Configuration of MailCleaner AntiSpam with Microsoft Office 365

MailCleaner Support
Added 11 months ago

Office 365

Delivery server

The destination server configured for your domain ( Configuration > Domains > YourDomain.tld > select tab Delivery) should be the MX record provided by Microsoft such as:

domain-tld.mail.protection.outlook.com

Configure the address verification

For configuring the address verification as well known as the recipient verification, you have to configure both MailCleaner and Office 365.

In MailCleaner:

  • Configuration > Domains > YourDomain.tld > select Address verification tab and : set to SMTP

In Office 365:

In Office 365 solution, you have to enable the Exchange Online Protection. You have to use Global Admin or an Exchange Company Administrator account.

The Directory Based Edge Blocking (DBEB) feature from Office 365 enables users to reject messages for nonexistent recipients.

For enabling DBEB, follow these steps:

  • Ensure the domain is set to Internal Relay, by going to EAC > Mail Flow > Accepted Domains > Select your domain and click Edit > check if the domain type is set to Internal relay, if not change it to Internal relay and click Save.

  • Add your valid users to office 365 via Directory synchronization, remote Windows Powershell or directly from the Exchange Admin Center (EAC).

  • Now set your domain to Authoritative. Follow the same path as above, Mail Flow > Accepted Domains > select your domain and set it to Authoritative. After you click Save, please confirm that you wish to enable Directory Based Edge Blocking.

Here is the Microsoft documentation related to this chapter: https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/use-directory-based-edge-blocking

Authentication

For authenticating your users with MailCleaner through Oficce 365, you have to set the authentication server as outlook.office365.com:993 and the authentication type as IMAP.

Finally

Now, when you configured everything, you have to change your MX records in order to point to your MailCleaner's servers.
Do not forget to adapt your SPF entry in your DNS to include the Microsoft O365 entries according to their documentation, but also to add the IPs of your MailCleaner servers too.

Info: a warning on the Office 365 dashboard will inform you that your MX are not pointed to Microsoft. You can ignore it.

Advantages of the MailCleaner solution with Microsoft Office 365: https://support.mailcleaner.net/boards/3/topics/52-advantages-of-the-mailcleaner-solution-with-microsoft-office-365