Routing mail through exchange 2016

Dear Experts,

I have a single exchange server 2016 standard server in a 2012R2 domain with about 20 mailboxes.  I have been tasked with installing a Sophos Mail encryption product (SPX) so that selected messages can be encrypted.  The SPX is a virtual appliance and it has been setup and configured.  

So in order to have the encryption work, outgoing messages must be routed through the SPX.  The appliance will pickup on the keywords and apply the encryption as necessary.  Some senders were getting NDRs but I believe this was due the SPX not having an FQDN configured (separate issue - I'll get that sorted I'm sure).

Now I have been asked to deploy Exclaimer to add disclaimer notes to the end of messages. So I'm wondering how I can route mail properly.  I'm guessing:

mail client  >  exchange connectors  >  SPX

I'd thought of:
mail client  >  exchange connectors  >  SPX  >  another exchange connector

but that looks a bit silly.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Viral RathodConsultantCommented:
No need to change anything.

Please create transport rule which will add disclaimer to your outgoing mails.

Following article will help you to create transport rule for disclaimer.
IvanSystem EngineerCommented:

Usually when you implement something like that, you reconfigure Exchange to route mail thru it.
So I guess you should reconfigure send connector, and in delivery tab, change to "Route mail through smart hosts" and enter ip address of SPX. That would route email from Exchange to SPX, and then SPX would route to internet.

Client --> Exchange --> SPX --> Internet


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Tom CieslikIT EngineerCommented:
Ivan has right, but also You need to put your SPX IP in your External DNS as A record and add it to you SPF record to be legit for recipients server.
To generate SPF you can use simple internet SPF generator.
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Annie RoseTech LeadCommented:
Outbound Mail Flow for Exchange Server 2016:

Learn about mail flow and the transport pipeline in Exchange 2016:

Exchange 2016 - Mail Routing:
Ajit SinghCommented:
Is there any update?
tech53Author Commented:
Thanks folks. I struggled with this for a while.  I created a FQDN for the SPX and corresponding SPF record.  No problems since.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.