Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Contact Us
  • Home
  • Pre-deployment

mxHERO Transport Agent

Updated at November 29th, 2023

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • General Information
  • Pre-deployment
  • Forwarding Address (Archiving Address)
  • Email Flow (Fusion)
  • Mailbox (Email Sync)
  • Storage
    Box Service Account OneDrive for Organizations
  • Mail2Sign
    Box Sign DocuSign
  • Login
  • mxHERO AI
  • Labs
  • Basics
  • Mail2Cloud Dashboard
  • Auto Filling
  • Drag And Drop
  • MXHERO App
+ More

Table of Contents

​Use Case Installation Agent configuration Exchange configuration mxHERO relay/whitelist Exchange relay/whitelist Receive Connector adjustment All set!

Use Case


If you have MS Exchange on premises - 2010/2013/2016 - you have a couple of deployment options for mxHERO. See the table below:

Email System Inbound (1) Outbound (2) Intra-bound (3) Selective Routing On Prem
MS EXchange Yes Yes Yes (5) Yes (6) Yes
  1. Inbound: message from external sender to internal recipients.
  2. Outbound: message from internal senders to external recipients.
  3. Intra-bound: message from internal senders to internal recipients in the same email server.
  4. Selective Routing: only route through the gateway messages for specific users or groups.
  5. Intra-bound routing requires installation of mxHERO's transport agent on the MS Exchange server.
  6. Selective Routing can be achieved by installing mxHERO's transport agent or depends on the Security Email gateway for routing.
  7. On-Premises mxHERO deployments are supported. mxHERO recommends the use of its cloud environment, however on-premises might be the best option in certain cases.


For inbound only, you can simply change your MX records to point to mxHERO (like any email gateway). For outbound, you only need create a Send Connector in your Exchange and route messages through mxHERO. However, to capture intra-bound messages, you must install the mxHERO Transport Agent, and this is what we describe in this article.


Installation


Please ask mxHERO support for the Transport Agent installation package. Then install it in your Exchange Transport servers. There's a package for Exchange 2010 and another for 2013/2016. The configuration for all of them is the same.


Agent configuration


First, please open C:\ProgramData\MxHeroTransportAgent\config.ini and change the "ClientHeader" section value to "X-mxHero-TA-On-Prem". Then, open the mxHERO Agent Setting Editor and setup the configuration according to the following:

Use these values for the mxHERO cloud. If you have mxHERO on prem, they will be according to your deployment. Also please change Connect Timeout to 15000 and Send Timeout 300000.

Agent key - this value is provided by the mxHERO support.

Activate logging. This will help you during the testing phase.

When you click SAVE, the system will ask you to install the change. Just confirm.

Exchange configuration

A few adjustments on the Exchange side are needed in order to finish the integration with the transport agent.

mxHERO relay/whitelist

If you are using mxHERO's SaaS service, please inform mxHERO support your Exchange IPs. We have to configure our cloud to accept emails from your systems.

Exchange relay/whitelist

Also, in the case you are using mxHERO's SaaS service, you have to allow mxHERO to inject emails into your Exchange. Please follow this article for IP based relay: https://technet.microsoft.com/en-us/library/mt668454(v=exchg.160).aspx

The IPs you have to allow relay are:

54.208.111.28
54.236.184.32
54.165.252.128
54.165.253.193

Receive Connector adjustment

To support the email flow between mxHERO and Exchange, two flags in your existing receive connectors need to be changed. The command below, using Exchange Management Shell, will do the trick, however if you want more information about this, please access: https://technet.microsoft.com/en-us/library/bb232174(EXCHG.140).aspx

> Get-ReceiveConnector *\* | Set-ReceiveConnector -BinaryMimeEnabled $False -ChunkingEnabled $False

All set!

Now, just restart the Exchange services to make sure all settings are in place. Command for the Exchange Management shell below.

> $services = Get-Service | ? { $_.name -like "MSExchange*" -and $_.Status -eq "Running"}
> foreach ($service in $services) {Restart-Service $service.name -Force}

Now, create your rules in the mxHERO dashboard and your integration is complete!

mxhero transport agent

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Manually Configuring Office 365 for mxHERO Protection (Part 2)
  • Preventing TNEF encapsulation
  • Manually Configuring Office 365 for mxHERO Attachment Protection (Part 1)
  • Necessary information for your Mail2Cloud implementation
astors-3-tiny.png

Company

Home

About

News

Blog

Security & Trust

Terms of Service

Privacy Policy

Service Status

Partners

Products & Papers

Data Sheets

Products

FAQ

Roadmap

Contact

Sales

Support

Videos

Japan

Report Incident

Contact Us!
  • LinkedIn

contact@mxhero.com

3x Astors Homeland Security Platinum Award for Best Email Security Solution

© 2022 mxHERO Inc.

BoxElite.png

USA

100 Pine St., Suite 1250

San Francisco, CA 94111

USA

​

Japan

105-0003

DLX Building 9F

Nishi-Shinbashi 1-13-1

Minato-ku, Tokyo

Japan

Definition by Author

0
0
Expand