Sorb Security SCES Onboarding Checklist

4 days ago
sorb
2 minutes

1. Pre-Onboarding Preparation

  • Collect Technical Information
    • Mail flow architecture (e.g., M365, Google Workspace, Exchange, Zimbra, Zoho and etc.)
    • Existing DNS records (MX, SPF, DKIM, DMARC)
Internet -> MX -> Email Gateway or Mail Server

dig mx sorbsecurity.com
dig txt sorbsecurity.com
dig txt _dmarc.sorbsecurity.com
dig txt mail._domainkey.sorbsecurity.com
  • Backup & Rollback Plan
    • Backup existing mail routing settings.
    • Define rollback steps in case of mail flow disruption.

2. Environment Preparation

  • Access & Permissions
    • Admin console access (Exchange Admin Center, Google Admin, Zimbra and etc.).
    • Access to DNS hosting provider.
  • Whitelist/Allowlist Requirements
    • Add required IP ranges for connection and spam filtering
    • Update firewall rules(On-Premise Only)
  • Connector & Routing Validation
    • Confirm current mail flow (inbound/outbound paths).
    • Identify any existing 3rd-party filters.

3. DNS & Email Outbound

  • Configure & Validate SPF record
  • Generate and publish DKIM keys
  • Create or update DMARC policy (none, quarantine, or reject) with reporting addresses
For SPF,
dig txt sorbsecurity.com

For DKIM,
Go to Admin Portal, Mail Routing | Outbound DKIM Config

For DMARC,
_dmarc.sorbsec.com. 300 IN CNAME _dmarc.sorbsecurity.com.

4. Policy & Rule Configuration

  • Set up Inbound and Outbound configuration on Mail System
  • Configure Inbound and Outbound on Sorb Security SCES
    • Email Firewall
      • Outbound Throttling, whitelist the massive sender email addresses
      • Mail Routing
        • Inbound, configure next relay from the original MX record
        • Outbound, configure the source IP of Mail Server
        • Outbound Special Route, whitelist massive sender email addresses
      • Content Security
        • AntiSpam, configure the threshold to 70(recommendation)
      • Attachment Protection
      • Phishing Protection
  • Setup administrations on Sorb Security SCES
    • Administration
      • Timezone, change to the local timezone
      • Quarantine Notification, enable notification and customize the sender domain 
Note:

For Inbound MX, configure with these,

mx1-sces.sorbsecurity.com
mx2-sces.sorbsecurity.com

For Outbound Relay, configure with these,

smarthost1-sces.sorbsecurity.com
smarthost2-sces.sorbsecurity.com

Details refer to the article.

6. Testing & Validation

  • Test Inbound / Outbound email flow
  • Verify SPF / DKIM / DMARC headers
  • Test failover or mail continuity (if applicable)

7. Monitoring & Reporting

  • Monitor dashboards and logging
  • Schedule automated reports (daily/weekly/monthly) at Administration | Report
  • Configure alerts for compromised accounts, high-risk attachments, and DMARC failures