Initial setup
Target
This article is for customers who will use HENNGE Email DLP with Microsoft 365.
Purpose
This article explains the process of configuring emails sent from Microsoft 365 (Exchange Online) to external organizations to be routed through HENNGE Email DLP.
Cautions
1. After this connection is established, the sending route will change. Please carefully consider the scope and timing of the operation.
2. The content of this article is based on product information as of August 2023 and may be subject to change without notice.
Detailed Steps and Explanation
Prerequisites
1. SPF Record Registration
2. Confirmation of impact on Email route
If there are existing settings in the following sections, please send us screenshots of the configuration before performing this connection.
・[ Exchange admin center ] - [ Mail flow ] - [ Rules ]
・[ Exchange admin center ] - [ Mail flow ] - [ Connectors ]
・[ Microsoft 365 admin center ] - Upper left corner [ Navigation menu ] - [ Compliance ] - [ Microsoft Purview ] - [ Data lifecycle management ] - [ Exchange (legacy) ] - [ Journal rules ]
1. Creation of Sending Connector
1.1. Access [ Exchange admin center ] → [ Mail flow ] → [ Connectors ], and click [ + Add a Connector ].
1.2. Select the Sending Connector.
You will be prompted to select the mail flow. Select [ Microsoft 365 ] in [ Connection from ], then select [ Partner organization ] in [ Connection to ].
Once selected, click [ Next ] to proceed.
1.3. Enter "HENNGE Email DLP" in the Name field.
Check [ Turn it on ] under [ What do you want to do after connector is saved? ].
Once selected, click [ Next ] to proceed.
1.4. Select [ Only when I have a transport rule set up that redirects messages to this connector ].
Once selected, click [ Next ] to proceed.
Later in Step 2, you will configure sending rules that utilize this connector.
1.5. Select [ Route email through these smart hosts ] and enter FQDN.
The FQDN of the smart host is the following:
gwsmtp.mo.hdems.com
1.6. Click the [ + ] Add button to add a smart host and click [ Next ].
1.7. Enable protection with TLS when connecting from Microsoft 365 to HENNGE Email DLP.
Check [ Always use Transport Layer Security (TLS) to secure the connection (recommended) ].
Also, ensure that [ Any digital certificate, including self-signed certificates ] is selected.
Once selected, click [ Next ] to proceed.
1.8. Perform connector validation.
Enter an email address, click the [ + ] button, and then click the [ Validate ] button.
Wait for a while as the validation process completes.
If the validation doesn't complete successfully, please try multiple times until it succeeds.
If the issue persists, please contact your HENNGE One onboarding guide / support guide.
1.9. Review the Configuration.
Once reviewed, click [ Create Connector ] to create the connector.
2. Creating Transport Rules
The following steps should be performed if you want all users' sent emails to go through HENNGE Email DLP.
If you want to filter only specific users' sent emails through HENNGE Email DLP, please refer to the following article:
Setting Up Distribution Group for Specific HENNGE Email DLP Users
2.1. Add a [ Rule ]
Go to [ Exchange admin center ] - [ Mail flow] - [ Rules ] - [ Add a rule ] - Select [ Create a new rule ].
2.2. Specify the Rule Conditions
Input "HENNGE Email DLP Rule" in the [ Name ] field.
Under [ Apply this rule if ] - select [ The recipient ] and [ is external/internal ].
Under [ Choose recipient location ] - select [ Outside the organization ].
Click [ Save ].
Under [ Do the following ] - select [ Redirect the message to ] - [ the following connector ].
Under [ Select connector ] - choose [ HENNGE Email DLP ].
Click [ Save ].
Under [ Except if ] - [ Message headers... ] - select [ Includes any of these words ].
Select [ Enter text ] and specify [ From ] under [ Specify header name ].
Click [ Save ].
Select [ Enter words ] and under [ Specify words or phrases ] enter "noreply@mo.hdems.com" and click [ Add ].
Click the check mark for [ noreply@mo.hdems.com ].
Click [ Save ].
Select [ + ] and add [ Or ].
Under [ Or ] - [ The message properties ] - choose [ The message type ].
Under [ Select message type ] - choose [ Read receipt ].
Click [ Save ].
Select [ Next ].
2.3. Specify Set Rule Settings.
Select [ Rule mode ] as [ Enforce ].
Select [ Severity ] - [ Not specified ].
Select [ Matches sender address in message ] - [ Header ].
Select [ Next ].
2.4. Review and finish
Select [ Finish ].
After confirming the display of [ Transport rule created successfully ], click [ Done ].
2.5. Set Priority
Check the rule created in the list, then select [ Move up ] at the top to change the priority as needed.
2.6. Enable the Rule
Select the created rule, choose [ Enable or disable rules ], and set it to [ Enabled ].
3. Confirmation of Connection
3.1. Verify the successful completion of the connection.
Follow the instructions in the following article to check the connection status:
HENNGE Email DLP Configuration Check (Microsoft 365)
3.2. Notify HENNGE One Onboarding Guide of the connection completion.
Once you've confirmed that the connection has been successfully completed, be sure to contact your HENNGE One onboarding guide.