Loading...

Configuring Microsoft365 with ExchangeDefender


If your Organization hasn't updated their SPF for Office365:

Step 1: Configuration


Your organization should have a SPF record for the domain(s) registered with Office 365. When implementing ExchangeDefender with Office 365, this record must be updated in the DNS zone for the relevant domain to include the following:


Remove: v=spf1 include: SPF.PROTECTION.OUTLOOK.COM –all
Replace with: v=spf1 include: EXCHANGEDEFENDER.COM -all

CONFIGURING OUTBOUND SMARTHOST CONNECTOR:

Step 2: Mail Flow


LOG IN to the Office 365 Administration Console.

Select the Admin | Exchange menu item. The Exchange Admin Center is displayed. Once displayed, in the menu on the left-hand side, CLICK 'mail flow' as shown.

Step 3: Select ‘Connectors’


Click the ‘+’ button and you’ll be greeted with the following context menu. Once you've selected 'Office365' and 'Partner Organization' click the 'Next' button.

Step 4: New Connector


ENTER the name of the connector (Can be a name of your choosing, we chose Exchange Defender for the purposes of this guide).

CLICK check box for “Turn it On”. Click NEXT -

Select the option for 'Only when email messages are sent to these domains' and click the '+' button to add the domains

Step 5: Set the Connector Scope


Put * in the domain name field and hit the 'Ok' button.

Step 6: Route Email


SELECT 'Route email through these smart hosts' and then hit the '+' button.

Step 7: Add a Smart Host


Add a smart host. Add 'outbound.exchangedefender.com' as you see it below.

Once you've entered the smart host hit the 'Save' button. From there you'll be taken to the TLS screen. Keep all options default as shown in the screenshot below. Click NEXT. Add a smart host. Add 'outbound.exchangedefender.com' as you see it below.

Step 8: Validate Settings


Validate your settings. NEXT , validatethat the connector works properly, so hit the '+' button to add a specific email to test it on. Click OK Hit VALIDATE.

Microsoft365 and ExchangeDefender Connection Filtering


Microsoft365 (Office365) can at times, typically during high load or attack on the tenant, randomly block partner organizations from connecting to deliver email. In order to work around this issue, you need to follow the following steps.

Step 9: M365 Admin Center


Login to Microsoft 365 admin center which is located at https://go.microsoft.com/fwlink/?linkid=2081615

Step 10


On the left toolbar under "Admin centers"


Step 11: Exchange Admin Center


You will be redirected to the "Exchange admin center" site. Click on Protection.


Step 12: Connection Filter



Look across the top and click on "connection filter"

Step 13


Click on "Default" then click on the pencil icon above it (to Edit)


Step 14


You will now be on the Default connector screen. Click on "connection filtering"

Step 15


Under "IP Allow list" you will see a + icon. Click on the + icon to add an allowed IP address. Type in 65.99.255.0/24


Step 16


Click on OK.

Step 17: IP Allow list


Under "IP Allow list" you will see a + icon. Click on the + icon to add an allowed IP address. Type in 206.125.40.0/24


Step 18


Click on OK. Click Save.


Congratulations, you're done!


Need assistance?

ExchangeDefender is easy to reach, and we are here to help with your IT: