Office 365 Integration Guide: Introduction

This document provides detailed instructions for integrating the CipherMail Email Encryption Gateway with Microsoft Office 365. The goal is to ensure that secure email communications are routed properly between CipherMail and Office 365. The integration process includes configuring mail flow connectors, adjusting necessary settings on both CipherMail and Office 365, and verifying secure message transfer. Each section in this guide walks through the required steps, explains configuration options, and highlights additional security considerations to assist administrators in achieving a reliable and secure setup.

Requirements

  • A functional CipherMail Email Encryption Gateway (pro edition).

  • The CipherMail gateway should allow incoming email on port 25.

  • The CipherMail gateway should be allowed to send email on port 25.

  • The CipherMail gateway should have a static external IP address.

  • The CipherMail gateway is configured with a trusted TLS certificate (Let’s Encrypt certificate is recommended).

  • Office 365 account with exchange admin access.

Note

Many cloud service providers, such as Azure and Digital Ocean, block outgoing email traffic on port 25 by default to prevent spam and enhance security. As a result, attempting to send emails directly using port 25 may fail unless this restriction is removed. To enable outgoing email on port 25, you need to contact your cloud provider’s support team and request that they lift these restrictions for your account or server. Note that some providers may require justification or additional information before granting this exception.

CipherMail Email Encryption Gateway Office 365

Warning

Microsoft recently locked down access to the incoming connector. By default you are no longer allowed to enable an incoming connector which is used to send email to external recipients. If you try to enable the connector, the following error message will be shown:

‘’’ Error executing request. For this service offering, you can’t enable an inbound connector. Please contact Support to enable it. Organization ‘…’, Service Offering: ‘O365_BUSINESS_ESSENTIALS’. ‘’’

Failed to update connector

Unfortunately only Microsoft can lift this block. Please contact Microsoft support to allow the incoming connector to be enabled.

If Microsoft is not willing to enable the connector, you should use some other relay option like for Example Amazon SES. Please contact us if you need help setting up Amazon SES with the CipherMail Appliances.