Configuring Journal/BCC for PoV

Cisco Secure Email Cloud Gateway

About

This page covers the necessary steps to configure the journal rule for your Microsoft 365 or Google Workspace and share copies of inbound messages to Cisco Secure Email Cloud Gateway.

Prerequisites

Cisco recommends that you have the following knowledges and permissions to configure:

  • Cisco Secure Email Cloud Gateway (Trial Portal)
  • Admin access to Microsoft 365 or Google Workspace

Background Information

You should receive an encrypted email from Cisco that provides you with Cisco Secure Email Cloud Gateway's IP addresses, login information and, most importantly, a unique journal recipient email address.

If you have not received this encrypted letter, please reach out to [email protected] with your contact information, customer name and domain name.

All information provided in this encrypted email is unique for each customer and is not likely to change without notification.

Configure Journal rule for Microsoft 365

  1. Login to the Microsoft 365 Admin Center (https://portal.microsoft.com)
  2. Go to Admin Centers > Exchange
  3. Click > compliance management
  4. Click > journal rules tab
  5. Click +
  6. In the 'Send journal reports to', type the unique email address received from Cisco
  7. Name the new journal rule (Journal to Cisco Secure Email )
  8. For 'If the message is sent to or received from', select > [Apply to all messages]
  9. In the 'Journal the following messages' drop-down list, select > External messages
  10. Click > Save
  11. Click > Yes in the confirmation message

Configure BCC Rule for Microsoft Office 365

  1. Login to the Microsoft 365 Admin Center (https://portal.microsoft.com)
  2. Go to Admin Centers > Exchange
  3. Click > mail flow
  4. Click > rule tab
  5. Click +
  6. Name the new BCC rule (BCC to Cisco Secure Email)
  7. Configure > Apply the rule if: The sender is located …
  8. Choose: Outside the organization
  9. Click OK
  10. Configure > Do the following: Bcc the message to …
  11. Insert Check names: the unique email address received from Cisco
  12. Click Check names (Note: “unique email address” will be added into 'Add ->' box)
  13. Click > OK
  14. Click > SAVE

Configure Journaling Rule for Google Workspace

  1. Login to the Google Admin (https://admin.google.com)
  2. Go to Apps > Google Workspace > Gmail
  3. Scroll down the page, and click > Routing
  4. Click > ADD ANOTHER
  5. Name the new routing setting (BBC to Cisco Secure Email)
  6. For 'Message to affect', choose > Inbound
  7. Look for 'Also deliver to', select > Add more recipients
  8. Click ADD
  9. In 'Recipient address', enter the unique email address received from Cisco
  10. Click > Save
  11. Click > ADD SETTING
  12. Click > SAVE at the bottom of the main page

Verify the status of journal mail flow in Cisco Secure Email Cloud Gateway

Once the above steps have been completed, Cisco Secure Email Cloud Gateway will start receiving copies of inbound messages sent to your organization. You can confirm the traffic flow by logging in to Cisco Secure Email and Web Manager portal.

  1. Login to the Cisco Secure Email and Web Manager (i.e: https://dh123-sma1.iphmx.com/ng-login )
  2. Click > Tracking tab
  3. Click > Search
  4. All email messages journaled from Office 365 / G-Suite are listed in the search result page.
  1. Click > More Detail on one of the messages
  2. Make sure the SPF, DKIM and/or DMARC verification result = Pass

Configure Incoming Relay Setting (OPTIONAL)

The SPF, DKIM and/or DMARC verification result will displayed as FAIL if the existing vendor (Microsoft 365 or Google Workspace is expected to receive the inbound emails from other MTA's in the network, hence it is necessary to configure the "Incoming Relay" setting on the Cisco Secure Email Cloud Gateway to optimize the POV outcome.

  1. Login to Cisco Secure Email Cloud Gateway’s GUI (i.e: https://dh123-esa1.iphmx.com)
  2. Navigate to Network > Incoming Relay
  3. Click > Enable
  4. Click > Add Relay …
  5. Name the relay profile (example: O365)
  6. Add the MTA IP address or hostname (example: .outlook.com)
  7. On Header option, stay as Parse the "Receiving" header
  8. Keep 'Begin parsing after' as From
  9. Choose the appropriate hop count (*) from the drop-down list.

📘

(*) Recommended hop count for O365 (.outlook.com) is 3+N, and G-Suite (.google.com) is 2+N

  1. Click > Submit
  2. Click > Commit Changes (the yellow button on the top right corner)
  3. Give optional comment and click > Commit Changes again

🚧

PLEASE READ CAREFULLY

Cisco strongly advices customers to keep the setting of "Recipient Access Table" and "SMTP Routes" as default when Journal or BCC mode is enabled in Cisco Secure Email Cloud Gateway. Please contact [email protected] if you need to change these settings.


Did this page help you?