Bypassing Spam Checks

 

To ensure that emails delivered from SpamTitan to Office 365 are not incorrectly identified as spam, resulting in delayed or failed email delivery, the SpamTitan service IP Ranges should be added to the Allowed List in the Connection Filtering Policy within the Office 365 Exchange Admin Center (EAC).

 

To add the SpamTitan Datacenter IP Ranges to the connection filter policy:

  1. Login to the Office 365 Exchange Admin Center (EAC)
  2. Click on Protection:
    EAC_Protection.png

  3. Click on Connection Filter, then click the Edit icon:

    EAC_Edit_Connection_filter.png

  4. Click Connection Filtering then click the Add icon within the IP Allow list section:

    EAC_Add_to_Connection_Filter.png

  5. Add the Inbound SpamTitan IP Ranges. You can find the SpamTitan Cloud IP ranges here.
  6. Check the Enable Safe List checkbox.
  7. Click Save to apply the changes.

 

Setting Us Up as Your Only Trusted Email Source

 

We recommended that you lock down your inbound email flow in Office 365 to only allow mail from SpamTitan IP addresses. This requires you to create a receive connector in Office 365.

 

To lock down your firewall:

  1. Log on to the Office 365 Exchange Admin Console.
  2. Click on the Mail flow menu item on the left hand side.
  3. Click on the Connectors link at the top. Your connectors are displayed.
  4. Click on the + icon.
  5. Complete the Select Your Mail Flow Scenario dialog as follows:

    Field Option
    From Partner organization
    To Office 365
    The text at the bottom of the wizard changes to:

    “Creating a connector is optional for this mail flow scenario. Create a connector only if you want to enhance security for the email messages sent between your partner organization or service provider and Office 365. You can create multiple connectors for this scenario, each applying to different partner organizations or service providers”
  6. Click the Next button.
  7. Change the connector's name to SpamTitan to Office 365.
  8. Click the Next button.
  9. Select the Use the Sender's Domain option in the "How do you want to identify the partner organization?” dialog.
  10. Click the Next button.
  11. Click on the + icon to add the * as the domain and click OK.
  12. Click the Next button.
  13. Leave the Reject Email Messages if They Aren't Sent Over TLS option with the default value on the “What security restrictions do you want to apply?” dialog. If TLS is enabled, SpamTitan will send the message on to Office 365 with Opportunistic TLS.
  14. Select Reject email messages if they aren't sent from within this IP address range.
  15. Click on the + icon to add the SpamTitan IP address ranges depending on your region.
  16. Click the Next button.
  17. A summary page is displayed. Check this to ensure it has all the correct information.
  18. Click the Save button.