Synopsis:
Two connectors are required to route mail flow between the SEPPmail Secure E-Mail Gateway and Exchange Online. This CmdLet will create the necessary connectors.
The CmdLet resolves the SEPPmail-FQDN to check if the DNS entry is correct. DNS queries must NOT be done internally, otherwise internal IP addresses may be used in Exchange Online config settings.
Examples:
Default with IP
New-SM365Connectors -SEPPmailIP '20.56.204.137'
Get-SM365Connectors
DNS Check included
New-SM365Connectors -SEPPmailFQDN wronghost.contoso.com
# This will raise an error because wronghost.west .... doesn't exist.
Get-SM365Connectors
Default with FQDN and wildcard certificate
New-SM365Connectors -SEPPmailFQDN securemail.contoso.com -TLSCertificatename '*.contoso.com'
Get-SM365Connectors # Shows DomainValidation
Default with FQDN and single host SSL certificate
New-SM365Connectors -SEPPmailFQDN securemail.contoso.com
# Creates the connector using securemail.contoso.com as TLSCertificatename
Get-SM365Connectors # Shows DomainValidation
FQDN with self-signed Certificate
New-SM365Connectors -SEPPmailFQDN securemail.contoso.com -AllowSelfSignedCertificates
New-SM365Connectors -SEPPmailFQDN securemail.contoso.com -TLSCertificatename '*.contoso.com' -AllowSelfSignedCertificates
Get-SM365Connectors # Shows EncryptionOnly
FQDN with no outbound TLS
New-SM365Connectors -SEPPmailFQDN securemail.contoso.com -NoOutBoundTlsCheck
Get-SM365Connectors # Shows NO Tls
FQDN with no outbound TLS and DISABLED
New-SM365Connectors -SEPPmailFQDN securemail.contoso.com -NoOutBoundTlsCheck -disabled
Get-SM365Connectors #Shows disabled
Default with FQDN and no ANTISPAM Whitelisting
New-SM365Connectors -SEPPmailFQDN securemail.contoso.com -NoAntiSpamWhiteListing
(Get-HostedConnectionFilterPolicy).IpAllowList # Show IP Whitelist
Set-SM365Connectors
Synopsis:
This CmdLet is an alias for New-SM365Connectors. This was an active design decision to bring all the logic of connector functionality into one commandlet. If you need to adapt existing connectors, use either the web interface or the native Exchange Online CmdLets Set-InboundConnector or Set-OutBoundConnector.
Cleaning Up Connectors
Remove-SM365Connector -LeaveAntiSpamWhiteList
(Get-HostedConnectionFilterpolicy).IpAllowList # Show IP Whitelist
# or
Remove-SM365Connector # Cleans up IP Adresses from hosted connection filter policy
Note on connector parameters that can be used in any parameter set
-disabled # To be used to create "disabled" connectors. Makes sense for sensitive environment with step-by-step implementation.
-NoAntiSpamWhiteListing # To be used to disable whitelisting
|
To enable the connectors, either recreate them, use the admin interface of Exchange Online, or use the native Exchange Online PowerShell CmdLets Set-InboundConnector and Set-OutBoundConnector. |
New-SM365Rules
Synopsis:
Creates the required transport rules needed to correctly handle mails from and to the SEPPmail Secure E-Mail Gateway.
|
Beginning with Version 1.2.5, rules are created DISABLED by default. We did this for smoother integration in production environments. You may create them enabled with the -Disabled:$false switch on creation. |
Parameter List:
-PlacementPriority
Specifies whether new rules should be put in front or behind existing transport rules (if any). If not provided and in an interactive session, the CmdLet will ask for this information interactively.
-SEPPmailDomain [String[]] (Mandatory)
Specifies one or more (comma-separated) E-Mail domains that will be include in SEPPmail cryptographic management.
-Disabled [Switch] (optional)
Allows for the rules to be created in an active state, in case you want to activate them immediately.
Examples:
New-SM365Rules -SEPPmailDomain 'contoso.ch','contoso.de'
# Create the transport rules in an active state
New-SM365Rules -SEPPmailDomain 'contoso.ch','contoso.de' -disabled:$false
Remove-SM365Rules
Synopsis:
Removes the SEPPmail transport rules.
Examples:
Remove-SM365Rules
