LOG IN to the Office 365 Administration Console.
Select the Admin | Exchange menu item. The Exchange Admin Center is displayed. Once displayed, in the menu on the left-hand side, navigate to Mail flow and then Connectors.
If your Organization hasn't updated their SPF for Office 365:
Your organization should have a SPF record for the domain(s) registered with Office 365. When implementing ExchangeDefender with Office 365, this record must be updated in the DNS zone for the relevant domain to include the following:
Remove: v=spf1 include:spf.protection.outlook.com –all
Replace with: v=spf1 include:proxy.exchangedefender.com -all
CONFIGURING OUTBOUND SMARTHOST CONNECTOR:
LOG IN to the Office 365 Administration Console.
Select the Admin | Exchange menu item. The Exchange Admin Center is displayed. Once displayed, in the menu on the left-hand side, navigate to Mail flow and then Connectors.
Click the ‘+’ button and you’ll be greeted with the following context menu. Once you've selected 'Office 365' and 'Partner Organization' click the 'Next' button.
ENTER the name of the connector (We suggest using ExchangeDefender).
CLICK check box for “Turn it On”. Click NEXT -
Select the option for 'Only when email messages are sent to these domains' and click the '+' button to add the domains
Put * in the domain name field and hit the 'Ok' button.
SELECT 'Route email through these smart hosts' and then hit the '+' button.
Add a smart host. Add 'outbound.exchangedefender.com' as you see it below.
Once you've entered the smart host hit the 'Save' button. From there you'll be taken to the TLS screen. Keep all options default as shown in the screenshot below.
Validate your configuration by letting O365 send a test email. Enter in any email address of a recipient outside of your organization. Click the + then click VALIDATE.
Microsoft365 (Office 365) can at times, typically during high load or attack on the tenant, randomly block partner organizations from connecting to deliver email. In order to work around this issue, you need to follow the following steps.
Microsoft 365 security controls have been moved to Microsoft 365 Defender Security Center at https://security.microsoft.com
Upon login you should see a welcome screen with navigation on the left. The following click-through instructions will help you set everything up to securely receive email through ExchangeDefender without M365 interruptions.
Click on Policies & rules.
Click on Threat Policies.
Click on Anti-Spam.
Click on Edit connection filter policy.
In the field "Always allow messages from the following IP addresses or address range add the following ranges:
65.99.255.0/24
206.125.40.0/24
Please note (#2) that once you type in the range you must click on the dropdown in the UI. It will convert the text you just typed in to a range and add an X next to it. If your browser / M365 is not doing what you see in this screenshot, please contact Microsoft support.
Finally, click on Turn on safe list and click on Save.
ExchangeDefender protects you from SPAM and Phishing threats. To avoid M365 falsely identifying messages as fraud, follow these steps to add ExchangeDefender to tenant allow policies:
Manage Anti-Phishing Rules
Policies & rules
Tenant Allow/Block Lists
Below is the content to paste into the domain pair list
You're all done with Microsoft M365 setup for ExchangeDefender.
Please proceed to deploy your DMARC, as it is required to send and receive email.
ExchangeDefender is easy to reach, and we are here to help with your IT: