Bypass Proofpoint for certain destinations

Created by Yves Lacombe, Modified on Fri, 12 Jan at 2:55 PM by Yves Lacombe

Problem:


For some reason, email delivery from proofpoint to third parties are failing.  This can happen for many reasons:


  • One of Proofpoint's IPs is blacklisted
  • For some reason, the destination server is unreachable from Proofpoint
  • The domain is blocking proofpoint manually for some reason
  • Proofpoint is blocking one of YOUR users due to having sent bulk email in the last 24 hours and the person NEEDS to reach a certain destination
  • The destination domain used to be on proofpoint but no longer is for whatever reason so it's no longer updating the mail routing or user list, but the tenant was not removed from proofpoint by the account owner.
  • etc ...



Solution:


Create a bypass connector.


Example:



All you need to do in office365 is to create a new outgoing connector:


  • From Office365
  • To Partner Organisation
  • if Domain Matches "externaldomain.com" 
  • use MX resolution (or use whatever smarthost the archiving solution provider provides if that's the case)
  • To test the connection, send an email to a known good address in that domain (info@externaldomain.com often works)


IMPORTANT: Make sure you have office365 in your SPF record.  Example:


include:spf.protection.outlook.com needs to be in there (in addition to whatever else you may have)