Setup Zoho eProtect - Manual Configuration

    Setting up your organization in Zoho eProtect is a simple process. You can use eProtect's archival and security features available by signing up here. For any queries related to the product, contact presales@zohoeprotect.com. This help page guides an administrator to setup Zoho eProtect manually.Steps to setup Zoho eProtect
     

     

    Sign Up with Zoho eProtect

    If you wish to sign up with an existing Zoho account, log in to Zoho eProtect with your credentials. Organizations new to Zoho can follow these steps to sign up with Zoho eProtect.

    1. Open a web browser and type www.zoho.com/eprotect.
    2. Click GET STARTED from the top right corner.
    3. Enter your Name, Email Address, Mobile Number and Password.
    4. Select I agree to the Terms of Service and Privacy Policy.
    5. Click SIGN UP FOR FREE. Zoho eProtect's Welcome page appears.
      Sign up with Zoho eProtect
    6. Enter your organization name and click Proceed. Add Domain page appears.
      org details

    Add Domain Manually

    To start using Zoho eProtect, you must add your organization's domain and confirm your domain ownership. You can use the Add Manually option for the below cases:

    • Organizations who have hosted their email on a different email provider other than Google Workspace, Microsoft 365, or Microsoft Exchange Server.
    • For on-premise email providers such as Zimra or other hosted email providers.
    • Google and Microsoft account organizations who wish to manually add their domains instead of the import process.

    Follow the below instructions to add your domain manually:

    1. Click Add from the top menu or click on Add domain
      add domain
    2. Enter the domain name and click Save.
      add domain

    Once you add your domain manually, you must prove ownership of the domain by following the steps given in Verify Domain.

    Verify Domain

    The domain verification procedure is required if you wish to setup your account manually or when your email is hosted on a different service provider other than Google Workspace, or Microsoft 365.

    Domain verification can be done either by adding a TXT record or CNAME record or uploading an HTML file. Zoho eProtect verifies your domain to ensure that:

    • The domain you entered is a valid/ active domain
    • You are the owner or an administrator with appropriate privileges to access your domain provider's DNS page.
    • The domain is not a spoofed address

    Before proceeding to domain verification, log in to your domain provider's account and navigate to the DNS page (DNS Manager or DNS Control Panel or Advanced DNS editor). 

    If you opt to verify your account manually, you will be taken to the Verify domain ownership page. Choose from one of the three methods available based on your needs.

    TXT Record Method

    Follow these steps to verify your domain using the TXT record option:

    1. Select Add a TXT record in the DNS option from the drop-down.
      txt record verification
    2. Copy the auto-generated zb code from the table.
    3. Locate the option to add a TXT record on the DNS page and click Add a record.
    4. In the Name/ Host/ Alias/ TXT, enter @ or leave it blank.
    5. In the Value/ Points To/ Destination field, paste the verification zb code that you copied.
    6. If the TTL is editable, set it to the minimum possible value recommended by your domain provider.
    7. Save the TXT Record and give it an hour to two to propagate.
    8. Switch back to Zoho eProtect and click Verify TXT Record.

    Your domain gets verified if the TXT records are propagated. Click Proceed to continue the setup process.

    CNAME Record Method

    Follow these steps for domain verification using the CNAME method:

    1. Select Add a CNAME record in the DNS option from the drop-down.
      verify using CNAME method
    2. Copy the CNAME Name/ Alias value from eProtect.
    3. Locate the option to add a CNAME record on the DNS page, click Add a record.
    4. In the Name/ Host/ Alias/ CNAME field paste the value that you copied.
    5. Copy the CNAME Value/ Points To/ Destination value from Zoho eProtect.
    6. Switch to the DNS page and paste the value in the Value/ Points To/ Destination/CNAME field.
    7. If the TTL is editable, set it to the minimum possible value recommended by your domain provider.
    8. Save the CNAME Record and give it an hour to two to propagate.
    9. Switch back to Zoho eProtect and click Verify CNAME Record.

    Your domain gets verified if the CNAME records are propagated. Click Proceed to continue the setup process.

    HTML Method

    Follow these steps to verify your domain using the HTML method:

    1. Select Upload HTML file in the website from the drop-down.
      HTML method verification
    2. Download the html file - verify.html given in the Zoho eProtect's Verify domain ownership page.
    3. Access your root directory and create a folder named 'verification'.
    4. Inside the verification folder, upload the HTML file that you downloaded from Zoho eProtect.
    5. You will see a verification code at http://domain name/verification/verify.html
    6. Click Verify HTML File to complete the domain verification process.

    Your domain gets verified. Click Proceed to continue the setup process.

    If you encounter any errors during domain verification refer to Troubleshoot Domain Verification Failure.

    For domain verification instructions specific to your domain provider, select the appropriate link from the below options.

    Note:

    If your domain is not listed above and you have trouble verifying your domain using the generic domain verification instructions, reach out to your email service provider or support@zohoeprotect.com.

    Setup eDiscovery

    Note: These steps apply only to organizations that have opted for eProtect's eArchive or Professional plans.

