In this article, we present the secure deployment procedure dedicated to Microsoft 365 email.
Simply follow the 3 steps below.
1. Set the destination Mail server :
To deliver filtered messages to Microsoft 365, enter the mail server of the relevant domain.
For example, yourdomain-com.-mail.protection.outlook.com.
1. Log on to the domain management interface at https://www.security-mail.net/
2. Enter your username and password.
3. Navigate to (Configuration => Domain settings => Delivery/SMTP) and update the destination mail server (your server on Microsoft 365).
2. Modify DNS records:
Once the destination mail server has been updated, configure the MX records to redirect traffic to our gateways.
This will reduce the attack surface to your Microsoft 365 mailbox, modify the MX records with the following information.
MX :
Priority Mailing Server
10 france.security-mail.net.
20 europe.security-mail.net.
Some registrars require you to add a DOT after the .net to complete the registration.
SPF & DKIM (Prerequisites) :
To ensure the legitimacy of mail sent via e-securemail servers, you will need to add :
The SPF record, a line you need to add to your DNS server to prevent your mail servers from being impersonated.
The DKIM record, to prove that the domain name has not been usurped and that the message has not been altered during transmission.
These records can be set after deployment, provided you don't already have a DKIM entry.
3. Automated deployment :
After steps 1 and 2 of checking the mail server and updating DNS records, log in and deploy the settings.
"Make sure you have the necessary rights to make changes at the relevant tenant domain level".
This step is essential for the deployment of advanced features such as 'Remediation' and 'Junk Mail in Microsoft Outlook', as well as outbound relaying/filtering.
Login and deploy !
IMPORTANT: this configuration does not apply to a hybrid environment.