Setting up Paubox HIPAA Compliant Email for Microsoft Exchange contains three parts: Setting up Inbound encryption, Outbound encryption, and modifying your corporate firewall.
Part I: Setting up Paubox Inbound Encryption for Microsoft Exchange
To get Paubox Inbound Encryption going, you’ll need to make 2 changes to your domain’s DNS records. First, change your MX record so that it has just one MX record:
Second, change your SPF record so that it’s set to:
v=spf1 ip4:10.1.1.1 include:_spf.paubox.com -all
Where 10.1.1.1 is the public IP address you send email from with your Exchange server. Be careful NOT to actually set this to 10.1.1.1.
Not sure how to do this? We can help during the integration process.
Before making these changes however, make sure we have verified that you are correctly setup on our end first. Click here to get started.
Part II: Setting up Paubox Outbound Encryption for Microsoft Exchange
You will need to use the Microsoft Management Center (MMC) to configure a Smarthost to point to Paubox. A Smarthost controls where your remote, outbound email will go.
Depending on which version of Microsoft Exchange you use, there are different steps on how to create a Smarthost:
- Create a Smarthost on Exchange 2007
- Create a Smarthost on Exchange 2010
- Create a Smarthost on Exchange 2013
Once your Smarthost is correctly in place, Exchange will automatically route remote outbound email through Paubox. In other words, it’s one of the few Microsoft settings where a service or machine restart is not required.
Part III: Modifying your Corporate Firewall
For best results, modify your corporate firewall so that your Exchange server only accepts inbound SMTP traffic from the Paubox Networks.
Here’s how to do it:
Allow Inbound SMTP traffic (TCP port 25) only from the Paubox Networks: