1. Home
  2. Docs
  3. Email Relay – Office365 Microsoft Exchange Online
  4. Configuration using your MTA

Configuration using your MTA

Trustifi admin portal

Step 1 – Verifying the plan and user type

⚠ NOTE! In case that you aren’t running under “Pro” plan and your user type isn’t an “Admin”, you will have to upgrade your plan to “Pro”.

Navigate to "My Plan" page and verify that your plan type is "PRO" and your level is "Admin".

"My Plan" page

Step 2 – Navigating to outbound plan settings

Navigate to “Outbound Management” (Shield icon) and click on the "Plan Settings" tab.

Navigating to outbound plan settings

Step 3 – Selecting "Your MTA" architecture

Scroll down to the "Email Relay Integration" section.

Under "Sending Architecture", switch from the default ("Trustifi MTA") to "Your MTA".

Step 4 – Adding your domain and MTA

In the input field, enter your domain (e.g. "mydomain.com"). You can then click on "Resolve host" to automatically fill in your MTA.

In the "Port" field enter the number 25, unless you know for certain that your MTA uses a different port to send/receive emails.

When all fields have been filled, click on the checkmark box on the right to add the information.

Adding your domain and MTA

Step 5 – Enabling the Email Relay

First, verify your domain and MTA have been save correctly.

Once ready, click on the toggle to enable the Email Relay.

Enabling the Email Relay

Step 6 – Copying the Email Relay key

After the integration was enabled, your secret key will be generated. You can click on the "copy" button to copy the Email Relay secret key for later use.

Copying the Email Relay key

Microsoft Exchange Admin Center

Step 7 – Navigating to the Exchange Admin Center – Mail flow

Navigate to the “Exchange admin center” via the following link – https://outlook.office365.com/ecp/

After you have logged in, navigate to the “Mail flow” – “Connectors” page.

Step 8 – Navigating to the connectors tab

Navigate to the “Connectors” tab.

Creating mail flow connectors

Step 9 – Adding new connector

In this section, you will have to create a new connector by clicking on the “New” (Plus icon) button.

Step 10 – Selecting mail flow scenario

Here, you will have to select the mail flow scenario. At “From” select “Office 365”, and at “To” select “Your organization's email server” and continue by clicking “Next”.

Selecting the connector's mail flow

Step 11 – Naming and describing

In the "Name" field, enter the following name: "Trustifi Outbound Connector (Send)", you can also add a description (optional).
Continue by clicking on "Next".

Naming the Trustifi connector

Step 12 – Usage type

Select “Only when I have transport rule set up that redirects message to this connector” and continue by clicking “Next”.

Step 13 – Selecting route type

Now we will need to select the route type for the smart host, select “Route email through these smart hosts” and click on “Add” (Plus icon).

Step 14 – Adding the smart host

Add “smtp.trustifi.com” (Without double quotes) to the smart host’s field and continue by clicking “Next”.

Step 15 – Verifying the smart host is added to the list

Verify if the smart host is added to the list, continue by clicking “Next”.

Step 16 – Configuring the smart host

Now we will have to configure the smart host by selecting “Always use TLS” (First checkbox), selecting “Issued by a trusted certificate authority (CA)”, selecting the checkbox, entering “*.trustifi.com” into the field and continuing by clicking on “Next”.

Step 17 – Confirmation

Verify and confirm that all the settings are correct. Continue by clicking “Next”.

Confirming the connector settings

Step 18 – Validating the connector

Here you will have to add an email address other than the one being set-up for the email relay. Use your personal email for this quick test.

Step 19 – Adding personal email

Add your personal email address to the email address field. Continue by clicking “OK”.

Step 20 – Validating the connector

Make sure the personal email address existing in the list. Continue by clicking “Validate”.

Step 21 – Validation results

After the connection check will be done, you will receive two statuses, one for the connectivity which must be “Succeeded”, and the second one “Failed”. We can ignore the “Failed” status, it was failed due to missing the secret key which we will add in the next steps.

Step 22 – confirming the warning

Confirm the warning by clicking on “Yes”.

Step 23 – Creating the “receive” connector

First, verify the "Send" connector was created.

Then, click on the “+” sign to open the “New connector” interface.

Creating the "Receive" connector

Step 24 – Selecting a mail flow scenario

Here you will need to select “From” – “Your organization’s mail server” and “To” – “Office 365”.

Selecting the connector's mail flow

Step 25 – Naming and describing the connector

In the “Name” field enter the following name – “Trustifi Outbound Connector ‎‎(Receive)‎‎".

In the "Description" field you can add any description you like (optional). You can continue by clicking on "Next".

