Configure Office 365 for EMS
To successfully add Office 365 customers, you will need to perform three steps:
- Configure Cloud USS for the Office 365 accounts.
- Configure Inbound mail on Office 365 to reject non-EMS emails.
- Configure Outbound mail on Office 365 to send email via the EMS servers.
Configure Cloud USS for the Office 365 accounts
Configuring Inbound Mail
- Visit your USS Dashboard and click Products ⟶ E-mail Security ⟶ Product Configuration ⟶ Inbound Mail.
- Click to add a new delivery route.
- In the Domain field, enter the domain name of the host you want to redirect. For example,
- In the Route field, enter the outlook routing host for this domain name. For example,
Configuration Changes for Office 365
- Log in to Microsoft 365 Defender at https://security.microsoft.com/
- Navigate to Policies & Rules -> Threat Policies -> Anti-Spam Policies. Click on Connection filter policy
- When menu opens, click on Edit connection filter policy. In the Allowed IP Address section, add all of the IP addresses for the Email Security region you are using - see Europe, United States, United Arab Emirates, India
- Enable Turn On Safe List
Configuring Outbound Mail
- Visit your USS Dashboard and click Products ⟶ E-mail Security ⟶ Product Configuration ⟶ Outbound Mail.
- Add a new sending host, by entering the string
spf://spf.protection.outlook.comand clicking .
Configure Inbound mail on Office 365 to reject non-EMS emails
Please follow the steps in this article to restrict Office 365 and then return to this article to continue configuration.
Configure Outbound mail on Office 365 to send email via the EMS servers
You should configure Office 365 to always send mail using the EMS servers.
- Log in to your Office 365 Admin Center, and navigate to Admin Centers ⟶ Exchange.
- In the left-hand pane, click Mail Flow ⟶ Connectors.
- Click + to add a new connector.
- In the From: field, select Office 365.
- In the To: field, select Partner Organization.
- Give the new connector a sensible name.
- Click Next.
- Under When do you want to use this connector? select Only when email messages are sent to these domains, then click the + icon and enter
- Click Next.
- Under How do you want to route email messages, select Route email through these smart hosts.
- Add hosts according to the correct addresses for your cluster - either US, EU or UAE.
- Click Next and then click Confirm to create the connector.
1. The connector is enabled
2. The default domain is the domain configured in EMS domain settings (MailFlow -> Accepted Domains)