ExM Blog Excel Micro Videos Proofpoint Videos Mimecast Videos VIPRE Videos Billing/Invoice Sign in
Start a conversation
  1. Excel Micro
  2. Proofpoint Essentials™
  3. PPE Configuration Information

Locking down Office 365 to Proofpoint Essentials

Below is an edited snippet from a Proofpoint Essentials article called "Methods to prevent Exchange Online Protection Direct Delivery" which goes through more details of setting up audit logs to view attacks that may bypass the connector.  


This particular passage is edited from Step 6 in the PPE KB (linked below), which is editing the connector.  In the article it has you edit and already existing connector that would have been created if you went through PPEs "Configuring Microsoft 365 for Proofpoint Essentials".  The steps below are to start a connector from scratch.  


Full details on the article can be found in the link below:

https://help.proofpoint.com/Essentials/Product_Documentation/Email_Security/Mail_Services/02_Configuring_Microsoft_365_for_Proofpoint_Essentials/Methods_to_prevent_Exchange_Online_Protection_Direct_Delivery

***Please remember you have to backdoor into this article by first logging into Proofpoint Essentials and then click on the questions mark on the upper-right hand side and then Help Documentation.  This will get you past the login screen***



  1. Sign In to the  Microsoft 365 Admin center.
  2. Click Mail flow, then Connectors, then Add a Connector
  3. This will bring up a New Connector screen and under Connection from, choose Partner organization.  The Connection to should automatically fill in, Click Next.
  4. Under Name you can put Lockdown from Proofpoint Essentials and you can leave the description blank. Leave the check box to Turn it on and click Next.
  5. Under the Authenticating sent email heading, select By verifying that the sender domain matches one of the following domains.
  6. Type * and click + (add) and then click Next.
  7. Under the Security Restrictions heading.  Verify Reject email messages if they aren't sent over TLS is selected.
  8. Click on the "Reject email messages if they aren't sent from within this IP address range".
  9. Click the button, then add all of the following IP addresses authorized to send an email directly to EOP.  After all the IP addresses are added click Next:

       208.56.1.0/25

       67.231.152.0/24

       67.231.153.0/24

       67.231.154.0/24

       67.231.155.0/24

       67.231.156.0/24

       67.231.144.0/24

       67.231.145.0/24

       67.231.146.0/24

       67.231.147.0/24

       67.231.148.0/24

       67.231.149.0/24

       148.163.128.0/24

       148.163.129.0/24

       148.163.130.0/24

       148.163.131.0/24

       148.163.132.0/24

       148.163.133.0/24

       148.163.134.0/24

       148.163.135.0/24

       148.163.136.0/24

       148.163.137.0/24

       148.163.138.0/24

       148.163.139.0/24

       148.163.140.0/24

       148.163.141.0/24

       148.163.142.0/24

       148.163.143.0/24

       148.163.144.0/24

       148.163.145.0/24

       148.163.146.0/24

       148.163.147.0/24

       148.163.148.0/24

       148.163.149.0/24

       148.163.150.0/24

       148.163.151.0/24

       148.163.152.0/24

       148.163.153.0/24

       148.163.154.0/24

       148.163.155.0/24

       148.163.156.0/24

       148.163.157.0/24

       148.163.158.0/24

       148.163.159.0/24

    10. Review and then Create connector

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Hien T

  2. Posted
  3. Updated

Comments