External Security Gateway Integration
Zoho Mail is powered by Zoho eProtect, a robust cloud-based spam filtering and threat protection solution. All your organization's incoming and outgoing emails are processed through advanced anti-spam settings before the emails are delivered to the intended recipients.
However, certain organizations might require redundancy in their email solution to stay aligned with legal and compliance requirements laid down by regulatory authorities. In such cases, organizations can subscribe to external email security providers to protect their data from cyber threats.
With Zoho Mail, you can integrate third-party email security solutions with the email routing, inbound, and outbound gateway settings from the Zoho Mail Admin Console.
External security configurations
Based on your organization's email security requirements, you can point your domain's Mail Exchanger (MX) records to Zoho Mail, or to the external security solution. The email delivery flow and spam processing differ based on the MX configurations. In either scenario, Zoho will perform a basic scan for phishing and malware detection and then forward the email to the third-party security solution. Navigate to the sections below to learn more about each option.
MX pointed to an external email security provider
If your organization requires implementing an third-party solutions as your primary email security gateway, you must point your organization domain's MX records to the email security provider. Refer to the respective third-party email security provider's help pages for MX record details. Pointing MX records to the external email security provider routes all your incoming emails to the external provider. Emails that pass the anti-spam settings get routed to Zoho.
Note:
You must configure Inbound Gateway settings in Zoho Mail Admin Console to receive emails from the external security provider.
Configuration requirements
You must complete the actions below for the integration to work as intended.
- Point MX records to the external email security solution.
- Configure routing from the external email security solution to Zoho.
- Setup Inbound Gateway for Zoho to receive emails from the external email security solution.
- Setup Outbound Gateway if you want the external email security solution to scan outgoing emails.
- Add SPF and DKIM records for the external email security solution to receive emails from Zoho.
Find below the email delivery flow when MX is pointed to an external email security provider.
- Email received from the internet.
- MX validated (pointed to external email gateway).
- Emails scanned and non-malicious emails are routed back to Zoho Mail.
- Zoho performs standard spam processing.
- Emails that pass Zoho's spam filtering checks get delivered to the intended recipients.
Note:
If an email does not pass the spam filtering at the external email security solution, emails might get blocked or quarantined based on the settings you have configured.
MX pointed to Zoho
This method suits organizations that require advanced threat protection in addition to Zoho's spam processing to comply with legal and compliance requirements. You can choose this option for one or more users in your organization based on the subscription/ license available with the third-party solution. If you configure routing for specific users, emails sent to all other user accounts will be processed through Zoho eProtect's advanced spam filters before being delivered to the recipients.
Configuration requirements
You must complete the actions below for the integration to work as intended.
- Point MX records to Zoho with the least priority.
- Configure Email Routing and enable custom email delivery for those users whose emails are to be scanned using the external email security solution.
- Setup Inbound Gateway for Zoho to receive emails from the external email security solution.
- Setup Outbound Gateway if you want the external email security solution to scan outgoing emails.
- Add SPF and DKIM records for the external email security solution to receive emails from Zoho.
Below is an overview of the email delivery flow when MX is pointed to Zoho and email routing is configured to an external email security provider.
- Email received from the internet.
- MX validated (pointed to Zoho).
- Email routing configuration check.
- If the recipient user account is added to the routing configuration, the email will be forwarded to the external email security provider for security checks.
- Emails scanned and non-malicious emails are routed back to Zoho Mail.
- Spam processing is applied to all other user accounts.
- Emails that pass the spam filtering checks gets delivered to the intended recipients.
Note:
- If an email does not pass the spam filtering at the external email security solution, emails might get blocked or quarantined based on the settings you have configured.
- Refer to our Email Routing help page for steps to setup routing, inbound, and outbound gateways.
- Zoho Mail supports custom email routing options with external security gateways. For specific routing requirements reach out to support@zohomail.com.