Description
In most cases, the inbound connector to Microsoft 365's Exchange Online to secure mail flow from Mailprotector is sufficient. Emails arriving from Mailprotector often fail SPF and DMARC validation performed by Exchange Online Protection (EOP) or Microsoft Defender. Since the inbound connector establishes a trusted connection, this does not create a problem.
If there is a need to also use EOP or Microsoft Defender as a second filter of messages, configuring Enhanced Filtering will be required. The feature provides Microsoft with gateway IP information to properly perform SPF, DKIM, and DMARC evaluations when messages come through Mailprotector first.
Configuring Enhanced Filtering for connectors increases the chances that Microsoft's filters will put emails into the Junk Email folder. Microsoft will perform stricter filtering of emails when the gateway IP addresses are identified. Mailprotector has no control or influence on Microsoft's filtering actions. Users must be aware that emails can be held in Mailprotector's quarantine or the Junk Email folder of Outlook.
Configuration
- Configure and implement the inbound connector per the instructions - Office 365 - Inbound Connector. If you do not create the inbound connector, the skip listing option will not be available in Step 2.
- Verify that the inbound connector has been excluded from advanced filtering by following the instructions forĀ Enhanced Filtering for Connectors in Exchange Online.
Gateway IP Addresses
One of the steps in the configuration requires adding all the IP addresses used between the sending source and Mailprotector's gateway. The following list of IP addresses needs to be added to theĀ IP addresses to skip list.
52.0.31.31
52.0.74.211
52.0.70.91
Best practice: Use CloudFilter as the primary filtering layer. We typically recommend an SCL -1 / bypass spam filtering rule (or equivalent) so Microsoft 365 does not re-filter messages after CloudFilter.
- If you choose to run EOP/Defender alongside CloudFilter, Enhanced Filtering specified above may reduce double-filtering side effects, but it cannot prevent all issues (e.g., quarantines, verdict changes, message modifications).
Related to
Updated