Overview
What you’ll need:
- Trial subscription with Paubox (don't have one? sign up here!)
- A Microsoft 365 account (Business Basic, Standard, or Premium)
- Microsoft 365: Admin access to your organization's Microsoft Exchange Admin (https://admin.exchange.microsoft.com/#/homepage)
- Domain: Admin access to your organization's Domain Host (for ex. GoDaddy or Cloudflare)
- The smarthost value - provided by Paubox during setup
Note: Make sure you can log into Microsoft 365 & Domain Host as an admin before proceeding. If you don’t have login credentials or permissions, reach out to who set up your Microsoft 365 account and/or website.
What you’ll do:
- Domain: Update the records in your domain host
- Microsoft 365: Create a connector
- Paubox dashboard: Upload your organization's logo
- Test: Send a test email & see it in your Paubox dashboard
Questions? Stuck? We’re here for you! Contact support.
Video guide![]()
Step-by-step guide
Part I: Your domain - update your records
- Log in to your domain host
- Click on the Control Panel (may also be called DNS Zone Editor, or just DNS)
- If you see a record of type TXT with a value similar to: v=spf1 include:spf.protection.outlook.com -all
- Edit the record and insert "include:_spf.paubox.com" just before the -all; for example:
v=spf1 include:spf.protection.outlook.com include:_spf.paubox.com -all - Note: there may be other "includes" or IP numbers in the record, that is fine, just insert the "include:_spf.paubox.com" right before the -all
- Note: an existing SPF record may end in "~all" ... change to "-all" for better email security
- Click Save
- Edit the record and insert "include:_spf.paubox.com" just before the -all; for example:
- If you do not see a record of type TXT that starts with v=spf1, create a new one:
- In the Records section, click Add (may also be called Add Record)
- For Type, enter TXT
- In the Host Field, type: @ (if it does not accept the @ symbol, enter your domain)
- In the TXT value or Text field, type this line:
v=spf1 include:spf.protection.outlook.com include:_spf.paubox.com -all
- Leave the default value in the TTL field
- Click Save
Part II: Microsoft 365 - create a connector
- Log in to the Microsoft 365 Exchange Admin Center using admin-level credentials (https://admin.exchange.microsoft.com/#/homepage)
- In the navigation pane on the left, click mail flow. Then click connectors. You should see a screen like this:
1.png?width=670&height=343&name=kb_Outbound%20Security%20setup%20for%20Microsoft%20365%20(detailed)1.png)
- Click + Add a connector
- On the pop-up window that follows, select From: Office 365 and To: Partner organization.
2.png?width=670&height=435&name=kb_Outbound%20Security%20setup%20for%20Microsoft%20365%20(detailed)2.png)
- Then click Next
- Under *Name: enter Paubox. Make sure the checkbox labeled Turn it on is checked, then click Next
3.png?width=670&height=444&name=kb_Outbound%20Security%20setup%20for%20Microsoft%20365%20(detailed)3.png)
- On the next screen, under Specify when you want to use this connector., select Only when email messages are sent to these domains
4.png?width=670&height=503&name=kb_Outbound%20Security%20setup%20for%20Microsoft%20365%20(detailed)4.png)
- In the Add domain field, enter * then click the blue box with the + sign
5.png?width=670&height=401&name=kb_Outbound%20Security%20setup%20for%20Microsoft%20365%20(detailed)5.png)
- Click Next
- Choose Route email through these smart hosts
6.png?width=670&height=481&name=kb_Outbound%20Security%20setup%20for%20Microsoft%20365%20(detailed)6.png)
- During setup, you'll be provided with the smarthost value to enter in the In the "add smart host" box
- Enter the provided smarthost, then click then click +
- Click Next
- On the next screen, make sure Always use Transport Layer Security (TLS) to secure the connection (recommended) and Any digital certificate, including self-signed certificates are selected. Click Next.
7.png?width=670&height=335&name=kb_Outbound%20Security%20setup%20for%20Microsoft%20365%20(detailed)7.png)
- Click Next again
- On the next screen, enter a test email address as the validator email address: paubox15@gmail.com
... and then click the box with the blue + sign - Click Validate
8.png?width=670&height=395&name=kb_Outbound%20Security%20setup%20for%20Microsoft%20365%20(detailed)8.png)
- After the test is successful, click Next
- Next, click Create Connector
9.png?width=670&height=483&name=kb_Outbound%20Security%20setup%20for%20Microsoft%20365%20(detailed)9.png)
- Click Done
- The Paubox connector for Microsoft 365 is now live.
Part III: Paubox dashboard - upload logo
- Navigate to the Paubox dashboard (https://www.paubox.com & "Sign In")
- Log in with your email address and password (not sure? click "Forgot your password?")
- Click on your profile in the bottom left to access "Account Settings" and then upload your organization's logo in Secure Contact Form settings
Part IV: Test email
Sending a test email
- Log in to your email account
- Compose a new email to: paubox15@gmail.com with the subject: Test
- Enter anything you like in the message body, and click Send
- Congratulations! You have sent your first secure email via Paubox!
Verifying a test email
- Navigate to the Paubox dashboard
- Log in with your email address and password (not sure? click "Forgot your password?")
- Under Outbound, click on Statistics
Verify bar graph shows outbound email count passing through our servers
4. Under Outbound, click on Mail Log
Verify that your test email to paubox15@gmail.com appears in the log
In addition, check your email inbox for replies to the emails you send - and note the security footer that appears on the bottom of your messages, confirming they were sent securely via Paubox.
Note: internal emails (sent to people in your organization) are secure, but will not have the security footer at the bottom.