Trustifi admin portal
|⚠ NOTE! In case that you aren’t running under “Pro” plan and your user type isn’t an “Admin”, you will have to upgrade your plan to “Pro”.|
Navigate to "My Plan" page and verify that your plan type is "PRO" and your level is "Admin".
Navigate to “Outbound Management” (Shield icon) and click on the "Plan Settings" tab.
Step 3 – Selecting "Your MTA" architecture
Scroll down to the "Email Relay Integration" section.
Under "Sending Architecture", switch from the default ("Trustifi MTA") to "Your MTA".
Step 4 – Adding your domain and MTA
In the input field, enter your domain (e.g. "mydomain.com"). You can then click on "Resolve host" to automatically fill in your MTA.
In the "Port" field enter the number 25, unless you know for certain that your MTA uses a different port to send/receive emails.
When all fields have been filled, click on the checkmark box on the right to add the information.
Step 5 – Enabling the Email Relay
First, verify your domain and MTA have been save correctly.
Once ready, click on the toggle to enable the Email Relay.
After the integration was enabled, your secret key will be generated. You can click on the "copy" button to copy the Email Relay secret key for later use.
Microsoft Exchange Admin Center
Navigate to the “Exchange admin center” via the following link – https://outlook.office365.com/ecp/
After you have logged in, navigate to the “Mail flow” – “Connectors” page.
Navigate to the “Connectors” tab.
In this section, you will have to create a new connector by clicking on the “New” (Plus icon) button.
Here, you will have to select the mail flow scenario. At “From” select “Office 365”, and at “To” select “Your organization's email server” and continue by clicking “Next”.
In the "Name" field, enter the following name: "Trustifi Outbound Connector (Send)", you can also add a description (optional).
Continue by clicking on "Next".
Select “Only when I have transport rule set up that redirects message to this connector” and continue by clicking “Next”.
Now we will need to select the route type for the smart host, select “Route email through these smart hosts” and click on “Add” (Plus icon).
Add “smtp.trustifi.com” (Without double quotes) to the smart host’s field and continue by clicking “Next”.
Verify if the smart host is added to the list, continue by clicking “Next”.
Now we will have to configure the smart host by selecting “Always use TLS” (First checkbox), selecting “Issued by a trusted certificate authority (CA)”, selecting the checkbox, entering “*.trustifi.com” into the field and continuing by clicking on “Next”.
Verify and confirm that all the settings are correct. Continue by clicking “Next”.
Here you will have to add an email address other than the one being set-up for the email relay. Use your personal email for this quick test.
Add your personal email address to the email address field. Continue by clicking “OK”.
Make sure the personal email address existing in the list. Continue by clicking “Validate”.
After the connection check will be done, you will receive two statuses, one for the connectivity which must be “Succeeded”, and the second one “Failed”. We can ignore the “Failed” status, it was failed due to missing the secret key which we will add in the next steps.
Confirm the warning by clicking on “Yes”.
Step 23 – Creating the “receive” connector
First, verify the "Send" connector was created.
Then, click on the “+” sign to open the “New connector” interface.
Step 24 – Selecting a mail flow scenario
Here you will need to select “From” – “Your organization’s mail server” and “To” – “Office 365”.
Step 25 – Naming and describing the connector
In the “Name” field enter the following name – “Trustifi Outbound Connector (Receive)".
In the "Description" field you can add any description you like (optional). You can continue by clicking on "Next".
Step 26 – Usage type
Here you need to select “By verifying that the IP address of the sending server matches one of these IP addresses that belong to your organization” and click on the “+” icon to add IP addresses.
Step 27 – Adding the IP addresses
The following IP addresses need to be added:
Simply add the IP addresses in the input field and click “OK” to confirm.
Step 28 – Verifying the IPs were added to the list
Verify that all 4 IPs listed above have been added to the IP list and click on “Next”.
Step 29 – Confirming the connector settings
Confirm that all settings are correct and continue by clicking on “Save”.
Step 30 – Confirming the connector has been added
Confirm the “Trustifi Outbound Connector (Receive)" connector has been added to the connector list.
Disabling Rich-Text Format (RTF)
Note: For a detailed explanation of the required changes to "Remote domains", please read this article.
Under "Use rich-text format" select "Never".
Under "MIME character set" and "Non- MIME character set" select "Unicode (UTF-8)".
Support "Out of Office" (OOF)
Step 33 – Allowing external reply types
Under "Out of Office automatic reply types" select "Allow external and legacy Out of Office replies" and click "Save".
Now we will have to navigate to the "Rules" tab to create a new mail flow rule.
At the “Rules” page, click on the “New” (Plus icon) button and select “Create a new rule”.
Click on “More options” to expand the options of the rule creation.
Name the new rule that will be used for the Trustifi Email Relay. Continue by hovering over “The sender” and select “Domain is”.
Select “Domain is” and continue to the next step.
Add the domain that will be used to send emails through Trustifi Email Relay.
Add a new condition by clicking “Add condition”.
Hover over “The sender” and select “Is external/internal”.
Select “Is external/internal”.
Select “Inside the organization” and apply by clicking “OK”.
Hover over “Redirect the message to” and select “The following connector”.
Select “The following connector”.
Select the connector as you named it in the previous step at “Connectors” tab.
Add a new action by clicking on “Add action”.
Hover over “Modify the message properties” and select “Set a message header”.
Select “Set a message header”.
Click on “Enter text” and enter “x-trustifi-creds” (Without double quotes) at the message header field.
Enter “x-trustifi-creds” (Without double quotes) in the message header field. Continue by clicking “OK”.
Click on “Enter text” and paste your secret key from the Trustifi Outbound Management (Plan Settings) at the header value field.
Paste the secret key you have copied from the Trustifi Outbound Management (Plan Settings) in step 6. Continue by clicking “OK”.
Step 54 – Creating an exception
Click on “add exception” and hover over “Sender is…”, then click on “IP address is in any of these ranges or exactly matches”.
Step 55 – Adding the exception IPs
In the pop-up window, enter the following IPs - 18.104.22.168, 22.214.171.124, 126.96.36.199, and 188.8.131.52 (click on the “+” icon to add each one) and then click on “OK” to confirm.
Step 56 – Setting rule properties
Set the final rule properties as follows:
- Select the rule severity level to “High”
- Check the boxes for "Stop processing more rules" and "Defer the message if rule processing doesn't complete".
- Under “Match sender address in message”, select “Header or envelope” .
- Save the rule by clicking “Save”.
It is highly recommended to add the following Trustifi IPs to your SPF record: 184.108.40.206, 220.127.116.11 .
Adding these IPs will help make sure your sent emails appear 100% authenticated.