Naming and describing the "Receive" connector

Step 26 – Usage type

Here you need to select “By verifying that the IP address of the sending server matches one of these IP addresses that belong to your organization” and click on the “+” icon to add IP addresses.

Selecting the connector usage type

Step 27 – Adding the IP addresses

The following IP addresses need to be added:


Simply add the IP addresses in the input field and click “OK” to confirm.

Adding IP addresses

Step 28 – Verifying the IPs were added to the list

Verify that all 4 IPs listed above have been added to the IP list and click on “Next”.

Step 29 – Confirming the connector settings

Confirm that all settings are correct and continue by clicking on “Save”.

Saving the "Receive" connector

Step 30 – Confirming the connector has been added

Confirm the “Trustifi Outbound Connector ‎‎‎(Receive)‎‎‎" connector has been added to the connector list.

Verifying the "Receive" connector was created

Disabling Rich-Text Format (RTF)

Step 31 – Navigating to the "Remote Domains" tab and editing the default

Note: For a detailed explanation of the required changes to "Remote domains", please read this article.

Editing the default "remote domains" settings

Step 32 – Disabling the RTF option

Under "Use rich-text format" select "Never".

Under "MIME character set" and "Non- MIME character set" select "Unicode (UTF-8)".

Disabling RTF

Support "Out of Office" (OOF)

Step 33 – Allowing external reply types

Under "Out of Office automatic reply types" select "Allow external and legacy Out of Office replies" and click "Save".

Selecting out-of-office type and saving

Step 34– Navigating to the "Rules" tab

Now we will have to navigate to the "Rules" tab to create a new mail flow rule.

Creating new rule

Step 35 – Creating new rule

At the “Rules” page, click on the “New” (Plus icon) button and select “Create a new rule”.

Step 36 – Expanding the options

Click on “More options” to expand the options of the rule creation.

Step 37 – Naming and configuring the sender type

Name the new rule that will be used for the Trustifi Email Relay. Continue by hovering over “The sender” and select “Domain is”.

Step 38 – Domain selection

Select “Domain is” and continue to the next step.

Step 39 – Adding the domain

Add the domain that will be used to send emails through Trustifi Email Relay.

Step 40 – Adding a new condition

Add a new condition by clicking “Add condition”.

Step 41 – Adding domain type

Hover over “The sender” and select “Is external/internal”.

Step 42 – Selecting domain type

Select “Is external/internal”.

Step 43 – Applying domain type

Select “Inside the organization” and apply by clicking “OK”.

Step 44 – the connector redirection

Hover over “Redirect the message to” and select “The following connector”.

Step 45 – Selecting redirection type

Select “The following connector”.

Step 46 – Selecting the connector

Select the connector as you named it in the previous step at “Connectors” tab.

Selecting the redirection connector

Step 47 – Adding new action

Add a new action by clicking on “Add action”.

Adding a new action

Step 48 – Modifying the message properties

Hover over “Modify the message properties” and select “Set a message header”.

Step 49 – Selecting the modification type

Select “Set a message header”.

Selecting "set a message header"

Step 50 – the header name

Click on “Enter text” and enter “x-trustifi-creds” (Without double quotes) at the message header field.

Adding the header key

Step 51 – Entering the header name

Enter “x-trustifi-creds” (Without double quotes) in the message header field. Continue by clicking “OK”.

Step 52 – Adding the header value

Click on “Enter text” and paste your secret key from the Trustifi Outbound Management (Plan Settings) at the header value field.

Adding the header value

Step 53 – Entering the header value

Paste the secret key you have copied from the Trustifi Outbound Management (Plan Settings) in step 6. Continue by clicking “OK”.

Adding the Email Relay key

Step 54 – Creating an exception

Click on “add exception” and hover over “Sender is…”, then click on “IP address is in any of these ranges or exactly matches”.

Selecting the exception for sender IP

Step 55 – Adding the exception IPs

In the pop-up window, enter the following IPs -,,, and (click on the “+” icon to add each one) and then click on “OK” to confirm.

Adding the exception IPs

Step 56 – Setting rule properties

Set the final rule properties as follows:

  1. Select the rule severity level to “High
  2. Check the boxes for "Stop processing more rules" and "Defer the message if rule processing doesn't complete".
  3. Under “Match sender address in message”, select “Header or envelope” .
  4. Save the rule by clicking “Save”.

Setting the rule properties

Step 57 – Updating your SPF record

It is highly recommended to add the following Trustifi IPs to your SPF record:, .

Adding these IPs will help make sure your sent emails appear 100% authenticated.

Was this article helpful to you? Yes 3 No

How can we help?