In order to begin using the EntrustedMail e-mail encryption services for Microsoft 365, you must configure 365 to send outbound e-mail though the EntrustedMail encryption gateway. Once configured, EntrustedMail will inspect each message to determine whether to encrypt the message based on your organizational encryption triggers.
Add an EntrustedMail Connector
- Point your browser to https://login.microsoftonline.com/.
- Enter your administrator account email address and password. (If you are not an Administrator, you will be redirected to the user hub; since you will need to access the administration features, you will need to contact your Office 365 Administrator)
- Click Sign in. The Office 365 console appears.
On the left selection area click on Admin to be directed to the Microsoft 365 Admin Center
4. Click on "Show all". Once in the Admin centers, press the Exchange Tile.
5. Click on Mail Flow, then click on Connectors.
6. In the Connectors section, click the + sign to add a new connector. The Mail Flow Scenario dialog box opens.
7. Select Office 365 for the Connection From: and Partner organization for the Connection to:. Click Next.
8. In the Name field, enter a descriptive name for the outbound connector, this can be EntrustedMail or any other descriptive name
9. In the Description field, enter additional descriptive information about the outbound connector. To enable the connector immediately upon completion, check the box Turn it on. Click on Next.
10. Select the option “Only when I have a transport rule set up that redirects messages to this connector“. Click Next
- On the Route email messages page select “Route email through these smart hosts“. Please refer to your “Welcome Message” for the outbound gateway name(s) that your domain has been assigned. Enter the gateway name in the text field and click the + symbol to add the smart host. Then click on Next.
- Check to be sure that “Always use Transport Layer Security (TLS)” and “Issued by a trusted certificate authority (CA)” are selected. Click on Next.
14. You will now need to verify the connector. Add tester@entrustedmail.com as the test e-mail address then click the + symbol and then press the Validate button.
The validation step will attempt a connection from Office 365 to the EntrustedMail Gateway and then email the designated email address. Both validation results should be successful. Click on Next.
15. Click on the Create connector button.
Add an EntrustedMail Mail Flow Rule
1. Under Mail Flow select Rules.
2. Select the plus symbol next to "Add a rule" and select “Create a new rule...” from the drop-down. 
3. Type in a name for the rule you are creating, then click on the dropdown under “*Apply this rule if” and select "The recipient" next, select "is external/internal", then select "Outside the organization" and click the Save button.
4. Next, move down to the "Do the following *" section.
5. Click on the "*Do the following *" dropdown and choose "Redirect the message to" and then select "the following connector".
6. Click on the "Select one" link and choose the connector that you just created for EntrustedMail and press the Save button.
7. Add another action by pressing the + (plus) symbol, in the rule you just created. This will create a new "And" conditional dropdown selection.
8. In the newly created dropdown menu, select "Modify the message properties", then choose "set a message header".
Click on the "Enter text..."link, next to the words "message header", and enter X-EMVALTOK, then click on the Save button.
Click on the "Enter text..."link, next to the word "value", and type in the header token provided in your welcome message, then click on the Save button.
9. Under the "Except if" dropdown, select "The sender" from the dropdown menu and then "address matches any of these text patterns"
10. Click on the "Enter words" link, then enter < (the less than sign) followed by > (the greater than sign), with no spaces in between the two symbols. Click the Add button and then click the Save button.
11. Then, click on the Next button. If the Next button is greyed out, recheck your rule conditions.
12. Under Rule mode, leave the default "Enforce" selected.
13. Check the "Stop processing more rules" check box.
Other available options would typically be left unchanged from the default settings. 
14. Click the Next button to review the rule. Then click the Finish button. Click on the Done button.
15. Please note: mail rules are disabled when created. 
16. Double click on the EntrustedMail rule created and click the "enabled or disabled rule" switch, so that the rule is enabled.
You have now completed the configuration for the EntrustedMail service for the Microsoft 365 platform.
Changes normally take effect within 5 minutes.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article