This topic outlines the steps to configure outbound mail routing from Office 365 through Cyren.
By default, emails sent from Office 365 are DKIM signed, using the default domain:
Cyren uses this information to validate the outbound email originated from the sender, and accepts the mail for outbound delivery.
The most reliable way a customer can check that this default DKIM signature is in place, is by inspecting a delivered outbound email, and ensuring that the d= field on the DKIM signature represents [Customer].onmicrosoft.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=[Customer].onmicrosoft.com; s=selector1-company-tld; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
It is possible to configure DKIM in Office 365 to use a different domain, or ‘(default signing domain)’, however this configuration is not currently supported.
In Settings > Account take a note of your Customer ID (657nnn) in this instance.
In Settings>Email Services>Security>Outgoing Email Hosts add an email host in the following format:
|The second, third and fourth octet in the IP address added must represent your Customer ID.|
Office 365 Configuration Steps
From the Office 365 Exchange Admin Center:
Type in a connector name in the *Name field, for example, Outbound Cyren Connector.
|It is mandatory to check the Turn it on checkbox.|
Select Only when email messages are sent to these domains and add an * to the domain list, and click Next.
Select ‘Always use TLS’, and select ‘Issued by a trusted certificate authority (CA)’, click Next, and once again Next.
|Validation will fail if your domain (customer.onmicrosoft.com) has not been added to your Cyren account as a domain in Settings > Email Services>Security>Email Gateway Settings.|