How to deploy CodeTwo signature software in a hybrid environment
You are looking for the best way to implement CodeTwo email signature software in your hybrid Exchange environment.
Since the architecture of CodeTwo Email Signatures for Office 365 and CodeTwo Exchange Rules (including the Pro version) is completely different, the type of software you can use mostly depends on the location of user mailboxes in your organization. The two simplest scenarios assume that the mailboxes are stored either in the cloud or locally (on-premises), with some minor exceptions allowed.
If it's not possible for you to move all mailboxes to just one part of your hybrid environment, you can still use more advanced options with Centralized Mail Transport or use both CodeTwo programs simultaneously.
See the information below to decide which scenario is best for you.
- Hybrid environments with the majority of mailboxes in one location (a local server or cloud)
- Hybrid environments with mailboxes located both in the cloud and on-premises
You do not need to make the decision on your own. If you have any doubts or concerns, you can always contact our Support Team to analyze the most suitable options for your environment.
The following two points should address the needs of most hybrid environments, where the majority of mailboxes reside in the same (on-premises or cloud) part of an Exchange organization. Unifying the location of mailboxes simplifies the configuration of every software product that processes email messages, including CodeTwo software.
If most of your mailboxes are in the cloud but you still want to keep the hybrid configuration,the best option for you is to use CodeTwo Email Signatures for Office 365. If any mailboxes remain in the on-premises (local) part of your organization, you can use CodeTwo Exchange Rules software just for them, migrate them to the cloud later, or completely exclude them from processing by CodeTwo software.
If you have your mailboxes in the cloud but prefer to use CodeTwo Exchange Rules (or Exchange Rules Pro) due to the software's architecture or additional features (especially the Pro version), you can use it instead of CodeTwo Email Signatures for Office 365. Note that this scenario requires centralized mail flow (Centralized Mail Transport) in your organization, which may not fit the needs of every environment.
Learn more about hybrid deployment of CodeTwo Exchange Rules Pro (these guidelines apply to all current versions of programs from the CodeTwo Exchange Rules software family).
If your mailboxes are located only in the on-premises (local) part of your environment, use software from the CodeTwo Exchange Rules family to add email signatures. This software uses a transport agent connected to the Microsoft Exchange Transport service. Since all your mailboxes exist locally, all your messages are routed through the on-premises server without any additional configuration.
If some of your mailboxes are in the cloud (but the majority resides on-premises), and you want to use your CodeTwo Exchange Rules software to process emails sent from these mailboxes, you need to route these emails through your on-premises mail servers. For details, see the user's manual: CodeTwo Exchange Rules Pro / CodeTwo Exchange Rules.
If mailboxes in your environment are currently spread between your Office 365 tenant and the on-premises part of your environment, and it's not possible for you to move (migrate) them to a single location before you implement CodeTwo software, then you should consider two options:
Enable Centralized Mail Flow (also known as Centralized Mail Transport or CMT) in your environment and configure an additional transport rule. The idea is to make your on-premises Exchange server responsible for the processing of all messages. The CMT configuration will route all outgoing messages through your local (on-premises) server, where they will be processed by CodeTwo Exchange Rules. If you want to use CodeTwo Email Signatures for Office 365 only and route external emails through your on-premises environment, check this article to learn how to do so. Additionally, you can set up an Exchange transport (mail flow) rule that forwards all internal emails sent between Office 365 (cloud-only) mailboxes through the on-premises server, which does not happen with standard CMT configuration. To learn more about this deployment, see the manual of your CodeTwo software: CodeTwo Exchange Rules Pro / CodeTwo Exchange Rules.
- If you cannot use Centralized Mail Flow in your environment (e.g. because you need to ensure your messages are delivered using a smart host), you can configure CodeTwo Exchange Rules (or the Pro version) and CodeTwo Email Signatures for Office 365 to work together.
To integrate both CodeTwo programs, you need to manually create a distribution group that contains the people in your organization who have mailboxes in the cloud. This group needs to be available to both your on-premises organization and your Office 365 (cloud) organization. To achieve that, you need to create the group in your local Active Directory and then synchronize it to your Azure Active Directory. Note that if the location of any mailbox changes over time, you will need to update the group accordingly. See these guidelines if you find such solution appropriate for your environment.
This scenario should be applied only to certain types of environments because it requires advanced configuration and constant monitoring. Double-check if keeping all mailboxes in the same location or using Centralized Mail Transport is not a better option for your environment.
How to use both CodeTwo Email Signatures for Office 365 and CodeTwo Exchange Rules (or Exchange Rules Pro) in the same environment
The idea of this configuration is based on the following principles:
- CodeTwo Email Signatures for Office 365 adds signatures for people with mailboxes in your Office 365 tenant since the software is optimized for Office 365.
- CodeTwo Exchange Rules adds signatures for people with mailboxes on the on-premises part of your environment since all emails originating from there are processed using Exchange Transport Service, to which the CodeTwo software is connected.
To achieve such a configuration, follow these steps:
- In your local Active Directory, create a new universal distribution group for people with mailboxes in the cloud (Office 365), and name it accordingly (e.g. CloudMailboxes).
- Add members to this group: you need to add only those people in your organization who have their mailboxes in the cloud and are also supposed to get email signatures.
If you have already implemented CodeTwo Email Signatures for Office 365 in your organization, then you probably already have such a group. If so, make sure that all its members have their mailboxes in the cloud.
- Make sure the group is synchronized to your Azure AD.
- Now you need to exclude this group from being processed by your CodeTwo Exchange Rules software. To do that, open the Administration Panel of CodeTwo Exchange Rules and create a new empty email rule.
- Name it, for example Exclude cloud mailboxes.
- Move the rule to the top of the list of rules so that it's executed as the first one.
On the Conditions tab, add your newly created AD group (here: CloudMailboxes, as shown in Fig. 3.).
- Leave the Actions tab unmodified (skip it).
- On the Options tab, select If this rule is applied > stop processing next rules.
- Submit your changes. Creating and saving this rule will prevent your CodeTwo Exchange Rules software from processing any messages that originate from your Office 365 tenant (i.e. from the mailboxes located in the cloud).
- Now you need to reconfigure the scope of senders whose emails will be routed through the CodeTwo Email Signatures for Office 365 service so that it only includes the newly created group. You can reconfigure the senders' scope automatically, or you can do it manually.
- For manual configuration, open your Office 365 admin center and go to Admin centers > Exchange to open the Exchange admin center (EAC).
- Navigate to mail flow > rules and double-click CodeTwo Exchange transport rule to edit it.
Modify the rule's conditions to make sure that the scope of senders is limited to the members of your newly created group (Fig. 4.).