Zivver Plugin Assisted Mail Submission (PAMS) with Microsoft Exchange Online (Office 365)

Introduction

This guide explains how to set up Zivver Plugin Assisted Mail Submission (PAMS) in combination with Microsoft Exchange Online (Office 365). If your organization is using Microsoft Exchange on-premise, please continue with this manual

Implement PAMS to allow Microsoft Exchange Online to process a Zivver message, that is sent from Microsoft Outlook (for Windows) by using the Zivver Office Plugin. This would allow Microsoft Exchange Online to perform actions on securely sent messages. Examples of such actions are: placing an automatic signature or disclaimer at the bottom of the outgoing message, archiving the message or making the message available for eDiscovery. These actions can take place on both to the message body as well as any additional attachment.

Without PAMS a Zivver message would be sent directly to the Zivver server by the Zivver Office plugin. Because of that Microsoft Exchange Online will not be able to process the message, including any additional attachments. Attachments added via the Zivver attachment button in the Zivver Office Plugin for Microsoft Outlook (for Windows) are directly uploaded to the Zivver server. This would allow you to add an attachment up to 5 TB.

Once PAMS is implemented you can no longer add an attachment via this Zivver attachment button in the Zivver Office Plugin, as these attachments would otherwise not be processed by Microsoft Exchange Online. Because you implement PAMS to let Microsoft Exchange Online process attachments you can only add attachments up to 50 MB when PAMS is implemented. The default maximum message size in Exchange Online is 25 MB, but this can be increased up to 150 MB.

Technical requirements

To implement Zivver Plugin Assisted Mail Submission (PAMS) your organization must meet the following technical requirements:

  • Zivver Office plugin v5.2.3 or higher for Microsoft Outlook (for Windows) is installed.
  • Microsoft Exchange Online as part of Office 365 is used.
  • The following changeds need to be made in Microsoft Exchange Online:
    • A Mail Flow Rule
    • A Connector
    • Optional: the maximum message size limit of mailboxes in Exchange Online might need to be increased to securely send larger attachments. The default maximum message size limit in Exchange Online is set to 25 MB. The Zivver SMTP Server can process a maximum of 50 MB per message, including any additional attachments.

Activate Plugin Assisted Mail Submission in the Zivver Office plugin

Zivver Plugin Assisted Mail Submission (PAMS) can be activated in Zivver Office plugin v5.2.3 or higher by using the following registry key:

EnableMailAssistedSubmission

This registry key ensures that the Zivver Office Plugin will no longer send a message directly to the Zivver server. Instead, Microsoft Outlook (for Windows) will deliver the sent Zivver message to Microsoft Exchange Online. This would allow Microsoft Exchange Online to execute certain actions on the securely sent message. Microsoft Exchange Online can perform these actions in a certain order. The final step that needs to be performed is that Microsoft Exchange Online should filter the sent Zivver message and submit it to Zivver SMTP server. Without this final step Microsoft Exchange Online will deliver the sent Zivver message as unsecured email message to the recipient(s).

Location in the registry:
HKEY_CURRENT_USER\Software\Zivver\OfficePlugin\Settings\

Register value:
REG_DWORD with the name EnableMailAssistedSubmission and a value of 1.

You can turn off PAMS by setting the value of this registry key to 0 or by removing the complete registry key.

Never enable PAMS in the Zivver Office Plugin without making the required changes to Microsoft Exchange Online, otherwise the sent Zivver message will be delivered as unsecured email message to the recipient(s).

Implement Plugin Assisted Mail Submission on Microsoft Exchange Online

The following changes need to be made in Microsoft Exchange Online to be able to use Plugin Assisted Mail Submission (PAMS):

  1. Create a Connector
  2. Create a Mail Flow Rule
  3. Optional: increase the maximum message size limit of mailboxes in Exchange Online to be able to securely send a message, including attachments, larger than 25 MB.

These changes are required as without them Microsoft Exchange Online will deliver the sent Zivver message as unsecured email message to the recipient(s). Always make sure to make these required adjustments in Microsoft Exchange Online if PAMS is activated in the Zivver Office Plugin.

Connector
PAMS uses a Connector in Microsoft Exchange Online. An outbound message can only be processed by one Connector. Therefore, check in advance which Connectors are set up in Microsoft Exchange Online. It may not be possible to implement PAMS if it is required that another specific Connector also processes sent Zivver messages. If this is the case or if you need any help please contact Zivver (enterprise@zivver.com).

Create Connector

The first step is to make sure that Microsoft Exchange Online can submit a securely sent message to smtp.zivver.com. A Connector is used for this.

