Configure Microsoft 365 with Black Pearl Mail

Configure Microsoft 365 with Black Pearl Mail

These steps will route all of your users through the Black Pearl Mail platform. If you would prefer to start with a test/pilot group before rolling out with all of your users, follow these instructions.
To carry out the following steps, you will require a M365 account with global administrator permissions.

STEP 1 – Log in to M365

1) Open the Microsoft 365 admin console -

2) Click on Show all.

3) Click on Exchange.

STEP 2 - Setup Inbound Connector

You can watch the video below for this step and/or follow the step-by-step directions beneath it.

1) Select Mail flow from the right-hand side menu.
2) Across the top menu select Connectors.
3) Click +.

4) In the pop-up window make these changes: 
  1. From: Your organization's email server
  2. To:  Office 365

5) Click Next.
6) Make these changes:
  1. Name: Black Pearl Mail Inbound.
  2. Ensure Turn it on is checked.
  3. Ensure Retain internal Exchange email Headers (recommended) is checked.
  4. Click Next.

7) Select By verifying that the subject name on the certificate that the sending server uses to authenticate with Office 365 match the domain name (recommended).
  1. Enter *
  2. Click Next.

8) Confirm your settings then click Save.

STEP 3 - Setup Outbound Connector

1) Select Mail flow from the right-hand side menu.
2) Select Connectors from the top menu.
3) Then click +.

4) In the pop-up window make these changes: 
  1. From: Office 365.
  2. To:  Your organization's email Server.
  3. Click Next.

5) Make these changes: 
  1. Enter the name: Black Pearl Mail Outbound
  2. Ensure the following settings are both checked:
    1. Turn it on
    2. Retain internal Exchange email headers (recommended)
Click Next.

6) Check Only when I have a transport rule set up that redirects messages to this connector.

8) Click Next.
9) Click +.
10) For Specify the smart host's fully qualified domain name (FQDN) or IPv4 address enter
Click Save.

11) Click Next.

12) For How should Office 365 connect to your email server? Make the following changes:
  1. Check Always use Transport Layer Security (TLS) to secure the connection.
  2. Select Issued by a trusted certificate authority (CA).
  3. Check And the subject name or subject alternative name (SAN) matches this domain name:
  4. Enter *
      Click Next.

13) Verify your settings and click Next.

14) Under Validate this connector click +.

15) Enter: and Click Ok.

16) Click Validate.

17) Click Close.

18) Ensure that Check connectivity to ‘’ succeeds.
Note: “Send test email” may fail, this is not an issue. Microsoft sends the test email from an unvalidated domain which doesn’t pass security criteria.

19) Click Save.

STEP 4 - Setup Mail Flow Rules

1) Select Rules from the top menu.

2) Click + and select Create a new rule.

3) First, scroll to the bottom of the window and click More Options.

4) Now add the following details:
  1. Name: Internal Bypass

5) Under Apply this rule if... and select:
  1. A message header... includes any of these words.

6) Click on Enter text.

7) Enter X-BP, click Ok.

8) Click on Enter words.

Enter ^*$
Then you need to click + to add the text.

Click Ok. You should see the value now listed below:

9) Under Do the following... select Modify the message properties.

10) Select set the spam confidence level (SCL).

11) In the popup window, scroll up to Bypass Spam Filtering, click Ok.

Click Save.

12) Ensure that that the Internal Bypass rule is selected, then click the Edit icon.

13) Under Priority change the setting to 0, click Save.
14) Remain on the Rules page, click + then select Add new rule.

15) Scroll down and click More Options.

Note: To have all of your users route through the Black Pearl Mail system, follow the instructions below. If you would prefer to set up a test group and have specific users test the system before deploying for your entire organization, follow the steps here.

Enter the following details:
  1. Name: Black Pearl Mail

16) Under Apply the Rule if… select The sender... and then select is external/internal.
17) In the popup window, select Inside the organization, and click Ok.
18) Under Do the the dropdown and select Redirect the message to... then select the following connector.
19) Select Black Pearl Mail Outbound, click OK.
20) Under Except if... click on add exception.
21) In the drop-down select The message properties... and then includes the message type.
23) In the dropdown, select Calendaring, and then click Ok. 
24) Under Except if... click on add exception.
25) In the drop-down select A message header… and then select matches these text patterns.
26) Click on Enter text...
27) Enter X-BP and click OK.
28) Click on Enter text patterns...
29) Enter ^*$ 
Then click on the + to add it.
Then click OK. Your value should be listed below.
30) Under Except if... click on add exception.
31) Under the dropdown select The Sender...
32) Then select domain is.
33) Enter
Then click + to add it.
                  Click OK. Your value should now be listed below:
34) Under Except if... click on add exception.

35) Under the dropdown select The Sender...

36) Then select address matches any of these test patterns.
37) Enter <> Then click on the + to add it.


38) Then click OK. Your value should be listed below.

39) Scroll down to Match sender address in message: and change to Envelope. Click Save.
40) Next, edit the Black Pearl Mail rule to set the priority. Select the Black Pearl Mail rule and edit on the edit icon.

41) Under Priority set the value to 1 and then click Save.

That completes the settings needed in O365. You are now configured to route with Black Pearl Mail. Please note these settings can take up to an hour to complete. 

Next, you'll want to create signature templates, add user details, and lastly, turn on signatures for your users. We have provided some helpful resources below.
  1. Getting Started: Use the Same Branded Email Template for all Users
  2. Getting Started: Use Different Branded Email Templates for Different Groups of Users