Onboarding Microsoft 365 - Outbound

This page includes:

• Onboarding Microsoft 365 - Outbound
  • About onboarding Microsoft 365 - Outbound
  • Onboarding procedure:  Microsoft 365 - outbound
  • Step 1: Enabling outbound mail scanning
  • Step 2: Configuring outbound mail scanning
  • Step 3: Confirming the connection

About onboarding Microsoft 365 - Outbound

You can configure FortiMail Workspace Security to scan outgoing [outbound] emails to detect malicious file attachments and malicious URLs. This outbound functionality can be added to inbound Microsoft 365 [Inline and API] integrations. The outbound functionality is performed using the Microsoft 365 API connection method.

Note: You can add this functionality for scanning outbound email only if your organization is configured to scan incoming email - using either the Microsoft 365 Inline or the Microsoft 365 API integration method. Don't enable the outbound scanning functionality if scanning for inbound email is not yet enabled. Outbound scanning is not available for Google Workspace, Microsoft Exchange [on-prem], or "Other" integrations.

Scan results will appear in the Scans page. In the Scans page, you can click the Outbound email filter icon [] to show scan results for outbound email only.

Outbound scanning includes scanning to detect malicious content - not to detect spam. There is no quarantine available for outbound email scanning. Outbound scanning won't "block" any outgoing emails, even if they are found to be malicious. While scanning of outbound email is enabled, an alert will be sent when a malicious outbound email is detected. [See Admin alerts and reports - options] Outbound scanning may be useful for forensic purposes.

Licensing: There are no additional licensing requirements for enabling outbound scanning.

Onboarding procedure:  Microsoft 365 - outbound

Perform the following procedure to add outbound scanning to either a Microsoft 365 Inline integration or a Microsoft 365 API integration.

The onboarding procedure includes these 3 steps:

• Step 1: Enabling outbound mail scanning

• Step 2: Configuring outbound mail scanning

• Step 3: Confirming the connection

Step 1: Enabling outbound mail scanning

Outbound email can be configured to be scanned only if this "outbound" functionality is enabled - as described below.

1. In FortiMail Workspace Security - in the left navigation menu, select Settings > Bundles and Channels.

2. Under Enabled Channels, on the right of Email Service > Microsoft 365, click Channel Settings. The "Email Service Settings" sidebar opens.

3. Click Edit [].

4. Under Microsoft Account Options, select the "Enable outbound email scanning check box."

   

5. Click Save.

Step 2: Configuring outbound mail scanning

After outbound scanning is enabled, as described above, you can configure the required outbound functionality, as described below.

1. Select Settings > Bundles and Channels.

2. Under Enabled Channels, locate Email Service, and then click Email service configuration [] on the right.

   Note: Depending on your version of FortiMail Workspace Security, you may need to click on the Add Services icon [] on the right side of the FortiMail Workspace Security banner.

3. Click Add A New Email Service - if this option appears.

4. Select the Organization - if necessary.

   

5. Specify the escalation contacts. For details, see Escalation contacts.

6. In Email Service, select Microsoft 365.

7. In Connection Method, select Microsoft API.

8. Connection Scope:

   1. Inbound:

      • If the Microsoft 365 API Inbound integration is already configured in your organization, then the Inbound check box should be automatically selected. Make sure that the Inbound check box is selected. If you clear the Inbound check box, then the existing API Inbound integration may be removed.

      • If the Microsoft 365 Inline Inbound integration is already configured in your organization, then the Inbound check box should be cleared, and the check box should be disabled.

   2. Outbound:

      • Select Outbound. Note that the Outbound option appears only if outbound scanning is enabled, as described in Step 1 above.

      

9. Click Next - to open the next step in the onboarding wizard.

   

10. Select the domains that will be protected.

    Important: Select exactly the same domains and users that are specified in the inbound configuration.

11. Click Next. A summary of the new email service will be displayed.

    

12. Review the details, and then click Done.

Step 3: Confirming the connection

After you enable and configure the "outbound" functionality - as described above - you can verify that the outbound functionality is now active.

1. In FortiMail Workspace Security - in the left navigation menu, select Settings > Bundles and Channels.

2. Under Email Service > Microsoft 365, verify that:

   1. Outbound email scanning is Enabled

   2. the Connection scope includes Outbound

      

   Important: If Outbound email scanning is not displayed as Enabled, refresh the page, and then recheck the Outbound email scanning status.

   When the outbound integration is correctly configured, scan results will appear in the Scans page. In the Scans page, you can click the Outbound email filter icon [] to show scan results for outbound email only.

See also: 

• FortiMail Workspace Security