Connector
An outbound message can only be processed by one Connector. Therefore, check in advance which Connectors are set up in Microsoft Exchange Online. It may not be possible to implement PAMS if t is required that another specific Connector also processes sent Zivver messages. If this is the case or if you need any help please contact Zivver (enterprise@zivver.com).
  1. Go to the Exchange Admin Center (EAC).
    Via https://admin.exchange.microsoft.com/.
  2. Log into EAC as an administrator.
  3. Go to Mail Flow in the menu on the left.
  4. Go to Connectors.
  5. Click on Add a connector.
  6. Select for Connection from the option Office 365.
  7. Select for Connection to the option Partner organization.
  8. Click Next.
  9. Enter a name.
    For example: Zivver Plugin Assisted Mail Submission.
  10. Click Next.
  11. Select the option Only when I have a transport rule set up that redirects messages to this connector.
  12. Click Next.
  13. Select Route email through these smart hosts.
  14. Enter smtp.zivver.com.
  15. Click +.
    The added smart host is now shown in the list.
  16. Click Next.
  17. Enable the option Always use Transport Layer Security (TLS) to secure the connection (recommended).
  18. Select the option Issue by a trusted certificate authority (CA).
  19. Click Next.
  20. Enter an email address to validate the connector.
  21. Click +.
  22. Click Validate.
  23. Once the validation is successful click Next.
  24. Click Create connector.
  25. Click Done.
    The Connector is set up to be able to submit messages to the Zivver SMTP Server.

Create Mail Flow Rule

The second step is to create a Mail Flow Rule in Microsoft Exchange Online that filters out the securely sent messages. A filtered, securely sent message is redirected to the Connector created in the previous section.

  1. Go to the Exchange Admin Center (EAC).
    Via https://admin.exchange.microsoft.com/.
  2. Log into EAC as an administrator.
  3. Go to Mail Flow in the menu on the left.
  4. Go to Rules.
  5. Create a new rule.
  6. Give the rule a name.
    For example: Zivver Plugin Assisted Mail Submission.
  7. Click in the bottom of the screen on More options.
  8. Under Apply this rule if… select A message header… that Matches these text patterns.
  9. Click Enter text….
  10. Enter zivver-relay.
  11. Click OK.
  12. Click Enter Text Patterns….
  13. Fill in ..*.
    That is 2 dots, 1 wildcard, 1 dot.
  14. Click +.
  15. Click OK.
  16. Under Do the following… select Redirect the message to… and then the following connector.
  17. Look up the Connector that was created previously and select it.
  18. Click OK.
  19. Select for Choose a mode for this rule the option Enforce.
  20. Enable the option Defer the message if rule processing doesn’t complete.
    If you enable this option, a message will not leave Exchange until the message has been checked by this rule. If for any reason Exchange temporarily does not check messages for this rule, processing these messages will be paused.
  21. Click Save.
    Verify that the priority of the newly created Mail Flow Rule is correct. Adjust the priority if necessary to ensure that the different rules have the desired effect.
  22. Enable the rule to activate it.
    The Mail Flow Rule is now set and activated.

All sent messages are now checked and, depending on the existence of the Zivver Plugin Assisted Mail Submission mail header, redirected to Zivver Connector. This Zivver Connector then submits these messages to the Zivver SMTP Server.

Optional: increase the maximum size limit of messages sent by mailboxes in Exchange Online

When Plugin Assisted Mail Submission (PAMS) is implemented the maximum message size limit of mailboxes in Exchange Online might need to be increased to securely send larger attachments. The default maximum message size limit in Exchange Online is set to 25 MB. The Zivver SMTP Server can process a maximum size limit of 50 MB per message, including any additional attachments.

  1. Go to the Exchange Admin Center (EAC).
    Via https://admin.exchange.microsoft.com/.
  2. Log into EAC as an administrator.
  3. Go to Recipients in the menu on the left.
  4. Go to Mailboxes.
  5. Click Set default message size restrictions.
  6. Enter a higher value in the field Sent messages maximum size(KB).

    The Zivver SMTP Server can process a maximum message size of 50 MB, including any additional attachments.

Test PAMS setup

After all the required changes have been made in Microsoft Exchange Online, Zivver Plugin Assisted Mail Submission (PAMS) can be tested. The steps below explain how to test whether the changes have been made correctly:

  1. Open Microsoft Outlook (for Windows).
  2. Log in to the Zivver Office plugin with a Zivver account.
  3. Compose a new message to someone outside of your own organization (for example, to a private email address).
  4. Enable the option Secure mail (the Zivver slider is set to the right).
  5. Send the message.

If PAMS is set up properly, the recipient will receive a Zivver notification message. If the message does not arrive or if a normal, unsafe message is delivered, then PAMS is not set up properly. Please check all the steps discussed in the previous sections. You can also check the Microsoft Exchange Message Trace for any errors.

Was this article helpful?

thumb_up thumb_down