In this help center article we go over how to install Paubox's outbound encryption service with Office 365. There are three things you will need in order to complete the Paubox install.
- Office 365
- Admin Access to your organization's Office Exchange Admin (https://outlook.office.com/ecp)
- Admin Access to your organization's Domain Host
Why & What
In order to avoid the pitfalls of an email encryption portal service like Zix, Virtu, and other providers, we have to create a secure outbound relay between Office 365 and Paubox. This allows your outbound emails to get relayed through our encrypted servers and remove the dreaded portal email notification experience that your patients, clients, and customers hate.
This install takes no more than 10 min to complete and is effective immediately. We have defined the process into 3 parts. Part I walks you through creating the Outbound Gateway in your Office 365 Admin Dashboard. Part II walks you through updating your TXT record in your Domain Host. Part III goes over sending a test email.
Part I: Setting up Outbound Encryption for Office 365
You will need to use the Office 365 Exchange admin center to configure your remote, outbound email to go through Paubox. Here’s how you do it:
- Go to https://outlook.office.com/ecp to access the Exchange admin center. If you haven’t logged in already, you’ll need to do that first in order to be granted access.
- On the left menu, click mail flow and then connectors. You should see a screen like this:
- Click +
- On the pop-up window that follows, select
From: Office 365 and To: Partner organization. Then click Next
- Under *Name:, enter Paubox. Then click Next
- Make sure Only when email messages are sent to these domains is selected, then click +
- In the Add domain field, enter * then click OK
- Click Next
- Choose Route email through these smart hosts then click +
- In the add smart host box, enter outbound.paubox.com then click Save
- Click Next
- On the next screen, make sure Always use Transport Layer Security (TLS) to secure the connection (recommended) and Any digital certificate, including self-signed certificates are selected. Click Next.
- Click Next again
- On the next screen, click the + and enter a test email address as the validator email address: email@example.com
... and then click Next.
- Click Validate
- After the test is successful, click Close
- Next click Save
- The Paubox connector for Office 365 is now live.
Part II: Changing DNS Records for Office 365
- Login to your Domain Host.
- Click on the Control Panel and/or Manage DNS Records link.
- Click Add at the bottom of the Records section.
- Click the Type dropdown and select TXT.
- Enter @ in the Host field or your domain if it does not accept the @ symbol.
- Enter the following in the TXT value or Text field.
- v=spf1 include:_spf.paubox.com include:spf.protection.outlook.com -all
- If you have multiple tools that you use to send emails like Sendgrid, Survey Monkey, etc, then use this Help Center Article to see an example of how to create a custom one.
- Leave the default value in the TTL field.
- Click Save.
- Remove any prior TXT records.
- Click Save if necessary.
Part III: Sending a Test Email
- Login to your organization's Office365 account
- Click Compose
- Address to Paubox15@gmail.com
- For Subject enter Test
- In the body type Success
- Click Send
- Congrats you have sent your first encrypted email!