Configuring Microsoft 365 with Sorb SCES by M365 Connector

Reroute Microsoft Office 365 Email Using Connectors

1. Log into the Office 365 Admin Center(https://admin.microsoft.com) and open the Mail Flow pane. Then navigate to Connectors(https://admin.exchange.microsoft.com/#/connectors)

2. To create new connectors, select connectors and add a new connector.

3. Create Connector with name: Route mail to Sorb Security Inbound

Specify the next hops to mx1-sces.sorbsecurity.com and mx2-sces.sorbsecurity.com which comes from Sorb Cloud Connection Details.

4. Create a new Distribution Group named, “SorbSecurity”

Then, select the owner and members. Finalize with the settings below.

5. Create Microsoft Office 365 Inbound Transport Rule named, “Transport rule for Sorb Security Inbound”, with the following settings.

5.1 Sender is Not in Organization and recipient is from the SorbSecurity Group just created. Except the sender is from Sorb SCES, 129.126.138.112/28, 36.50.34.0/24, 36.50.35.0/24, 192.82.62.0/24 from Sorb Cloud Connection Details. This is to avoid Email loop.

Enable the new Rule

6. Create the Accept mails from Sorb Security Cloud rule Named, Accept mails from Sorb Security SCES, with the following settings

6.1 The message headers matches “X-Forefront-Antispam-Report-Untrusted”, value “SCL:1”, “SCL:2”, “SCL:3”, “SCL:4”, “SCL:5”, “SCL:6”. And, the sender is from Sorb SCES, 129.126.138.112/28, 36.50.34.0/24, 36.50.35.0/24, 192.82.62.0/24 from Sorb Cloud Connection Details. Set the action to Modify the message properties to set the SCL to -1.

Enable the new Rule