This article consists of the instructions on how to correctly setup HDE Email DLP so that it is fully functional within your Office 365 domain environment. After completing this setup, you will be able to start using the features of HDE Email DLP such as mail suspension, email filtering, mail approval and more.
For the set values, please refer to the values that we have provided.
The guide contains four parts:
1) Setup Prerequisites
2) Connection Filter Setting
Purpose - To add the IP Address of our mail servers to the Default IP Allow List.
3) Outbound Connector Setting
Purpose - To add a mail flow for the purpose of redirecting the mails to our server.
4) Rule Setting
Purpose - To add a Rule to redirect the mails to our server using the created Outbound connector.
(1) Setup Prerequisites
Register a new SPF record for all the your domains to your DNS server.
The purpose of registering a new SPF record is to allow our service to send emails on behalf of your domain(s). The following is the SPF record:
v=spf1 include:spf.protection.outlook.com include:[xxx].hdemail.jp ~all
As we are unable to access to the DNS settings of your network environment, you might want to cooperate with the network administrator of your office environment to complete this process.
(2) Connection Filter Setting
(Please note that you should skip this step if you have performed this settings in "Setting Up HDE Mail Archive (Office 365)")
Step 1 - While you are at “Exchange admin center”, Go to “protection” -> “connection filter” and click on the edit button as shown as below:
Step 2 - After clicking the “Edit” button, a small window will pop up. Go to “connection filtering” and click on the add button to input the IP address into the IP Allow list as shown as below. We will provide the IP addresses of our server via direct communication. Also, please ensure the “Enable safe list” is checked. Click “Save” to complete the process.
(3) Outbound Connector Setting
Step 1 - Next, we shall proceed to the settings for “Outbound Connectors”. While you are still at “Exchange admin center”, go to “mail flow” -> “connectors”, click on the add button as shown as below:
Step 2 - Once you have clicked the add button, you will then be required to select the mail flow which is from “Office 365” to “Partner organisation”. After selecting, click “Next” to proceed.
Step 3 - Then, you shall give a name to the connector. You could enter any name that you desired, a recommended name would be “HDE One Outbound Connector”. Also, please be sure the “Turn it on” option is checked. Click “Next” to proceed to next step.
Step 4 - Please check the “Only when I have a transport rule set up that redirects messages to this connector” option as we will be setting up a transport rule that utilises this newly created connector.
Step 5 - Please check the “Route email through these smart hosts” option and add a smart host by clicking the add button.
Step 6 - The domain name of the smart host would be “mo.yourdomain.hdemail.jp” which we will also provide in direct communication with you. After adding the smart host, you may proceed to the next step.
Step 7 - Please check the “Any digital certificate, including self-signed certificates” option and click “Next”.
Step 8 - In the next interface you can review and confirm the settings. Click “Next” to proceed to the next step.
Step 9 - In this step, you will have to input an email address for the system to validate this connector. Click “Validate” to allow the system to run its validation process.
Step 10 - After a short while, the validation process will be completed. Note that if the validation process is not able to be successfully executed, please try again for multiple times. If the problem still persists, you may contact our support staff.
(4) Rule Setting
(Please note that you should refer to following article if you want to forward the email sent by specific member or group: Setting Up Distribution Group for Specific HDE Email DLP Users. And then, proceed to Step 5)
Step 1 - Next, we shall proceed to the settings for “Rule”. While you are still at “Exchange admin center”, go to “mail flow” -> “rules”, click on the add button as shown as below:
Step 2 - You will be presented with an interface to create a new rule. First, click on “More options…”.
Step 3 - Please give the rule a name such as “HDE One Outbound Rule”. Then, for “*Apply this rule if…”, please select “The recipient...” and select “is external/internal”
Step 4 - You will be prompted to select the recipient location which you shall select “Outside the organisation”. Click “OK” to proceed.
Step 5 - Click on “Select one” for “*Do the following…” and select “Redirect the message to…” -> “the following connector”.
Step 6 - You will be prompted to select the connector, please select the connecter that you have just created and click “OK”.
Step 7 - After all the settings are done, scroll all the way down and click “Save”.
After completing this step, you have now completed the entire setup for HDE One Email DLP with Office 365.