Scenario:
With ProofPoint Essentials the ability to enable archive for inbound and outbound emails is now possible. The process requires the archive feature be enabled followed by creating a connector on ProofPoint Essentials and then finalizing the setup with Office 365 send connector.
The steps below allows one to follow step-by-step sequence.
NOTE: It is recommended that the NDR undeliverable mailbox is not a shared mailbox.
NOTE: The undeliverable mailbox account does not have it's emailed archived.
Enable Archiving on ProofPoint Essentials:
1- Log into ProofPoint Essentials website US or EU.
2- Select the options Account Management then Features and check Enable Email Archive and click the save button.
3- This will activate a new menu option in ProofPoint labeled Archive as shown below.
Create a Connector in ProofPoint Essentials for O365 Archive:
1- Click the Archive menu that is now displayed to configure a connection to O365.
2- A new tab will open up and select Setup then Connections and click the plus sign +
3- On the Add Connection page enter the following information. The undeliverable journal address Must be an unused mailbox but MUST exist on Azure as a mailbox. Once done click Next.
4- On the pop up page copy the address that is list and click Done. you will need it when setting up a journal account in O365.
Create a Connector in O365 for ProofPoint Essentials:
A dedicated outbound connector must be created so that all archive traffic is sent directly to the ProofPoint Essentials Archive environment instead of getting routed through ProofPoint Essentials gateway.
1- Log into the Office 365 Admin Center.
2- Once logged in click the Admin button.
3- Then click on Admin Centers and then Exchange.
4- In the Exchange Admin Center click on Mail Flow then the tab Connectors.
5- Click the plus sign + to create a new send connector.
6- On the page that opens up select from Office 365 to Partner Organization and click Next.
7- Next provide a name for the connector and turn on the rule and click Next.
8- In the new screen that opens, select Only when email messages are sent to these domains.
9- Then click the plus sign + and enter the string "*.earchive.cloud" and click OK.
10- The new connector page should have the following information below, then click Next.
11- Select the option Use the MX record associated with the partners's domain and click Next.
12- Click Next to leave the default settings for TLS and security.
13- You are then displayed with a new connector summary page, click Next.
14- We now need to test if the connector functions correctly by clicking the plus sign + .
15- Enter an email address in order to validate the connector based on your region and click OK.
- US: verification@us.earchive.cloud
- EU: verification@eu.earchive.cloud
16- You may click Validate to test if the connection is successful.
17- A successful test will be indicated as listed below and click Close.
Configure O365 Journaling Rule:
1- Still logged into Exchange select Compliance Management then select Journal Rules.
2- Click the Select Address and click the Browse button that is displayed.
3- Add the account as configured in ProofPoint Essentials Archive page named Undeliverable@domain.com click Save.
4- Click the plus sign +.
5- In the Send journal reports to field enter the unique email address generated by ProofPoint Essentials that you copied earlier.
6- Enter the following information as shown below and click Save.
7- Click Yes on the warning pop-up.