Bundle Xeams with Office 365 For Added Security

Microsoft offers a hosted email solution eliminating the need for an in-house Exchange server. There are several benefits of running a spam filtering solution in conjunction with your Exchange server on Office 365. This page talks about benefits and how to configure this solution.

Benefits

  • Junk Filtering - Many companies that have switched from an in-house Exchange to Office 365 still prefer Xeams for their Junk/Spam filtering. Similar to on-premises Exchange, the built-in junk filtering in Office 365's filtering is not very aggressive.
  • Full Control - You have full control over how filtering occurs. It is very important you know why something is quarantined in order to fine-tuning filtering rules. Xeams will give you exactly why something was blocked.
  • Extensive Logging - Extensive logging in Xeams helps troubleshooting common delivery problems.
  • Email Archiving - Archive emails sent to and from your company with the ability to search messages previously sent.
  • Quarantine Reports - You users will get a daily quarantine report with Xeams allowing them to see, and if required, restore messages. Additionally, they will also be able to maintain their own white/black list.
  • End-to-End Encryption - With Xeams you can achieve End-To-End encryption without any plugins in your Outlook.
  • URL Sandbox Protection - Allow users to analyze links before clicking. Click here for details.
  • Safe Attachment Viewer - Safely open attached files by converting them to text. Click here for details.

How to Setup Inbound

You can filter both inbound as well as outbound. Although there is no need to filter outbound emails, Xeams can learn from what goes out making the inbound filtering better.

Following image display the message flow when installing Xeams to filter inbound messages.



Setup Before Xeams When Xeams is not in the picture

  • Assume your domain name is example.com
  • MX record for your domain will point to something like: example-com.mail.protection.outlook.com

Setup After Xeams When Xeams is configured to sit in front of Office 365

Configuration within Xeams

  • Configure the MX record of your domain so inbound emails come to the network where Xeams is installed
  • Run Xeams in either Hybrid or Spam Firewall mode
  • Configure your domain under SMTP Configuration to forward messages to Office 365. You should put example-com.mail.protection.outlook.com for the address in the Forward To field.

Configuration in MS Exchange on Office 365

  • Create a rule to disable built-in spam filtering when emails are received from your IP address using following steps:

How to Setup Outbound

Sending outbound is similar to inbound but in opposite direction.



Setup Before Xeams When Xeams is not in the picture for outbound

  • Messages to foreign domains will be delivered directly to the final destination without Xeams

Setup After Xeams Configure Exchange 365 to forward outbound emails to Xeams

Configuration within Xeams

  • Allow Xeams to relay emails from Exchange using the following steps:
    • Go to Server Configuration / SMTP Configuration
    • Click the tab for Relaying
    • Add *.outbound.protection.outlook.com for Host name/IP address.
    • Put yourDomainName.com in the Sender Restrictions field.
    • Click Add Host


Configuration within Exchange

This is a two-step process. First you have to create a Send-Connector and then have to create a transport rule. Following steps demonstrate the steps:
Creating a Connector
  • Go to mail flow, connectors
  • Create a new connector. Screen shot...
  • Specify a name and ensure check Turn it on. Screen shot...
  • Next, select the answer for Transport Rule. Screen shot...
  • Select Route emails through these smart hosts and specify the public IP address of your network (where Xeams is running). Screen shot...
  • Enable TLS if SSL is enabled on your Xeams. Screen shot...
  • Finally, ensure the settings are correct and save
Creating a Transport Rule
  • Click Create a new rule... in mail flow. Screen shot...
  • Click More Options towards the bottom
  • Apply this rule to messages where sender is located inside the organization and Redirect the message to... previously created connector. Screen shot...
  • Chose the connector. Screen shot...
  • Save