About connecting "other" email services
You can integrate Perception Point X-Ray with various email services. This enables Perception Point X-Ray to protect all incoming mail from the integrated email services.
This page discusses how to connect Perception Point X-Ray to an email service that is not Google Workspace nor Microsoft 365. We will refer to these as "other" email services. These "other" email services include services such as Microsoft Exchange, cPanel, and Zoho Mail.
Integrations with all "other" email services require an MX record change.
- With the "Other" integration method, Perception Point X-Ray will protect the entire domain - there is no option to specify which groups or mailboxes to protect.
- With the "Other" integration method, remediation is not available.
Additional requirements
- The server must support 3rd-party MX records.
- The server must have an allow list IP mechanism.
A bit more about integrating "other" email services
Onboarding process
- Customer onboarding entails adding the domain name and verifying a TXT record in the system.
- During the onboarding process, you'll need to add the next hop (MX record) so that Perception Point X-Ray knows where to deliver the email after scanning.
Email flow overview
- All inbound emails are directed straight to the Perception Point X-Ray scanner upon arrival.
Scanning and response
- Clean: Clean emails verified by Perception Point X-Ray are sent back to the configured server (Next SMTP).
- Spam:Emails identified as spam by Perception Point X-Ray are also sent back to the configured server (Next SMTP).
- For servers utilizing header-based rules to redirect spam to the junk folder, you can append the "X-PERCEPTION-POINT-SPAM: FAIL" header.
- In Exchange 2013/2019, this can be accomplished through transport rules.
- Malicious: Emails identified as malicious are halted and are never forwarded to the next server.
Note: With the "Other" integration method, remediation is not available. This means that if an email was initially assigned a clean verdict, which was later changed to malicious, the email will not be removed from the user's Inbox. |
The onboarding procedure
Perform the following procedures to integrate Perception Point X-Ray with "other" email services:
Flow chart diagram
Step 1 - Onboarding "other" email services
You can integrate Perception Point X-Ray with various email services. This enables Perception Point X-Ray to protect all incoming mail from the integrated services.
This page discusses how to connect Perception Point X-Ray to an email service that is not Google Workspace nor Microsoft 365. We will refer to these as "other" email services.
This is the 1st step of the procedure to integrate Perception Point X-Ray with other email services:
Note: If you have a firewall, make sure that the Perception Point IPs [shown below] are allow-listed in your firewall. The set of IPs varies depending on the environment in which your organization is located. [Open the drop-down below for details on your environment.] What is the environment of your organization
|
To on-board other email services:
- On the right of the Perception Point X-Ray banner, click the Add Services [] icon.
- Click Add New Domain - if this option appears.
- Select the Organization - if necessary.
- Specify the Escalation Contacts.
- In Email Service, select Other.
- In Connection Method, select MX.
- Click Next.
Note: If the Next button is not enabled, make sure that you have entered an Escalation Contact above. |
- In the Host box, enter the name of the new domain - for example, acme.com
- Click FIND SMTP to the right of the domain name. This should populate the SMTP Servers field.
This is the address to which mail will be sent after it has been scanned and marked as being clean.
The required SMTP server is a server in your domain - as it appears in the MX record. Checking your SMTP server manually You can perform the lookup procedure below to check that the SMTP server that appears is correct:
Your required SMTP server will appear under Hostname. |
- [Optional] Click Add Domain - if more than 1 domain is required - and enter the required details.
- Licenses: By default, Perception Point X-Ray will protect all email users in the domains that you specified above. To protect only a limited number of users, contact Perception Point Support [support@perception-point.io].
- Click Next.
The "Add TXT Records" dialog box opens. This dialog box includes the TXT record names and TXT record values, that you'll need in order to add and verify the TXT records for your domain - in Step 2.
If multi-region is enabled, there will be details for TXT records in both the primary and secondary regions.
Step 2 - Verifying your domains [Other]
You can integrate Perception Point with various email services. This enables Perception Point to protect all incoming mail from the integrated services.
This page discusses how to connect Perception Point to an email service that is not Google Workspace, Microsoft 365, or Microsoft Exchange. We will refer to these as "other" email services.
