How to Setup O365 Connector to use with SonicWall Hosted Email Security

11/18/2022 30 People found this article helpful 190,002 Views

Download

Print

Share

• LinkedIn
• Twitter
• Facebook
• Email
• Copy URL The link has been copied to clipboard

Description

NOTE: Per recommendations from Microsoft (Click here), follow this KB to reduce the likelihood O365 will throttle inbound messages from SonicWall Hosted Email Security and thus, create delivery delays. 

In O365

• Login to Microsoft Exchange Admin Center as an Admin of the Organization
• On the Left Navigation Bar, select Connectors (https://admin.exchange.microsoft.com/#/connectors)
  
  
  
• Click on “Add a connector” to add and configure a new Connector that applies security policy for emails routed from SonicWall Hosted Email Security.
   
  
  
• On the “Add a connector” Wizard.

New Connector

• Select “Partner organization” as “Connection from” for the New Connector. The only option for “Connection to” will be “Office 365”. Click Next. 
  
  

Name

• Configure the Name for the Connector as “Inbound Email From SonicWall HES” and opt to “Turn it on”. Click Next.
  

Authenticating sent email

• Select "By verifying that the IP address of the sending server matches one of the following IP addresses, which belong to your partner organization
• Please add the following individual IP addresses.Do not summarize into a CIDR notated Subnet as that will include additional IP addresses.
  TIP: Microsoft does not support ranges at the time this article was written thus you must individually add each IP listed in the range below that coincides with your HES location (North America or European Union).
  
  
  • HES NA
    
    • 173.240.214.106 - 173.240.214.120
  • HES EU
    • 173.240.221.21
    • 173.240.221.26 - 173.240.221.29
• Add each IP in the box and Click on +
  
  
  
  
  
  
  
  

Security Restrictions

• Ensure the option “Reject email messages if they aren’t sent over TLS” is selected
• Without TLS please use this IP address for North America 173.240.214.101 for Europe 173.240.222.3 . This is meant for Junksummaries that are unable to send do to TLS enforced. 
  
  

Review Connector

• Review the Configuration of the new Connector. And click “Create Connector”
  
  
  
• Saving the connector will ensure that the security restrictions are applied on email messages from SonicWall Hosted Email Security. It will also inform Microsoft O365 to expect these IPs to send a greater than normal amount of messages and therefore reduce the likelihood O365 will throttle these inbound messages creating a delivery delay.

Related Articles

• Network Security Essentials eLearning Training Course
• How do I check if syslogs are getting forwarded by an Email Security Appliance?
• How to add inbound path in Hosted Email Security

Categories

• Email Security > Hosted Email Security
• Email Security > Hosted Email Security > Network Architecture