Manual configuration of connectors and transport rules

If you cannot or do not want to use a wizard to configure connectors for CodeTwo Email Signatures for Office 365, you can always do this manually in the Exchange admin center of your Office 365.

Warning

CodeTwo strongly recommends using the configuration wizard instead of manually setting up connectors to avoid mistakes and applying unsupported customization.

To proceed, follow the steps below.

  1. Access mail flow configuration pages in Exchange admin center.
  2. Configure an inbound connector for CodeTwo Email Signatures for Office 365.
  3. Configure an outbound connector for the program.
  4. Configure a transport rule for the outbound connector.

Accessing Exchange admin center

To manually add your connectors, start with logging in to your Office 365 tenant as administrator. On the Home screen (Fig. 1.) select Admin to enter your Office 365 admin center.

Office 365 home screen
Fig. 1. Accessing Office 365 admin center.

Enter your Office 365 Exchange admin center using the left menu (Fig. 2.).

Accessing Exchange admin center from Office 365 Admin center.
Fig. 2. Accessing Exchange admin center.

Select mail flow from the left menu (Fig. 3.).

Accessing mail flow configuration pages from Exchange admin center.
Fig. 3. Accessing mail flow configuration pages from Exchange admin center.

Now you have to configure the mail flow configuration pages. The whole procedure is described in details in the sections below. In a nutshell, you will need to add two connectors (Fig. 4.):

Proper connectors setup in Office 365.
Fig. 4. Proper connectors' setup in Office 365.

Additionally, one transport rule will have to be configured (Fig. 5.), which will be responsible for filtering emails to be processed by the CodeTwo Email Azure Service. The rule also helps to avoid processing loops and signature duplicates.

Learn more about the transport rule configuration

Proper transport rules setup in Office 365.
Fig. 5. Proper transport rule setup in Office 365.

Configuration of the inbound connector

First, create an inbound connector on the connectors tab (see Fig. 4.). Click the plus (+) button to create a new connector. On the pop-up page (Fig. 6.), select From: Your organization's email server, To: Office 365.

Inbound connector configuration.
Fig. 6. Inbound connector configuration.

On the next page (Fig. 7.), enter the following name: CodeTwo Inbound Connector and make sure that the Turn it on checkbox is enabled, but the checkbox Retain internal Exchange email headers (recommended) is disabled.

Inbound connector configuration.
Fig. 7. Inbound connector configuration.

On the last page, select the first radio button and provide the domain name as follows: *.emailsignatures365.com (Fig. 8.).

Inbound connector configuration.
Fig. 8. Inbound connector configuration.

Configuration of the outbound connector

Next, create an outbound connector via the plus (+) button (see Fig. 4.). On the pop-up page (Fig. 9.), select From: Office 365, To: Your organization's email server.

Outbound connector configuration.
Fig. 9. Outbound connector configuration.

On the next page, enter the following name: CodeTwo Outbound Connector and make sure that the Turn it on and Retain internal Exchange email headers (recommended) checkboxes are enabled (selected), as shown in Fig. 10.

Outbound connector configuration.
Fig. 10. Outbound connector configuration.

In the next step (Fig. 11.), choose the first option (Only when I have a transport rule set up...).

Outbound connector configuration.
Fig. 11. Outbound connector configuration.

On the next page (Fig. 12.), add a proper CodeTwo smarthost address. The address must match the geolocation you chose:

  • North Central US (Illinois) - "us-emailsignatures-cloud.codetwo.com"
  • North Europe - "eu-emailsignatures-cloud.codetwo.com".
  • UK South (London) - "uk-emailsignatures-cloud.codetwo.com"
  • Australia East (New South Wales) - "au-emailsignatures-cloud.codetwo.com".
Outbound connector configuration.
Fig. 12. Outbound connector configuration (North Europe).

In the next step, configure the options as shown in Fig. 13. and make sure that you provided the address: *.codetwo.com as the domain name on the certificate. Proceed to the connector validation step by clicking Next.

Outbound connector configuration.
Fig. 13. Outbound connector configuration.

Finally, you have to validate the outbound connector (Fig. 14.) by typing any external (not hosted in Office 365) email address. Click Validate and - after successful validation - click Save to finish the configuration of the outbound connector.

ESIG for O365 outbound connector validation.
Fig. 14. Validation of the outbound connector.

Configuration of the transport rule

Once you're done with connectors, you need to create a new transport rule that will specify senders whose emails will be processed by the CodeTwo Email Azure Service.

Important

Every sender selected in this step will use one license from your license pool, no matter if the sender is defined in any signature rule. That is why you should pay special attention to properly define the scope of senders in the transport rule.

This configuration corresponds to the Senders scope step during the automatic configuration of connectors (more information in this article). You can specify the following scopes of senders:

Configuration of the transport rule for all AD users

To configure a transport rule for all AD users (including emails sent internally in your organization), switch to the rules tab (Fig. 15.). Use the plus (+) button to add a new rule with the Apply rights protection to messages... template.

Adding a transport rule for the program's outbound connector.
Fig. 15. Adding a transport rule for the program's outbound connector.

Configure the rule so that it looks exactly like the one shown in Fig. 16.

Proper transport rule configuration.
Fig. 16. Proper transport rule configuration.

The configuration is as follows:

  • Name: "CodeTwo Exchange transport rule"
  • Apply this rule if... The sender... is external/internal, Inside the organization
  • Do the following... Redirect the message to... the following connector, CodeTwo Outbound Connector
  • Except if... add exceptions:
    • The sender address... matches "<>",
    • The message type is... "Calendaring",
    • A message header... matches these text patterns, specify header name as "X-CodeTwoProcessed", Enter text pattern, specify words or phrases, add "true"

Leave other options with default settings, except for these fields:

  • Defer the message if rule processing doesn't complete - must be enabled (selected);
  • Match sender address in message - change to Header or envelope.

Review your settings - compare them with Fig. 16. and make sure they look the same.

Important

In the above configuration, emails of all of your users will be routed through the CodeTwo Email Azure Service to receive signatures. This might lead to excessive usage of licenses (read more).

This transport rule is applied to both outgoing and internal messages. If you do not want to add signatures to emails sent between the users inside your tenant, you need to specify an additional condition, as described in this section.

Configuration of the transport rule for a selected distribution group

If you want to add a transport rule that limits your users to a particular distribution group/list, start with configuring a transport rule for all users, as described earlier in this article. If all the settings are exactly as in Fig. 16., add another condition in the Apply this rule if... field: you can select individual senders (The sender... is this person) or groups (The sender... is a member of this group) from the menu. An example of changing the scope of senders to a distribution group (Engineering) is shown in Fig. 17. 

Proper transport rule configuration.
Fig. 17. Limiting the scope of senders whose emails will travel through the CodeTwo Email Azure Service.

The above transport rule will be applied to both outgoing and internal messages sent by the users you specified. If you do not want to add signatures to emails sent between the users inside your tenant, you need to configure another condition, as described in the next section.

Configuration of the transport rule to exclude internal emails

If you would like to stop adding signatures to your internal correspondence, you need to modify your transport rule by adding an extra condition in the Apply this rule if... field. Click add condition, select The recipient... is external/internal and choose Outside the organization. The condition should appear as shown in Fig. 18

Additional condition to exclude internal correspondence.
Fig. 18. Additional condition to exclude internal correspondence.

Was this information useful?