Jan 22 2020 07:45 AM
Current we have:
Inbound:
Internet --> MX MacAfee Appliance (Spam and Virus filtering) --> Exchange 2010 --> Exchange Edge --> Office 365
Outbound is the reverse.
We want to remove Exchange 2010 servers and keep one Exchange 2016 for mail object maintenance.
Ideally, we want the mail flow to change to this:
Inbound:
Internet --> MX Mcafee Appliance (Spam and Virus filetering) --> Office 365
Outbound is the reverse.
Going thru the McAfee Appliance is mandatory by management. It lives in our DMZ. The MX records for the domain point here.
I can't find any documents that explain exactly how to set this up. Please point me in the right direction.
Thanks in advance...
Jan 22 2020 03:29 PM
SolutionHi @Daniel Thompson,
For incoming, you would need to look at white-listing the IPs of the appliance in Exchange Online so it doesn't treat them as spam., then point the appliance away from the current Exchange 2010 and onto the MX record of your tenant. I'd also look to set up a connector to reject any email that doesn't come from your appliance.
For outbound, you'll want to set up a connector to route through all of the email to your appliance - something like from Office 365 to partner organisation. I'm not familiar with your particular appliance, but you might have to do some config on that so it expects emails to come from Office365 rather than your old Exchange box.
https://www.azure365pro.com/configuring-mimecast-with-office-365/ - this may help. It's for Mimecast but once you get past all the directory sync stuff at the beginning it should be the same principle for mail routing with your own device.
Hope this helps,
Mark
Jan 23 2020 01:28 PM
@HidMovthanks -- this is the first reference i found to the connection filter. We'll give it a shot. I'll post the results when i have them.
Jan 22 2020 03:29 PM
SolutionHi @Daniel Thompson,
For incoming, you would need to look at white-listing the IPs of the appliance in Exchange Online so it doesn't treat them as spam., then point the appliance away from the current Exchange 2010 and onto the MX record of your tenant. I'd also look to set up a connector to reject any email that doesn't come from your appliance.
For outbound, you'll want to set up a connector to route through all of the email to your appliance - something like from Office 365 to partner organisation. I'm not familiar with your particular appliance, but you might have to do some config on that so it expects emails to come from Office365 rather than your old Exchange box.
https://www.azure365pro.com/configuring-mimecast-with-office-365/ - this may help. It's for Mimecast but once you get past all the directory sync stuff at the beginning it should be the same principle for mail routing with your own device.
Hope this helps,
Mark