Trustifi admin portal
Step 1 – Verifying the plan and user type
| ⚠ NOTE! In case that you aren’t running under “Pro” plan and your user type isn’t an “Admin”, you will have to upgrade your plan to “Pro”. |
Navigate to "My Plan" page and verify that your plan type is "PRO" and your level is "Admin".
Step 2 – Navigating to outbound plan settings
Navigate to “Outbound Management” (Shield icon) and click on the "Plan Settings" tab.
Step 3 – Selecting "Your MTA" architecture
Scroll down to the "Email Relay Integration" section.
Under "Sending Architecture", switch from the default ("Trustifi MTA") to "Your MTA".
Step 4 – Adding your domain and MTA
In the input field, enter your domain (e.g. "mydomain.com"). You can then click on "Resolve host" to automatically fill in your MTA.
In the "Port" field enter the number 25, unless you know for certain that your MTA uses a different port to send/receive emails.
When all fields have been filled, click on the checkmark box on the right to add the information.
Step 5 – Enabling the Email Relay
First, verify your domain and MTA have been save correctly.
Once ready, click on the toggle to enable the Email Relay.
Step 6 – Copying the Email Relay key
After the integration was enabled, your secret key will be generated. You can click on the "copy" button to copy the Email Relay secret key for later use.
Microsoft Exchange Admin Center
Step 7 – Navigating to the Exchange Admin Center – Mail flow
Navigate to the “Exchange admin center” via the following link – https://outlook.office365.com/ecp/
After you have logged in, navigate to the “Mail flow” – “Connectors” page.
Step 8 – Navigating to the connectors tab
Navigate to the “Connectors” tab.
Creating mail flow connectors
Step 9 – Adding new connector
In this section, you will have to create a new connector by clicking on the “New” (Plus icon) button.
Step 10 – Selecting mail flow scenario
Here, you will have to select the mail flow scenario. At “From” select “Office 365”, and at “To” select “Your organization's email server” and continue by clicking “Next”.
Step 11 – Naming and describing
In the "Name" field, enter the following name: "Trustifi Outbound Connector (Send)", you can also add a description (optional).
Continue by clicking on "Next".
Step 12 – Usage type
Select “Only when I have transport rule set up that redirects message to this connector” and continue by clicking “Next”.
Step 13 – Selecting route type
Now we will need to select the route type for the smart host, select “Route email through these smart hosts” and click on “Add” (Plus icon).
Step 14 – Adding the smart host
Add “smtp.trustifi.com” (Without double quotes) to the smart host’s field and continue by clicking “Next”.
Step 15 – Verifying the smart host is added to the list
Verify if the smart host is added to the list, continue by clicking “Next”.
Step 16 – Configuring the smart host
Now we will have to configure the smart host by selecting “Always use TLS” (First checkbox), selecting “Issued by a trusted certificate authority (CA)”, selecting the checkbox, entering “*.trustifi.com” into the field and continuing by clicking on “Next”.
Step 17 – Confirmation
Verify and confirm that all the settings are correct. Continue by clicking “Next”.
Step 18 – Validating the connector
Here you will have to add an email address other than the one being set-up for the email relay. Use your personal email for this quick test.
Step 19 – Adding personal email
Add your personal email address to the email address field. Continue by clicking “OK”.
Step 20 – Validating the connector
Make sure the personal email address existing in the list. Continue by clicking “Validate”.
Step 21 – Validation results
After the connection check will be done, you will receive two statuses, one for the connectivity which must be “Succeeded”, and the second one “Failed”. We can ignore the “Failed” status, it was failed due to missing the secret key which we will add in the next steps.
Step 22 – confirming the warning
Confirm the warning by clicking on “Yes”.
Step 23 – Creating the “receive” connector
First, verify the "Send" connector was created.
Then, click on the “+” sign to open the “New connector” interface.
Step 24 – Selecting a mail flow scenario
Here you will need to select “From” – “Your organization’s mail server” and “To” – “Office 365”.
Step 25 – Naming and describing the connector
In the “Name” field enter the following name – “Trustifi Outbound Connector (Receive)".
In the "Description" field you can add any description you like (optional). You can continue by clicking on "Next".
