.

For inline configuration you will need to change the MX record of your organizational domain to point to Perception Point’s servers (effectively to Amazon SES). All incoming mail to this domain will first be received by Perception Point, following this, it will be delivered to the next mail relay (i.e. Office365).

Follow the following steps to accomplish this setup

Please follow the order and do not skip steps, if any difficulty accrues in one of the steps please contact Perception Point

1. Customer will provide Perception Point with these details:

2. Verify domain against Amazon SES

  1. Create a TXT domain verification record with the value provided by Perception Point in your settings section. Use the values under “TXT Record Name” and “TXT Record Value”.
    This configuration should be done in the domain provider management dashboard.
  2. In your accounts’ settings section go to → TXT Record Verification → <press “verify” on the right side>
  3. Note: It might take up to 72 hours until your domain is verified, repeat until it says “Verified”. Do not proceed with the setup until this step is done.
     

    Your account settings should look like this:

    3. Whitelist Perception Point IP’s as trusted sender, follow these steps in Office365:

    1. Exchange Admin → protection → connection filter → <Edit ‘Default’> → Allowed IP Address → <Add the following IP addresses>
      1. 34.199.131.247 
      2. 34.230.185.136

    4. Verify that your mail server accepts mail sent by Perception Point

    1. Login to your accounts’ settings section → Trusted Sender Verification → <press “verify” on the right side>
    2. In the popup window enter an email address you own within the configured organizational domain
    3. An email should arrive in your inbox, copy the verification code and paste it in the popup
    4. Note: it might take some time until previous steps will take action, therefore you might need to repeat this step several times. Do not processed before this step is done.

      This is how your settings section should look like after this step

    4. Disable IP Throttling

    1. Exchange Admin → mail flow → connectors → <create new connector>
    2. From: Partner organization, To: Office365
    3. Name: Disable IP Throttling on PerceptionPoint Connector
    4. “Use the sender’s IP Address” → <Add the following IP addresses>
      1. 34.199.131.247 
      2. 34.230.185.136

    5. Leave default TLS settings
    6. Save

    5. Change MX record of the domain to Amazon SES address:

    1. inbound-smtp.us-east-1.amazonaws.com

    5. Verify that your inbound emails are routed through Perception Point’s advanced mail protection service

    1. Login to your accounts’ settings section → Routing Verification → <press “verify” on the right side>
    2. In the popup window enter an email address you own within the configured organizational domain
    3. An email should arrive in your inbox, copy the verification code and paste it in the popup
    4. Note: it might take some time until previous steps will take action, therefore you might need to repeat this step several times. When this step is done, all your emails are routed through Perception Point’s server. You can double check it if you look at the SMTP headers of newly received emails you should find “X-PERCEPTION-POINT-VERDICT”.

    6. (Optional) Add quarantine rule for malicious mails:

    1. Exchange Admin → Mail flow → Rules → “Create a new rule…”
    2. (Before filling the next fields click on “More options” at the bottom)
    3. Name: PerceptionPoint Quarantine Rule
    4. Select “Apply this rule if…” → “A message header…” → “Matches these exact patterns”
      1. Choose “Enter Text” → <Insert “X-PERCEPTION-POINT-VERDICT“> (without quotes)
      2. Choose “Enter Text Patterns” → <Insert “MAL“> (without qoutes)
    5. Select “Do the following…” → “Redirect the message to…” → “Hosted quarantine”
    6. Add more actions of your preference (i.e. “Generate incident report and send it to…”)

    Back to Documentation

Stay a step ahead

Research & News.

Asset 5
Article

Hardware vs. Software-based detection

By Shlomi Levin, Founder & CTO

A brief history of software exploitation and mitigation techniques, and how defensive technologies must be approached today.

Asset 5
News

Perception Point closes $8m series A round

By Perception Point Marketing

Will use funding to launch US presence and expand product portfolio.

Asset 5
CVE

Analysis and Exploitation of a Linux Kernel Vulnerability

By Perception Point Research

We have identified a zero-day local privilege escalation vulnerability in the Linux kernel.

Contact Us

Schedule a trial today.

Yes, I would like to receive email communications from Perception Point. I understand I can unsubscribe at any time.