In order to begin using the EncryptTitan e-mail encryption services for Microsoft 365, you must configure 365 to send outbound e-mail though the EncryptTitan encryption gateway. Once configured, EncryptTitan will inspect each message to determine whether to encrypt the message based on your organizational encryption triggers.

Note; If you are familiar with PowerShell, consider using the PowerShell script attached to your "welcome message" to simply the configuration of Microsoft 365 (Exchange Online). Please review this knowledge based article before attempting to use the PowerShell script: EncryptTitan PowerShell Setup Scripts for Microsoft 365.


Add an EncryptTitan Connector

  1. Point your browser to
  2. Enter your administrator account email address and password. (If you are not an Administrator, you will be redirected to the user hub; since you will need to access the administration features, you will need to contact your Office 365 Administrator)
  3. Click Sign in. The Office 365 console appears.

On the left selection area click on Admin to be directed to the Microsoft 365 Admin Center

        4. Click on "Show all".  Once in the Admin centers, press the Exchange Tile.

     5. Click on Mail Flow, then click on Connectors.

     6. In the Connectors section, click the + sign to add a new connector. The Mail Flow Scenario dialog box opens.

    7. Select Office 365 for the Connection From: and Partner organization for the Connection to:. Click Next.

    8. In the Name field, enter a descriptive name for the outbound connector, this can be EncryptTitan or any other                      descriptive name 

    9. In the Description field, enter additional descriptive information about the outbound connector. To enable the                    connector immediately upon completion check the box Turn it on. Click on Next.

    10.  Select the option “Only when I have a transport rule set up that redirects messages to this connector“. Click Next

  1. On the Route email messages page select “Route email through these smart hosts“.

  1. Please refer to your “Welcome Message” for the outbound gateway name that your domain has been assigned. Enter the gateway name in the text field and click the + symbol to add the smart host. Then click on Next.

  1. Ensure “Always use Transport Layer Security (TLS)” and “Issued by a trusted certificate authority (CA)”  are the options selected. Click on Next.

    14. You will now need to verify the connector.  Add as the test e-mail address then click        the + symbol and then press the Validate button.  

          The validation step will attempt a connection from Office 365 to the EncryptTitan Gateway you configured            and then email the designated email address. You should see Success on both results.  Click on Next.

    15. Click on the Create connector button.

Add an EncryptTitan Mail Flow Rule

1. Under Mail Flow select Rules.


2.  Select the plus symbol, and select “Create a new rule...” from the drop-down.  Then name your rule.

3. Click on the dropdown under “*Apply this rule if” and select   "The recipient is located..."  then select "Outside the organization" and click the OK button.

4. Then, click on the "More options..." link and the bottom of the window.

5. Next, click on the "*Do the following..."  dropdown and choose "Redirect the message to.." and then "the following connector".

6. Choose the connector that you just created for EncryptTitan and press the OK button.

7.  Next, press the "add action" button and select "Modify the message properties..." from the dropdown menu, then select "set a message header".

8. Click on the "Enter text..."link, next to the words "message header", and enter X-ETVALTOK, then click on the OK button.

9.  Click on the "Enter text..."link, next to the word "value", and type in the header token provided in your welcome message, then click on the OK button.

10.  Under, "Except if..." press the "add exception" button. Select "The sender..." from the dropdown menu and then "address matches any of these text patterns"

11. Enter < (the less than sign following by > (the greater than sign), with no spaces inbetween the two symbols, as the text.  Next, click the plus sign and then the OK button.

12.  Then, click on the save button.

You have now completed the configuration for the EncryptTitan service on the MS 365 platform. Changes normally take affect within 5 minutes. E-mail will continue to use your previous settings until the changes take effect.