Excluding outbound mail to specific domains from routing through the Outbound Connector


This article provides steps for excluding specific domains from delivery through the Mailprotector outbound relay. These configurations are intended only to mitigate outbound transport IP reputation issues temporarily.

Applies To:

CloudFilter, SafeSend, Exchange Online, Office 365 (O365)


This article is written assuming that the Mailprotector outbound connector configuration is in use.

MAIL FLOW CHANGE WARNING: The following configurations prevent all mail to the excluded domains from reaching the Mailprotector relay. This means that filtering, logging, SecureStore archiving, and Bracket encryption will not be available for outgoing messages to those domains. If you have any uncertainty regarding whether this change is necessary for your domain, please contact the Mailprotector Partner Success team to review the scenario with you and identify if this is the appropriate next step.

  1. Under the "When to use this connector" section of the configurations for your MP outbound connector, adjust the connector only to run when messages are redirected from a transport rule.



  2. The remaining connector options can be left as is, and the connector can be saved.
  3. Add a transport rule pointing to the outbound connector with criteria of "Sender is located inside the organization" and "Recipient is located outside the organization."
  4. Click "More Options" and then add an exception for "Recipient Domain is"
  5. Enter any domains that should be excluded from routing through the Mailprotector relay into the Specify Domain field, clicking the + icon for each entry. Once all domains have been added, click OK.




  6. Confirm that all settings are correct, and then click Save. The rule should look similar to the screenshot below. Use your connector name and excluded domains in place of the samples.




IMPORTANT: These configurations are only intended as a temporary solution. Once the root cause of the deliverability issue has been identified and resolved by Mailprotector, it is recommended that the outbound connector be returned to its previous configuration.

Have more questions? Submit a request