Semi-Inline On Selected Users
Adding routing rule in Office365

Using this option, the customer is able to route production mail flow through Perception Point’s service without changing the MX record and is able to select specific users to be protected.

Follow the following steps to accomplish this setup

Please follow the order and do not skip steps, if any difficulty accrues in one of the steps please contact Perception Point

1. Customer will provide Perception Point with these details:

  1. Domain Name (i.e. customer.com)
  2. Original MX record for this domain (I.e customer-com.mail.protection.outlook.com)

2. Verify domain against Amazon SES

  1. Create a TXT domain verification record with the value presented in the account settings section. This configuration should be done in the domain provider management dashboard.

Note: do not change MX record before confirming with Perception Point that the TXT record is added and the domain is verified.

3. Whitelist Perception Point IP’s as trusted sender, follow these steps in Office365:

  1. Exchange Admin → protection → connection filter → <Edit ‘Default’> → Allowed IP Address → <Add the following IP addresses>
    1. 34.199.131.247
    2. 34.230.185.136

4. Disable IP Throttling

  1. Exchange Admin → mail flow → connectors → <create new connector>
  2. From: Partner organization, To: Office365
  3. Name: Disable IP Throttling on PerceptionPoint Connector
  4. “Use the sender’s IP Address” → <Add the following IP addresses>
    1. 34.199.131.247
    2. 34.230.185.136

  5. Leave default TLS settings
  6. Save

5. Create a “Connector”, In Office365:

  1. Exchange Admin → Mail flow → Connectors → < new connector >
  2. From: Office365, To: Partner Organization
  3. Name: “PerceptionPoint scanning”
  4. Select: “Only when I have a transport rule set up that redirects messages to this connector”
  5. Select: “Route emails through these smart hosts”
    1. Add the following Amazon SES FQDN: inbound-smtp.us-east-1.amazonaws.com

  6. Leave default TLS settings
  7. In the validation screen use the following email address: noreply@perception-point.io

  8. Save

6. Create Routing Rule, In Office365

  1. Exchange Admin → Mail flow → Rules → “Create a new rule…”
  2. (Before filling the next fields click on “More options…” at the bottom)
  3. Name: PerceptionPoint Redirect Rule
  4. Select “Apply this rule if…”
    1. Select “The recipient is…”
    2. Add all users/groups you wish to route through Perception Point
  5. Select “Do the following…” → “Redirect the message to…” → “The following connector” →
  6. Select “Except if…” → add exception → The sender… → IP address is in any of these ranges or exactly matches →
    1. 34.199.131.247
    2. 34.230.185.136

7. (Optional) Add quarantine rule for malicious mails:

  1. Exchange Admin → Mail flow → Rules → “Create a new rule…”
  2. (Before filling the next fields click on “More options…” at the bottom)
  3. Name: PerceptionPoint Quarantine Rule
  4. Select “Apply this rule if…” → “A message header…” → “Matches these exact patterns”
    1. Choose “Enter Text” → <Insert “X-PERCEPTION-POINT-VERDICT“> (without quotes)
    2. Choose “Enter Text Patterns” → <Insert “MAL“> (without qoutes)
  5. Select “Do the following…” → “Redirect the message to…” → “Hosted quarantine”
  6. Add more actions of your preference (i.e. “Generate incident report and send it to…”)

Back to Documentation