This is the 2nd step of the procedure to integrate Perception Point with other email services:
About verifying your domain
You need one or more verified domains for each email service that you integrate with Perception Point. After you add a domain [as part of the email service connection process], you need to verify the domain. Verifying a domain includes:
- Adding a TXT record to your domain provider
- Verifying the TXT record
Adding a TXT record
Note:
|
To add a TXT record:
- Open Perception Point X-Ray.
- In the left navigation menu, select Account > Email Domains.
- Locate and then open the required domain.
- Click Copy [] to copy the "TXT record name" to the clipboard.
- Go to your domain provider and add the TXT record name, using the value that you copied to the clipboard.
- Click Copy [] to copy the "TXT record value" to the clipboard.
- Go to your domain provider and add the TXT record value, using the value that you copied to the clipboard.
Note Other AWS products may use this method of domain verification. This is OK, as it is acceptable to have more than one _amazonses.domain record, as long as the record values are different. |
Verifying the new TXT record
Note When you add a TXT record to your domain provider, it may take up to 72 hours for your domain provider to apply and replicate the change. Inform Perception Point Support [support@perception-point.io] if the domain is not verified after a few hours. |
To verify a new TXT record:
- Open Perception Point X-Ray.
- In the left navigation menu, select Account > Email Domains.
- Locate and then open the required domain.
- Locate "TXT record verification". It should have the "Pending" status.
- Click Verify on the right of "TXT record verification".
The status should change from Pending to Verified.
Note: If multi-region functionality is enabled, you'll need to verify TXT records for both the primary region and the secondary region. |
Troubleshooting domain verification
When you add a TXT record to your domain provider, it may take up to 72 hours for the domain provider to apply and replicate the change.
Step 3 - Configuring "other" email systems
You can integrate Perception Point with various email services. This enables Perception Point to protect all incoming mail from the integrated services.
This page discusses how to connect Perception Point to an email service that is not Google Workspace, Microsoft 365, or Microsoft Exchange. We will refer to these as "other" email services.
This is the 3rd step of the procedure to integrate Perception Point with other email services:
To enable your Perception Point integration with other email services, some configurations must be made in your email service. Perform these configurations as described below.
Note: The procedures below will differ depending on the specific email service that you are using. |
1. Add the Perception Point IP addresses to the safe list
- Depending on your organization's AWS environment, add the following IP addresses to the list of allowed IP addresses in your environment: [See the drop-down below for details on on how to determine your environment]
What is the environment of your organization
|
For US environments | For EU environments | For AU environments |
|
|
|
2. Create a spam rule for spam emails [optional]
Perform this step only if your email service supports rules with headers.
This procedure enhances the ability of suspected spam to be sent to the user’s junk/spam folder.
The example shown below is for Microsoft Exchange. The procedure will differ depending on the email service that you are using.
- In Exchange Admin, select Mail flow > Rules > "Create a new rule…"
- Scroll to the bottom, and click "More options…"
- Name: Perception Point Spam Rule
- Select "Apply this rule if…" > "A message header…" > "Matches these exact patterns"
- Select "Enter text" and then specify the header name: X-PERCEPTION-POINT-SPAM
- Select "Enter text patterns" and then specify the following words or phrases: FAIL - and then click "+"
- Select "Do the following…" > "Modify the Message Properties"
- Set the Spam Confidence Level to "6"
3. Configure your MX record
Note:
Note that Perception Point X-Ray supports TLS 1.2
|
- On your network provider, change the MX record as follows: [Open the drop-down below for details on your environment.]
What is the environment of your organization
|
| Multi-region enabled | Multi-region not enabled |
For US environments: | us.mx-pp.com | inbound-smtp.us-east-1.amazonaws.com |
For EU environments: | eu.mx-pp.com | inbound-smtp.eu-west-1.amazonaws.com |
For AU environments: | australia.mx-pp.com | inbound-smtp.eu-west-1.amazonaws.com |
Email from your email service is now protected by Perception Point.
References:
https://docs.perception-point.io/WP/Content/PP/Other-Connecting.htm
Acronis: https://docs.perception-point.io/acronis/Content/PP/Other-Connecting.htm
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article