To set up centrally managed email signatures using Policy Patrol for Office 365, you must bridge the legacy on-premises software with your cloud environment using Exchange Online Mail Flow Rules (Transport Rules). Because Policy Patrol (originally by Red Earth Software, later acquired by OPSWAT) was built primarily as a Windows Server/Exchange on-premises application, routing your Office 365 cloud traffic through it requires a hybrid connector setup or utilizing Policy Patrol’s dedicated cloud/hosted email signatures agent.
The setup involves configuring email routing connectors, creating an automated transport rule, and designing templates linked to user properties. Step 1: Configure Outbound and Inbound Connectors
For Policy Patrol to append signatures to emails sent from Microsoft 365, emails must route from the cloud to the server hosting Policy Patrol, and then back into the cloud or out to the recipient.
Go to the Microsoft 365 Admin Center and navigate to the Exchange Admin Center (EAC). Click Mail flow and select Connectors. Create an Outbound Connector:
Set the path from Office 365 to Your organization’s email server (where Policy Patrol is installed).
Specify the smart host (the public IP or FQDN of your Policy Patrol server). Create an Inbound Connector:
Set the path from Your organization’s email server to Office 365.
Secure it by specifying the public IP address of your sending server so Exchange trusts the inbound traffic back from Policy Patrol. Step 2: Establish the Mail Flow (Transport) Rule
Once the connectors are built, you must tell Exchange Online exactly which emails should be routed to Policy Patrol to get a signature.
In the Exchange Admin Center, navigate to Mail flow > Rules. Click Add a rule (+ icon) and choose Create a new rule.
Give the rule a clear name (e.g., “Route Outbound to Policy Patrol Signature Server”). Under Apply this rule if, select: The sender is located… > Inside the organization.
The recipient is located… > Outside the organization (or choose all recipients depending on your company policy). Under Do the following, select:
Redirect the message to… > The following smart host/connector and choose the Outbound Connector you built in Step 1.
Add an Exception (Crucial to prevent endless routing loops): Select The message properties > include a message header.
Set a specific header that Policy Patrol stamps onto emails after it processes them (e.g., X-PolicyPatrol-Processed: Yes), ensuring Exchange knows not to send it back to the signature server a second time. Step 3: Design Templates and Sync Active Directory
Policy Patrol functions by pulling active user data into a single master template.
Leave a Reply