Manual setup

NOTE: If you cannot forward outgoing emails via port 25, it is also possible to use port 587. Note that STARTTLS is required on port 587.

Displaying tenant-specific TLS and domain names

To display the TLS and domain names required for your tenant, proceed as follows:

The relevant information is displayed.

Open your Exchange Admin Center at https://outlook.office365.com/ecp.
Go to Mail flow > Connectors; then click the plus sign. The wizard for creating a new connector opens.
Under From select Partner organization, under To select Office 365 and click Next.
Enter From NoSpamProxy as the name for the connector, optionally add a description, tick the check box next to Turn it on and click Next.
Select the option Use the sender's domain and click Next.
Click the plus sign, enter * as the sender domain, click OK and then Next.
Tick the check box next to Reject email messages if [...] and And require that [...].
Specify the required TLS subject name for the Exchange inbound send connector, click Next and then Save.

NOTE: Some email servers still have the old MX record in their cache for up to 24 hours. We therefore recommend that you do not activate the restriction to the applicant name until 24 hours after the MX record has been changed. Otherwise it is possible that emails from Exchange Online will be rejected with 5.7.51.

In the Exchange Admin Center, go to Mail flow > Connectors; then click the plus sign. The wizard for creating a new connector opens.
Und From select Office 365, under To select Partner organization and click Next.
Enter To NoSpamProxy as the name for the connector, optionally add a description, tick the check box next to Activate and click Next.
Select the option Only when I have a transport rule [...] and click Next.
Select the option Forward emails through these smart hosts, click the plus sign and specify the smarthost on the outbound Exchange send connector.
Click Save and then Next.
Tick the check box next to Always use Transport Layer Security [...] and select the option Issued by a trusted certificate authority (CA).
Tick the check box next to And the subject name or [...] and specify the required TLS subject name for the Exchange outbound send connector.
Click Next and then Next.
In the following dialog, enter one or more email addresses, click Check and follow the instructions in the dialog.

In the Exchange Admin Center, go to Mail flow > Rules and click the plus icon.
Select the option Create new rule and give the rule the name Outbound Mails to NoSpamProxy.
Under Apply this rule if, set the following options:
- The recipient is located and
- Outside the organization.
Under do the following set the option Redirect the message to and then the following connector.
Specify the previously created connector To NoSpamProxy and click OK.
NOTE: If you can only select persons at this point, click in the lower section Further options. Select the option Use the following connector under Redirect the message to. Afterwards you can use the connector you created before.
Click Save.

In the Exchange Admin Center, go to Mail flow > Rules and click the plus icon.
Select the option Create new rule and give the rule the name Disable Spam filtering for inbound emails.
Under Apply this rule if, set the following options:
- The sender is located in and
- Outside the organization.
Under Do the following set Modify the message properties > Set the Spam Confidence Level (SCL).

NOTE: If the option Modify the message properties is not displayed, click More options to display all options
.
Select Bypass spam filtering, click OK and then Save.