Step 26 – Usage type
Here you need to select “By verifying that the IP address of the sending server matches one of these IP addresses that belong to your organization” and click on the “+” icon to add IP addresses.
Step 27 – Adding the IP addresses
The following IP addresses need to be added:
- 3.93.243.176
- 3.93.139.220
- 52.73.143.252
- 52.54.159.237
Simply add the IP addresses in the input field and click “OK” to confirm.
Step 28 – Verifying the IPs were added to the list
Verify that all 4 IPs listed above have been added to the IP list and click on “Next”.
Step 29 – Confirming the connector settings
Confirm that all settings are correct and continue by clicking on “Save”.
Step 30 – Confirming the connector has been added
Confirm the “Trustifi Outbound Connector (Receive)" connector has been added to the connector list.
Disabling Rich-Text Format (RTF)
Step 31 – Navigating to the "Remote Domains" tab and editing the default
Note: For a detailed explanation of the required changes to "Remote domains", please read this article.
Step 32 – Disabling the RTF option
Under "Use rich-text format" select "Never".
Under "MIME character set" and "Non- MIME character set" select "Unicode (UTF-8)".
Support "Out of Office" (OOF)
Step 33 – Allowing external reply types
Under "Out of Office automatic reply types" select "Allow external and legacy Out of Office replies" and click "Save".
Step 34– Navigating to the "Rules" tab
Now we will have to navigate to the "Rules" tab to create a new mail flow rule.
Creating new rule
Step 35 – Creating new rule
At the “Rules” page, click on the “New” (Plus icon) button and select “Create a new rule”.
Step 36 – Expanding the options
Click on “More options” to expand the options of the rule creation.
Step 37 – Naming and configuring the sender type
Name the new rule that will be used for the Trustifi Email Relay. Continue by hovering over “The sender” and select “Domain is”.
Step 38 – Domain selection
Select “Domain is” and continue to the next step.
Step 39 – Adding the domain
Add the domain that will be used to send emails through Trustifi Email Relay.
Step 40 – Adding a new condition
Add a new condition by clicking “Add condition”.
Step 41 – Adding domain type
Hover over “The sender” and select “Is external/internal”.
Step 42 – Selecting domain type
Select “Is external/internal”.
Step 43 – Applying domain type
Select “Inside the organization” and apply by clicking “OK”.
Step 44 – the connector redirection
Hover over “Redirect the message to” and select “The following connector”.
Step 45 – Selecting redirection type
Select “The following connector”.
Step 46 – Selecting the connector
Select the connector as you named it in the previous step at “Connectors” tab.
Step 47 – Adding new action
Add a new action by clicking on “Add action”.
Step 48 – Modifying the message properties
Hover over “Modify the message properties” and select “Set a message header”.
Step 49 – Selecting the modification type
Select “Set a message header”.
Step 50 – the header name
Click on “Enter text” and enter “x-trustifi-creds” (Without double quotes) at the message header field.
Step 51 – Entering the header name
Enter “x-trustifi-creds” (Without double quotes) in the message header field. Continue by clicking “OK”.
Step 52 – Adding the header value
Click on “Enter text” and paste your secret key from the Trustifi Outbound Management (Plan Settings) at the header value field.
Step 53 – Entering the header value
Paste the secret key you have copied from the Trustifi Outbound Management (Plan Settings) in step 6. Continue by clicking “OK”.
Step 54 – Creating an exception
Click on “add exception” and hover over “Sender is…”, then click on “IP address is in any of these ranges or exactly matches”.
Step 55 – Adding the exception IPs
In the pop-up window, enter the following IPs - 3.93.243.176, 3.93.139.220, 52.73.143.252, and 52.73.143.252 (click on the “+” icon to add each one) and then click on “OK” to confirm.
Step 56 – Setting rule properties
Set the final rule properties as follows:
- Select the rule severity level to “High”
- Check the boxes for "Stop processing more rules" and "Defer the message if rule processing doesn't complete".
- Under “Match sender address in message”, select “Header or envelope” .
- Save the rule by clicking “Save”.
Step 57 – Updating your SPF record
It is highly recommended to add the following Trustifi IPs to your SPF record: 52.73.143.252, 52.54.159.237 .
Adding these IPs will help make sure your sent emails appear 100% authenticated.