Summary:
This KB is meant to show you the process of creating RULES and Connectors required to complete the configuration with Proofpoint Essentials (PPE). The process should not take you more than 3 minutes. If this does not work for whatever reason the you can create them manually <STEP1 to STEP6) as described <here>
Note: This KB is only for office 365 configuration. |
Process:
Before you Start you need to:
- Make sure you have Windows PowerShell installed on the station/server you would like to run this from
- Run the POWERSHELL ISE as Administrator
- Click on one of the Icons in red square in the screen shot below to chose your preferred display
- Run this command 1st: Set-ExecutionPolicy RemoteSigned
- Copy the following commands directly to the PowerShell ISE Script Pane
- 1)---------------Provide office365 Admin credentials---------------------------------------------
$UserCredential = Get-Credential
- 2)---------------------------Create a session ------------------------------------------------------
Write-Output "Getting The Exchange online cmdlets"
$Session=New-PSSession -ConnectionUri "https://outlook.office365.com/powershell-liveid/"
-ConfigurationName
Microsoft.Exchange -Credential $UserCredential -Authentication Basic -AllowRedirection
- 3)-------------------------------Import the session created above locally-------------------------
Import-PSSession $Session
- 4)----------------------------Authenticate and connect to EXCH online Powershell V2----------
Connect-exchangeonline -credential $usercredential
- 5)------------------------------Set the execution policy for the currect PowerShell session------
Set-ExecutionPolicy RemoteSigned
- 6)-----------------------Create the RULE to Bypass PPE--------------------------------------------
New-TransportRule -Name "PPE ByPass Spam" -Priority 0 -SenderIpRanges 67.231.149.0/24,67.231.152.0/24,67.231.153.0/24,67.231.154.0/24,67.231.155.0/24,67.231.156.0/24,67.231.144.0/24,67.231.145.0/24,67.231.146.0/24,67.231.147.0/24,67.231.148.0/24,148.163.128.0/19,
207.115.110.3,207.115.110.7,192.69.1.3,192.69.1.7,207.96.143.7 -SetSCL -1
- 7)------------------------Create a PPE LockDown Rule------------------------------------------------
New-TransportRule -Name "Office 365 Lock Down" -Enabled $false
-ExceptIfHeaderMatchesMessageHeader "X-MS-Exchange-MeetingForward-Message"
-ExceptIfHeaderMatchesPatterns "Forward" -ExceptIfSenderIpRanges 67.231.149.0/24,67.231.152.0/24,67.231.153.0/24,67.231.154.0/24,67.231.155.0/24,67.231.156.0/24,67.231.144.0/24,67.231.145.0/24,67.231.146.0/24,67.231.147.0/24,67.231.148.0/24,207.115.110.3,207.115.110.7,
192.69.1.3,192.69.1.7,207.96.143.7,148.163.128.0/19 -FromScope NotInOrganization -Mode Enforce -RejectMessageReasonText "UnAuthorized IP" -SetAuditSeverity DoNotAudit
- 8)-------------------------Create Outbound Connector-----------------------------------------------
New-OutboundConnector -Enabled $false -Name "ProofPoint Send Connector" -ConnectorType Partner
-TlsSettings CertificateValidation -RecipientDomains * -SmartHosts outbound-us1.ppe-hosted.com
-UseMXRecord $false
- 9)-------------------------Validate the OutBound Connector created above--------------------------
Validate-OutboundConnector -Identity "ProofPoint Send Connector" -Recipient support@vircom.com
6- So in the PowerShell select the command in each BLOCK (from1 to 9) at a time, make sure they are a one liner command and click on the execute selection button from the PowerShell menu. If you get prompted with Credentials make sure you enter the creds for the Admin on office365.
7- Check on Office 365 panel and make sure all the RULES and the outbound Connector are created correctly