Forum Discussion

thirzanatasha's avatar
thirzanatasha
Copper Contributor
Sep 23, 2024

How to use third party mail security gateway to scan internal/inter-domain mails

Hi All,

In my mail server environment, there’s a requirement for internal emails (e.g., a mail sent from email address removed for privacy reasons to email address removed for privacy reasons) to be scanned by a third-party email security gateway that the company recently purchased. However, from what I understand, this might be impossible because all internal emails use the implicit Send connector named the intra-organization Send connector.

I would like to know if there is any way to edit or configure the intra-organization Send connector so that, instead of using the intra-organization Send connector, the Exchange On-Premise Server will use my custom/recently created connector. This way, all internal emails will be sent to the third-party email security gateway first, scanned, and have all policies applied before the gateway sends the scanned emails to the recipients within the same domain.

Alternatively, if there is another way to achieve my main goal—using a third-party email security gateway to scan internal emails instead of directly sending them and relying solely on the security of the Exchange Server On-Premise for internal mail protection—please let me know.

Thank you.

2016
exchange online
Exchange Server
hybrid
office 365

3 Replies

Sort By
  • Dan_Snape's avatar
    Dan_Snape
    Iron Contributor
    Sep 27, 2024
    You can configure mail flow to rout all messages as you need. You need to be careful that you don't convert what should be "internal" mail to "external" mail. Your best option is to install a 3rd party security tool on the Exchange servers themselves, and they usually act at the transport layer in Exchange.
    What type of malicious actions are you expecting from internal senders? Normal antivirus should take care of malicious files, so unless you expect your internal people to be sending phishing emails etc, I don't believe there's really any requirement for this, and if you think internal senders are sending phishing emails there may be some bigger issues at your organisation.
    • thirzanatasha's avatar
      thirzanatasha
      Copper Contributor
      Sep 27, 2024

      Hi Dan_Snape,

       

      Thank you for the reply.

      Do you have any recommendations on 3rd party security tools on the Exchange servers? 

       

      Regards,

      Thirza Natasha

      • Dan_Snape's avatar
        Dan_Snape
        Iron Contributor
        Sep 30, 2024
        No. I haven't recommended a 3rd party solution to be installed on Exchange Servers for many years. Most of the big AV products have a version for Exchange

Resources