Issue
You have a client that needs to be removed from proofpoint (ie: moving to a different platform, the client was acquired by a different business and they use something else, etc)
Process
1. In office365 -> exchange -> Mail flow -> Rules
- disable the Inbound Proofpoint lockdown rule (if present)
** You won't be able to change the MX if you don't.
- disable the outbound email proofpoint rule (if present)
** from this point, mail would go outbound directly from O365
2. In DNS:
- Make sure the client has in their SPF office365 present (include:spf.protection.outlook.com)
- Remove the proofpoint entry (a:dispatch-us.ppe-hosted.com or include:_spf-us.ppe-hosted.com)
2. in Office365 -> exchange -> Mail Flow -> Connectors
- disable the outbound proofpoint connector
3. Change the mx record for the client to point directly to their office365 tenant
- At this point, proofpoint is no longer in the mail flow.
4. Disable any remaining connectors and rules that are related to proofpoint.
5. Wait a couple of hours ...
6. On the proofpoint side -> Under account management -> domains
- disable relay for their domains
- disable sending servers
7. On the proofpoint side -> under account management -> profile
- Disable the company
That's pretty much it. Client is decomissioned at this point.
It's a little bit more complicated if the client has archiving, you'll need to locate the legacy journal rule and turn it off.