Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Defederating from godaddy and proofpoint

            Created by Yves Lacombe, Modified on Tue, 25 Feb at 1:40 PM by Yves Lacombe

            Issue: 


            Client is going to be defederated from godaddy but they need to be moved from godaddy's proofpoint instance under you, the MSP.



            Process:


            The proofpoint aspect of godaddy is a bit complex.


            Because godaddy resells proofpoint, defederating is always a pain partly because the contract between proofpoint and godaddy does not permit the transfer or reparenting of those customers to the new partner, in this case, you the MSP.


            So this is the process normally taken.


            1. (you) make sure no lockdown rule is in place first in office365 that would only allow inbound mail if coming from PP.

            2. (you) have the MX records pointed directly to the client's office365 tenant  (note vircom operates it's own relays that could be used as stop gap)

            3. (you/vircom) make sure you have on the client's proofpoint instance a tempadmin account we can use to extract users/aliases/wl/bl.

            4. (client) have the client or MSP reachout to godaddy to terminate the account on proofpoint (disable/delete the client)

            5. (vircom) once confirmed, we can circle back to proofpoint ourselves and ask proofpoint to remove the client from the orphanage (usually they do this quick but if say, the request comes in on a friday afternoon, it'll usually wait till monday) - so better to do this early in the week.

            6. (you/vircom) setup the client on proofpoint from scratch, using the data recovered in step 3

            7. (you) point the client back to proofpoint mx, re-creation of connectors and rules, etc ...


            There are mitigating factors though.

            * if the client is running on us4, no change to the process ... this above is the way to go.

            * if the client is running on the new dedicated godaddy stack (their MX would be pointing to usg1-mx1.ppe-hosted.com and usg2-mx1.ppe-hosted.com), then we don't need to wait for them to be removed or anything because it's totally independant from the proofpoint stack, so no orphanage clearing needed.

            * worst case, if the client is in a real hurry, instead of setting them up on us1 through us5, we can set them up on eu1.proofpointessentials.com which is independant from the US stacks.  However it would be the EU stack.

            *  in step #2 we have the client point the inbound traffic to their original O365 tenant.  It's possible also to use vircom's mail spam filters instead as a temporary stop gap if you prefer not to expose the tenant to the "wild internet".


            * If the client is on the professional or professional+ plan, archives cannot be moved or migrated 





            Preview
            0 of 0