I'm currently using an email security appliance that is configured at our MX record. In instances where Microsoft 365 experiences outages, the appliance queues the incoming emails if it can't deliver them, and then releases them once Microsoft is online again. Recently, it managed to hold around 12 hours of emails and delivered everything after the service returned.
Now, we're considering moving to an inline/API-based solution, and I'm curious about what happens during an outage in that scenario. Are we solely dependent on the sender's retry intervals during such times? Additionally, how does Microsoft handle partial outages? Do they still accept mail at the edge and queue it internally, or do they reject or defer connections?
4 Answers
We've been using Mimecast, and during a previous outage, we received all our emails once everything was up and running again since they queued them on their side.
Just a heads up, the Checkpoint inline method isn’t officially recommended or supported by Microsoft.
Do you know the reasons behind that recommendation? It's been working great for us.
We rely on Checkpoint's API-based email security, and we've always received our emails after an outage. That’s confirmed!
That's exactly what I wanted to hear—that they defer the emails to arrive at the server for retries.
With an inline/API-only setup, you depend entirely on the sender's mail transfer agent (MTA) for their retry behaviors since they're sending directly to Exchange Online. If your filter is in front, even if Microsoft is down, it will still accept and queue all incoming mail, which often helps traditional email security users during outages.
I can’t see why I would need to contact Microsoft about that setup; it works perfectly fine for us without any issues.