    To use Zoho eProtect's email archival feature, you must first configure the eDiscovery settings. Follow these steps to setup email archival for your organization:

    1. Enable the eDiscovery toggle switch to on.

    2. Select the preferred email provider and email archival option:

      Email Provider/
      Archival Type      		Google WorkspaceMicrosoft 365Other Providers
      JournalingYesYesNo
      APIYesYesNo
      MXYesYesYes
    3. The type you choose during onboarding will be the default archival option for all the domains you add to your eProtect account. You can, however, set custom archival options for specific domains once you complete the onboarding process.
      1.  Journalling in Google Workspace
      2. Journalling in Microsoft 365
      3. Email Archival using API

    Setup Journaling in Google Workspace

    Follow these instructions to setup Journalling for your Google Workspace account and configure third-party routing:

    1. Choose Journaling and select the Google Workspace tab.
      Journalling Google Workspace
    2. Open a new tab in your browser and log in to Google Workspace Admin Console.
    3. Select Apps on the left menu and choose Google Workspace.
    4. Navigate to Gmail and select Routing.
    5. Select Third-party email archiving and click ADD ANOTHER RULE.
    6. Switch to the setting up eProtect tab and copy the Journal Mailbox Address.
    7. Navigate back to the Google Workspace tab and paste the Journal Mailbox Address.
    8. Click the SAVE button.

    Note: Third-party email archiving option will be available only for organizations with Enterprise and Education plans.

    Setup Journalling in Microsoft 365

    As a prerequisite for Journalling, Microsoft 365 mandates setting up an alternate email address to send a Non-Delivery Report (NDR). A report of emails that could not be delivered to the journal mailbox address will be sent to this NDR email address. Follow these instructions to configure NDR settings:

    1. Open a new tab in your browser and log in to Microsoft Purview.
    2. Navigate to Data lifecycle management and select Exchange (legacy).
    3. Click Settings on the top right corner, enter the desired email address, and click Save.

    Note: If you are logged in to the new Microsoft Purview portal, select Settings > Data Lifecycle Management under Solution settings to add the NDR email address.

    Now that you have configured the NDR email address, follow these steps to setup Journalling for your Microsoft 365 account and configure third-party routing:

    1. Choose Journalling and select the Microsoft 365 tab.
      Journalling Microsoft 365
    2. Open a new tab in your browser and log in to Microsoft Purview.
    3. Navigate to Data lifecycle management and select Exchange (legacy).
    4. Select the Journal rules tab and click New rule.
    5. Navigate back to the eProtect tab in your browser and copy the Journal Mailbox Address.
    6. Switch back to the Microsoft Purview tab and paste the Journal Mailbox Address in the Send journal reports to field.
    7. Enter the Journal rule name.
    8. You can either choose Everyone or A specific user or group based on your preference.
    9. Choose All messages or Internal messages only or External messages only and click Next.
    10. Review the journal rule and click Submit.

    Note: If you are logged in to the new Microsoft Purview portal, select Solutions > Data Lifecycle Management > Exchange (legacy) > Journal rules to configure the journal mailbox address.

    Setup Email Archival via API

    Follow these steps to configure API as your preferred email archival method:

    1. Choose API in the Email flow method and select Microsoft 365 or Google Workspace.
    2. Click Add new in the Select email provider configuration drop-down.
    3. For Microsoft 365, follow the instructions given below:
      1. Enter a name for the email provider and click Authorize.
      2. Log in using your Microsoft 365 admin credentials.
      3. Click Accept.
    4. For Google Workspace, follow the instructions given below:
      1. Provide a name for the email provider for future reference.
      2. Enter the Administrator email address, Service email address, and upload the JSON key file.

      3. Click Add.
         

        Note: Complete the one-time authorization process to download the JSON key file.
    5. Once you complete the authorization, select the desired email provider from the drop-down menu and click Proceed.

    Advanced Email Archival Settings

    Based on your organization's email archival needs, configure the advanced settings as per the instructions given in this section. If required, you can skip these steps and configure them later from the Retention Policies section under eDiscovery.

    1. Click the Advanced Settings drop-down. This section lets you set the retention period and add filters for the archived emails.

    2. Default Retention Policy - This section allows you to set the duration for which your organizational emails should be stored in eProtect. You can either select Retain forever or enter the number of days in the Retain for field.
      advanced settings

      Note:

      • If required, you can configure the default retention rule in the Retentions section after completing the setup. 
    3. Email filters - By default, all the emails sent or received via eProtect will be archived. However, you can choose to filter out the emails based on specific conditions. The filter you configure here will get saved as the default EDISCOVERY_FILTER in the Email Filters section under eDiscovery.
      email filters
    4. Choose either All emails button to apply the filter to all your emails.

    5. If you selected Emails based on the conditions below, set the filter rule conditions from the below list:

      • Retain all sent emails
      • Retain all sent emails - outside the organization
      • Retain emails sent - only within the organization
      • Alternatively, you can specify selected domains and choose to retain the emails that are sent only to those domains.
      • Retain all received emails
      • Retain emails received - only within the organization
      • Retain emails received from external organization accounts
      • Alternatively, you can specify selected domains and choose to retain the emails that are received from those domains.
      • Exclude spam emails.

      Note:

      You can configure the eDiscovery ingestion filter in the Email Filters section after completing the setup.

    6. Click Proceed.

    Setting up email protection page appears. If you have opted only for email archival, click Skip and proceed to the Add users section.

    Setup spam processing

    Note:

    • The steps that follow are applicable only to organizations that have opted for eProtect's eSecure or Professional plans.
    • If your organization requires only the eProtect's EARCHIVE plan, navigate to the Setup email archival section.

    Once you configure the eDiscovery settings, the Spam Processing page appears. You can setup email protection for your organization on this page by following these steps:

    1. Enable the Email Protection toggle switch to on.
    2. Select the Spam Processing type that you want to set up:
      • Add header and forward - eProtect updates the email header with the content provided by admins and then forwards the email to the intended recipient.
      • Add subject tag and forward - eProtect appends the subject with the content provided by admins and then forwards the email to the intended recipient.
      • Quarantine - eProtect quarantines the email which can then be scrutinized by admins.
        spam processing section
    3. If you choose Add header and forward, follow these sub-steps:
      • Enter a Header Name and Header Value.
      • Click the + icon to add multiple headers as per your requirements.
      • To delete a header row, click the delete icon.
    4. If you select Add subject tag and forward, enter a Subject Tag.
    5. If you choose Quarantine, admins can moderate the quarantined emails from the Quarantine section.
    6. Click Proceed to add users for your organization.

    Add Users in eProtect

    The Add Users page displays the users list with their Name, Email Address, and Status. By default, the user who creates the account will be added as a Super Administrator. If required, you can change the Super Admin from the Roles & Permissions section under Organization.

    Zoho eProtect provides multiple options to add your organization's users based on your email provider:

    Import Users via CSV

    Follow these steps to import bulk users with a CSV file:

    1. Click Import and select Import using CSV file from the drop-down menu.
      Import Users via CSV
    2. Use the drop-down menu to select the preferred domain to which you wish to import the users.
    3. Select Choose file.
    4. You can either drag and drop or Choose the file to upload. The users in your CSV file will be displayed for you to further scrutinize. You can choose to import all or only select users depending on your requirement.
      Import Users
    5. Click Proceed once you choose the users.
      Import Users
    6. On the START IMPORT page, Name your import for future reference.
    7. Enter the password for the users being imported and reconfirm the password.
    8. If required select the desired options from the below:
      • Force users to change password on next log in
      • Import users only if provided group exists
    9. Click Start.
      Start Use Import
    10. The import status on success and failure of user upload will be displayed. If the import status does not refresh automatically, you can click the refresh icon. You can start using other features in eProtect and access the import status in the Import using CSV file page.

    Import Users from other email providers

    You have the option to import users from three email providers :

    Import from other Zoho services

    If you have registered your domain with other Zoho accounts, you can do so by selecting the Import from other Zoho services option. Follow the instructions available in eProtect to import users from other Zoho services.

    Add Users Manually

    Follow these steps to add users manually:

    1. Click Create on the Add users page and click the Create button.
    2. Provide a value in the fields that follow:
      • Enter the First Name of the user.
      • Enter the user's Last Name.
      • Enter the preferred Username.
      • Enter a Password for the user's account.
      • Confirm the password.
      • Select Force user to change password on first log in if you want the user to change their password.
      • Select Department or click the + icon to add a new department.
      • Enable/disable Email Protection and eDiscovery based on your requirements.
    3. Click the Save button. The user gets added successfully.
      Create User Manually
    4. Click the Proceed button to Setup email protection for your organization.

    Once you finish adding users, click Proceed.

    Setup Outbound Relay

    The final step in setting up your organization in Zoho eProtect is configuring Outbound Relay. Enabling outbound relay allows eProtect to scan the emails sent from the entire range of IP addresses used by your organization to send emails. Follow the Outbound Relay configuration steps based on your email provider:

    Follow these steps to configure outbound server details :

    1. Enable Outbound Relay in Zoho eProtect and enter your outbound IP address and IP mask.
      Setup Outbound Relay
    2. Click the Add button.
      Setup Outbound Relay
    3. The above mentioned steps are common to all email providers. 
    4. To setup outbound relay for third-party host other than Google or Microsoft, log in to your respective host and follow the steps provided there to route your emails via eProtect.
    5. Follow the steps to setup outbound relay for Google and Microsoft here.

    Note:

    Since your emails will now be sent via Zoho eProtect, there is a possibility of an SPF mismatch and hence your emails could land in the spam folders. To avoid this, it is recommended that you configure Zoho eProtect's SPF records in your domain provider's DNS settings.

    You have successfully completed setting up your account in Zoho eProtect. Click Start using eProtect to proceed to the Zoho eProtect's landing page.
    eProtect Setup Complete

    You can familiarize the various options in Zoho eProtect by taking the site tour. Click the Get Started button to start the site tour. Based on your organization's need, navigate to the eDiscovery or Email Protection sections and configure the corresponding settings.
    eProtect Product Tour

    PREVIOUS

    UP NEXT