Pre-requisites for Emulating Email Sending/Receiving Activity

Make sure that the following pre-requisites are fulfilled before you proceed to emulate the email sending/receiving activity in an O365 environment:

  • The emulation can be performed only by an external agent. This means that at least one external agent should be up and running in the environment for the emulation to occur.

    If you want to simulate the mail sending/receiving activity for a sender and receiver in the same location, then you can install and configure a single external agent, and configure this agent to simulate both the email transmission and reception.

    On the other hand, if you want to simulate the email communication between a sender in one location and a receiver in another, then you will have to configure two external agents - one per location. For instance, you may want to monitor the email communication between sender gale@czarit.com in Singapore, and receiver john@czarit.com in California. In this case, you need to install two external agents - one in Singapore and another in California. Then, you should use the agent in the sender's location - i.e., Singapore - to simulate the email transmission, and the agent in the receiver's location - i.e., California - to simulate the email reception.

    Note that a single eG external agent can be configured to perform multiple simulations.

  • For every simulation, two valid mailboxes are required - one for sending emails and another for receiving them. You may want to consider creating a dedicated sender and receiver for monitoring purposes.

  • To perform the simulation, the eG agent needs secure access to the target O365 tenant and its services such as Exchange Online. For this purpose, the eG agent should use Azure AD Certificate-based Authentication.

    Azure AD certificate-based authentication (CBA) enables customers to allow or require users to authenticate with X.509 certificates against their Azure Active Directory (Azure AD) for applications and browser sign-in. When monitoring highly secure Office 365 environments, you can configure the eG agent to identify itself to a tenant using a valid X.509 certificate, so that it is allowed secure access to the tenant and its resources.

    To enable the eG agent to use this modern authentication technique, the pre-requisites detailed in the Pre-requisites for Monitoring Office 365 Environments where Modern Authentication is Enabled topic should be fulfilled. These pre-requisites can be fulfilled either manually, via the Office 365 portal, or automatically, using Powershell scripts we provide. For the manual procedure, refer to Manually Enabling Certificate-based Authentication For an Office 365 Tenant. For the automatic procedure, refer to Automatically Fulfilling Pre-requisites in a Modern Authentication-Enabled Environment.

    When enabling certificate-based authentication, an X.509 certificate will be generated for the target tenant.

    You then need to configure the O365 Sender and O365 Receiver tests with the name of the tenant for which certificate-based authentication is enabled. Using the tenant name, the eG agent will be able to read the details of the X.509 certificate that is generated for that tenant, and use that certificate to access that tenant's services/resources.