Enabling Sophos Email SPX with Exchange 365


Im trying to get SPX (Secure PDF Exchange) implemented for some clients that are on 365 but am having issues. 

Initially I was going to use an apliance but only after weeks of speaking to various peopel did it become clear that its not very practical - i.e. email has to leave the office and get received by 365, then get sent back to the office to get encrypted and then get sent out again. Hence it was suggested to use Sophos EMail in the cloud to do the SPX encrypting function.


I can find no simple setup guide for how to configure 365 with Sophos Email - is there one? Despite this it looked easy eoough - setup Sphos Email as a recipient for a given domain and setup 365 to forward email to Sophos EMail.

Initially I only want subject line tagged emails (e.g. with "[encrypted]") to forward to Sophos SPX for encrypting - NOT all emails to be forwarded - so I created a dedicated 365 connector to forward to Sophos and that works, however when Sophos Email receives the email it is unable to forward it properly - you get a bounce from the recipients domain:

"Security or policy settings at <recipient domain> have rejected your message.  Status code: 550 5.7.1 This error occurs when the recipient's domain has security or policy settings that reject the sender's message. "

I have spoken to Sophos sales and they said that this will work. Speaking to 'technical support' they initially said that it can't be setup like that - after challenging them for documentation stating this they went quiet and then suggested that you can only use the Outlook SPX add-in - which this bounce should have nothing to do with; or that email cypers have to be set - but then they realised there is no place to set these. They are now going round in circles.

Has anyone set 365 to forward to Sophos Email SPX as I'm getting nowhere.