Office 365 spam filtering front-end

Discussion in 'Mail Gateway: Installation and configuration' started by bsnipes, Sep 12, 2018.

  1. bsnipes

    bsnipes New Member

    Joined:
    Mar 23, 2010
    Messages:
    17
    Likes Received:
    0
    Has anyone implemented PMG as a spam filtering front-end to an Office 365 domain? If so, what has been your experience?
     
  2. Fredrik-MunerisIT

    Fredrik-MunerisIT New Member

    Joined:
    Oct 17, 2018
    Messages:
    8
    Likes Received:
    0
    I need information about this, need to configure outbound mail and we can only use the standard port 25. But port 25 are bound for inbound mail only.
     
  3. heutger

    heutger Active Member

    Joined:
    Apr 25, 2018
    Messages:
    281
    Likes Received:
    69
    Isn't Office 365 hosted and provided at/by Microsoft? Then you won't have a chance for outbound filtering. Inbound may be possible but also may break your active sync/autodiscover setup.
     
  4. Fredrik-MunerisIT

    Fredrik-MunerisIT New Member

    Joined:
    Oct 17, 2018
    Messages:
    8
    Likes Received:
    0
    Both inbound and outbound is supported....but not on port 26
     
  5. heutger

    heutger Active Member

    Joined:
    Apr 25, 2018
    Messages:
    281
    Likes Received:
    69
    Interesting, however, you need to know, that a „good“ incoming filtering eliminates „sideattacks“, so my „real“ mail systems are only available via pmg and not directly any more as spammers may bypass your mx settings and try the host directly or may find office 365 records in your zone and try to deliver directly. That said, you only have three options:

    1. open a bug to have a feature request adding the possibility to have multihomed (more IP addresses) environments and then set incoming filtering on one IP port 25 and outgoing filtering on another IP port 25

    2. doing the above by yourself by adjusting the master.cf after copying from templates and have two IP addresses or alternative have two installations of PMG on two machines, one for outgoing, one for incoming

    3. if you’re aware of the ip addresses, mails are coming from and you‘ve dedicated ip addresses at Office 365 setup a firewall which NAT IP address pool to port 26 internally, however, if you’re on shared environment, that won’t work as all other customers on the same infrastructure would be handled as outgoing by PMG when sending mails to you from the same IPs
     
  6. Fredrik-MunerisIT

    Fredrik-MunerisIT New Member

    Joined:
    Oct 17, 2018
    Messages:
    8
    Likes Received:
    0
    Ok, but I have a rule for sideattacks. My Office365 only accepts mail from Proxmox.

    1. Ok, I will.

    2. Yes, I see the problem. Multihomed port will be an solution for that.
     
  7. heutger

    heutger Active Member

    Joined:
    Apr 25, 2018
    Messages:
    281
    Likes Received:
    69
    Great, does Office 365 allow to restrict incoming mail servers?
     
  8. Fredrik-MunerisIT

    Fredrik-MunerisIT New Member

    Joined:
    Oct 17, 2018
    Messages:
    8
    Likes Received:
    0
    Yes you can by rules
     
  9. heutger

    heutger Active Member

    Joined:
    Apr 25, 2018
    Messages:
    281
    Likes Received:
    69
    OK, which license do you need therefor? Business Premium Plus or Enterprise, ...?
     
  10. Fredrik-MunerisIT

    Fredrik-MunerisIT New Member

    Joined:
    Oct 17, 2018
    Messages:
    8
    Likes Received:
    0
    You can do it with all licenses, even Exchange Online 1
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice