filter exchange mail

Hello,

I have already asked this question some time ago but I am not able to solve it, I am explaining the problem to you

customer with "client" outllook 2016 behind firebox, e-mail address configured as exchange mail (you don't see the ports but I assume 993/465)

I would like to be able to filter mail with APT and AV is it possible? some idea ?

thank you very much

Comments

  • You can use the IMAP proxy for this - TCP port 993.
    I use it for Outlook client access to Gmail.

    IMAP is for incoming e-mail. TCP 465 SMTP is for sending e-mail

  • If the incoming access method is POP3 instead of IMAP, then one can use the POP3 proxy.

  • hi Bruce,

    I also use imap in my mails and all APT / AV etc etc works, but not with exchange

  • edited June 2021

    Where is the Exchange server located with respect to the Outlook client?

    This MS doc suggests the ports needed for access through a firewall.
    Network ports for clients and mail flow in Exchange
    https://docs.microsoft.com/en-us/exchange/plan-and-deploy/deployment-ref/network-ports?view=exchserver-2019

    What ports are actually being used?

  • If the access is really IMAP and the access doesn't work through the IMAP proxy, you should open a support incident to get WG help in resolving this.

  • "e-mail address configured as exchange mail" in Outlook 2016 by default would not be using IMAP ports. It would be a "MAPI over HTTP" connection or Outlook Anywhere connection.

    Both Outlook Anywhere (RPC over HTTP) and Outlook MAPI over HTTP use outbound port 443.

    If your client and the Exchange server are both behind the same Firebox, your traffic won't go through the Firebox to get to the Exchange server in a typical scenario where Exchange and the client are on the same LAN. All of that traffic would be on a LAN network switch.

    Gregg Hill

  • Hello,
    i didn't explain myself, no exchange server behind my firebox, outllok client connects to exchenge onlline server

  • I came to the conclusion that it is not possible to inspect office 365 (exchange online) on an account installed in Outlook 2016.

    the traffic is on port 443, if active the outlook traffic survey does not connect to the account, if active the default exclusions (those preset on the firebox) work but the traffic is not checked because it is an exclusion.

    so nothing to do, any suggestions?

  • I'm not an expert but I don't think that is possible. I rely on Exchange online to filter out bad email or email with malware attachment/payload.

  • Hi Ron,
    I agree, but it should be implemented

  • The only way for it to filter M365 mail would be for the Firebox to be the MX record target so it could receive all mail, then it would have to send it along to M365, just as it would with an onsite Exchange server and an external filtering service. I think there IS a way to do that already, but it is cumbersome and possibly not very reliable.

    Gregg Hill

  • @Greggmh123 said:
    but it is cumbersome and possibly not very reliable.

    ^^^ this is why I don't do it.
    Microsoft spam/malware filtering is quite good and there is no electronic device that can stop all attacks. The best defense is actually smart end users.

  • Where do you find those?

  • All you need is just one dumb one

  • that would be correct and unfortunately... there is always one or more in a company.

Sign In to comment.