Setting up Paubox HIPAA Compliant Email for Microsoft Exchange contains two parts.
Part I: Setting up Paubox Inbound Encryption for Microsoft Exchange
To get Paubox Outbound Encryption going, you’ll need to make the following change to your domain’s DNS records:
Change your SPF record so that it’s set to:
v=spf1 ip4:10.1.1.1 include:_spf.paubox.com -all
Where 10.1.1.1 is the static public IP address you send email from with your Exchange server. Be careful NOT to actually set this to 10.1.1.1. This also needs to be sent to Paubox for us to create the Outbound Relay.
Not sure how to do this? We can help during the integration process.
Part II: Setting up Paubox Outbound Encryption for Microsoft Exchange
You will need to use the Microsoft Management Center (MMC) to configure a Smarthost to point to Paubox. A Smarthost controls where your remote, outbound email will go.
Depending on which version of Microsoft Exchange you use, there are different steps on how to create a Smarthost:
- Create a Smarthost on Exchange 2007
- Create a Smarthost on Exchange 2010
- Create a Smarthost on Exchange 2013
Once your Smarthost is correctly in place, Exchange will automatically route remote outbound email through Paubox. In other words, it’s one of the few Microsoft settings where a service or machine restart is not required.
Part III: Modifying your Corporate Firewall
For best results, modify your corporate firewall so that your Exchange server only accepts inbound SMTP traffic from the Paubox Networks.
Here’s how to do it:
Allow Inbound SMTP traffic (TCP port 25) only from the Paubox Networks: