Configure Connectors for Client-Hosted Email Signature Server

About this article

In this article we will be creating and configuring connectors to route e-mails through the Templafy Email Signature Server in the Exchange Online Admin Center.

• Create the Inbound Connector
• Create the Outbound Connector

Prerequisites

Tenant Steps

1. Create the Inbound Connector

• Navigate to https://admin.microsoft.com/ in the web browser of your choice. Or go directly to https://admin.exchange.microsoft.com/

• Click Show all

• Click Exchange

• Click Mail flow and then Connectors

• Click [+ Add a connector]

• New connector

  • The Connection from option should be set to the 'Your organization's email server' setting.
  • The Connection to option will remain on the 'Office 365' setting.
  • Click [Next]

     

• Connector name

  • Enter a name for the connector: templafyemailsignatureserver-inbound

  • Under "What do you want to do after connector is saved?", enable/select the Retain internal Exchange email headers checkbox; both boxes should be enabled.
  • Click [Next]

• Authenticating sent email

  • Choose the, 'By verifying that the IP address..' option.

  • Add the public hostname/IP of the smarthost. The IP address can be retrieved in Kubernetes portal for the cluster created earlier in Configure a new Email Signature Server in kubernetes
    

    Update the SPF record for all email sending domains To ensure the Email Signature Server is identified as authorized to process mail for your domains it is important to add the Inbound Connector IP address to the DNS SPF record for each domain that may be sending emails through the Templafy Email Signature Server for processing. nslookup -type=txt <your primary domain> Below an example (SPF Record): v=spf1 ip4:<ess_inbound_connector_ip> -all

  • Click [Next]

     

• Review connector

  • Click [Create connector]

     

2. Create the Outbound Connector

• Click [+ Add a connector]

• New connector

  • The Connection from option should be set to the 'Office 365' setting.
  • The Connection to option should remain on the default 'Your organization's email server' setting.
  • Click [Next]

     

• Connector name

  • Enter a name for the connector: templafyemailsignatureserver-outbound
  • Under "What do you want to do after connector is saved?", enable/select the Retain internal Exchange email headers checkbox; both boxes should be enabled.
  • Click [Next]

     

• Use of connector

  • Choose the 'Only when I have a transport rule set up that redirects messages to this connector' option.

  • Click [Next]

     

• Routing

  • Specify the smart host (public hostname/IP with port forwarding on port 25 to the docker service)
  •  
  • Click the [+] sign.

  • Click [Next]

     

• Security restrictions

  • Choose the 'Any digital certificate, including self-signed certificates' option
  • Click [Next]

     

• Validation email

  Outbound connector validation is REQUIRED for Microsoft Exchange (through Exchange Online Protection) to trust the connectors.

  • Provide an email address from inside of your domain.

  • Click [+]

  • Click [Validate]

  • There will be a three-step validation progress bar. This will take one to two minutes to complete.

  If the second step of the test fails. Check if other connectors are already configured that could be intercepting the incoming validation email. Add an Exception for the built-in senderO365ConnectorValidation@<yourrdomain.tld> to this other connector's mail flow rule.   If the connector had previously been saved in a failed validation state. Open the connector and at the bottom of the pane click [Validate this connector]. Repeat the validation process as described above.

   

• Click [Save]  

Related articles