Integrate with Microsoft 365

If you are integrating with Microsoft 365, complete the following steps in the Microsoft 365 Exchange Admin Center.

  1. Add a connector to accept inbound email from Secure Email Threat Defense. To do so, navigate to the Microsoft 365 Exchange Admin Center https://admin.exchange.microsoft.com/#/connectors, and add a connector for inbound traffic from Secure Email Threat Defense by using the following settings in the Add a connector wizard:

    1. Connection from: Partner organization.

    2. Connection to: Office 365.

    3. Connector name: Inbound from Cisco Secure Email Threat Defense (select the Turn it on check box).

    4. Identify partner organization: By verifying that the IP address of the sending server matches one of the following IP addresses, which belong to your partner organization. Add the IP addresses for your region here.

    5. Security restrictions: Reject email messages if they aren’t sent over TLS.

  2. In Microsoft 365 Exchange Admin center https://admin.exchange.microsoft.com/#/transportrules, create a Transport Mail Rule to bypass spam filtering for inbound mail from Secure Email Threat Defense:

    1. Name: Bypass Spam Filter for SMTP Source.

    2. Apply this rule if: The sender IP addresses is in any of the following ranges. Add the IP addresses for your mail server here.

    3. Do the following: Modify the message properties: Set the spam confidence level (SCL) to -1.

    4. Rule Mode: Enforce

    5. Severity: Low

    6. Stop processing more rules: selected

    7. Match sender address in message: Header or Envelope

  3. In Microsoft 365 Exchange Admin center, create a Mail Rule to Send Threats to MS Quarantine:

    1. Name: Quarantine Rule.

    2. Apply this rule if: The message headers matches these text patterns: X-CSE-Quarantine = true.

    3. Do the following: Redirect the message to: hosted quarantine.

    4. Rule Mode: Enforce

    5. Severity: Medium

    6. Stop processing more rules: selected

    7. Match sender address in message: Header

  4. In Microsoft 365 Exchange Admin center, create a Mail Rule to send Spam and Graymail to the Junk folder:

    1. Name: Junk Rule.

    2. Apply this rule if: The message headers matches these text patterns: X-CSE-Junk = true.

    3. Do the following: Modify the message properties: Set the spam confidence level (SCL) to 9.

    4. Rule Mode: Enforce

    5. Severity: High

    6. Stop processing more rules: selected

    7. Match sender address in message: Header