP Top 10 WAF in Azure

Fireware-Essentials. Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.

SafeConsole On-Prem Install Guide. version DataLocker Inc. July, SafeConsole. Reference for SafeConsole OnPrem

SymmetryCRM: Outlook Mail Application Tool

Microsoft Exam

Transcription:

How to Configure Esva for Office365 This article addresses configuring Office 365 with Libra Esva as your inbound and/or outbound mail gateway. You can specify the appliance as an inbound mail gateway through which all incoming mail for your domain passes before reaching your Office 365 account. Esva filters out spam and viruses, and then passes the mail on to the Office 365 mail servers. Use the Inbound Configuration instructions below to configure. You can likewise specify Esva as the outbound mail gateway through which all mail is sent from your domain via your Office 365 account to the recipient. As the outbound gateway, Libra Esva processes the mail by filtering out spam and viruses and applying any outbound policies (blocking, encrypting, etc.) before final delivery. By using the configuration described in Outbound Configuration below, you instruct the Office 365 mail servers to pass all outgoing mail from your domain to the appliance. INBOUND CONFIGURATION Log into the Office 365 Portal. From the Admin Center navigate to Setup -> Domains in the left panel. Select your domain from the domain list and click on it. Read the value next to the MX Type row:

As shown in Figure above Points To Address of yourdomain.com.mail.protection.outlook.com is the Office 365 destination mail server. Log into the Libra Esva web interface and go to the System -> Mail Transport -> Relay Configuration -> Domain Relay menù. Add (or Edit if already present) the yourdomain and set the Mail Server field as found in the previous step.

The Mail Server address indicates where the Libra Esva should direct inbound mail from the Internet (to your Office 365 Exchange server). Recipient Verification One issue with Office365 is that Microsoft doesn t provide access to an Active Directory system and does not enable recipient verification by default. So you must either set up a Valid Recipients list in Libra Esva or integrate Libra Esva with a separate AD/LDAP directory to allow recipient verification. Alternately in Office365 you can enable the Directory Based Edge Blocking (DBEB) feature, which is similar to the Valid Recipient list in Libra Esva and switch di Dynamic Verification in Esva. Instructions can be found here: https://technet.microsoft.com/en-us/library/dn600322%28v=exchg.150%29.aspx However, if you have your own external AD/LDAP you can integrate this with Libra Esva to do recipient verification, streaming and authentication of user credentials. Another solution is to set your domain on Office 365 as Authoritative and always set Libra Esva recipient verification to Dynamic.

In addition Office 365 does provide a public POP3 service which you may be able to use for authentication of users accessing the Libra Esva webui. To use these services, please contact Microsoft for details. Domain Antispoofing Leave Domain Antispoofing setting disabled unless you are sure that no one else is sending email with your domain as envelope sender. RECOMMENDED OPTIONAL STEPS A] Disable Office 365 Spam Checks In the Office 365 Portal, to disable internal spam checks for the email analyzed by Libra Esva, create a Transport Rule: 1) Click on Admin Centers and select Exchange from the drop-down in the left panel. 2) On the left side then click Mail Flow link. 3) Under Rules, click the [+] button and select Create New Rule. 4) Give it a Name 5) Look down at the bottom and click More options 6) Under the Apply this rule if drop-down, select The sender -> IP address is in any of these ranges or exactly matches. 7) In the pop-up titled IP address ranges, input the Libra Esva IP address 8) Click [+] and then click OK.

9) Under the *Do the following section, select Modify the message properties -> Set the spam confidence level (SCL), and under Specify SCL, select Bypass spam filtering via the drop-down. 10) Click OK, and then click Save to save the new transport rule. Do the same under the Connection Filtering section. 1) On the left side client Mail Flow and select Protection on the top right 2) Click on Connection Filter 3) Click the Edit icon 4) Click on Connection Filtering 5) Click on the plus icon +within the IP Allow list section 6) Enter the Libra Esva IP Address B] Lock Down Office 365 to accept email only from Libra ESVA Add a mail flow rule to allow email to be sent from Libra ESVA 1) Click on Admin Centers and select Exchange from the drop-down in the left panel. 2) On the left side then click Mail Flow link. 3) Click [+] to access the pull down menu. 4) Select Restrict messages by sender or recipient 5) Give it a Name (for example, Only accept mail from Libraesva) 6) For Apply this rule if select The Sender is located and Outside the organization. 7) For Do the following select Delete the message without notifying anyone. 8) Uncheck Audit this rule with severity level. 9) For Choose a mode for this rule select Enforce. 10) Click More options. 11) Click add exception. 12) Select the sender > IP address is in any of these ranges or exactly matches 13) Add here the Libra ESVA IP address to the IP address list. 14) Click OK 15) Clive Save. 16) Uncheck the checkbox to disable the rule. You will re-enable the rule once you are ready to reject mails not originating from your Libra ESVA!

C] Office 365 Rate Limiting Only if you are experiencing Rate Limiting Problems: create a Receive Connector. WARNING: If you are an ISP/MSP managing multiple different domains on Office 365 do not create this connector or you may experience Mail Loop problems with Office 365! 1) On the left side client Mail Flow and select Connectors on the top right 2) Under Connectors, click the [+] button. 3) From: Your Organization s email server To: Office 365 4) Click Next. 5) Give it a name and click Next 6) Under How to identify email sent from your email server, select the second option and enter your Libra Esva public IP address: 7) Click Next and then Save NOTE: This is the official Microsoft documentation about adding a new receive connector in Office 365.

OUTBOUND CONFIGURATION WARNING: We do NOT recommend routing mails from Office 365 to Libra Esva as Microsoft Exchange Online DOES NOT support smarthost authentication yet! Our suggestion is to let Office365 deliver mails directly! Before going through the configuration steps below please Update the SPF Record for your domain(s)! Your organization should already have a SPF record for the domain(s) registered with Office 365. When implementing Libra Esva with Office 365, this record must be updated in the DNS zone for the relevant domain to include the following: Remove: v=spf1 include:spf.protection.outlook.com all Replace with or add: v=spf1 a: a.b.c.d ~all Where a.b.c.d is the IP Address of your Libra Esva Appliance! To configure the outbound mail flow from Office 365 to Libra Esva proceed as follows: Log into the Office 365 Portal. Click on Admin and select Exchange from the drop-down in the left panel. Select mail flow from the left link navigation bar. Select the connectors link at the top. Create a new connector In the From section select Office 365, and in the To section select Partner Organization. Click Next.

Give the new connector a Name (for example: Office 365 to LibraEsva), optional Description, and decide if the connector should be enabled once it has been saved using the Turn it on checkbox. Click Next. Leave the default Only when email messages are sent to these domains selected and click the plus icon to add the recipient domains that should use this connector. To route all outbound emails to Libra Esva enter * here and click ok, followed by Next.

Select the Route email through these smart hosts option, and click the plus icon to add the ip address or FQDN of your Libra Esva Appliance. Click Save, followed by Next. Leave the default Always use Transport Layer Security (TLS) to secure the connection (recommended) and Any digital certificate, including self-signed certificates (unless you own a trusted one) set and click Next.

Verify your settings and click Next.

Now go on your Libra Esva Appliance and select Menù System->Mail Transport->Relay Configuration->Trusted Networks and select the option Trust Microsoft Office 365 at the bottom of the page:

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback