Salesforce
Salesforce is a powerful and dynamic Customer Relationship Management (CRM) system. It provides customer relationship management service and also provides a complementary suite of enterprise applications focused on customer service, marketing automation, analytics, and application development.
This integration guide provides a summary and examples of a few of the ways Virtru and Salesforce applications can be integrated to provide secure communications.
Jump to:
SMTP Relay
In order to use your existing email tenant (Gmail/O365) to deliver email from Salesforce, SMTP relay will need to be configured. There are 2 key components within Salesforce that need to be configured:
Deliverability
- Setup
- Administration
- Deliverability
Email Delivery Settings
- Setup
- Administration
- Email Delivery Settings
-
Email Relay
-
Specify the SMTP Host you will be using to relay, along with the TLS and AUTH settings
-
- Gmail uses hostname: smtp-relay.gmail.com & Port 587
- O365 uses hostname: DOMAIN-com.mail.protection.outlook.com & Port 25
- Enable SMTP Auth is optional
-
-
Specify the SMTP Host you will be using to relay, along with the TLS and AUTH settings
-
Email Domain Filter
- Specify the Sender & Recipient Domain filter and the Email relay you’ve set up. We recommend using the * to allow all Domains
Additional Settings in Deliverability: Email Security Compliance (Emails from Salesforce or Email Relay Only): This setting should be disabled. (This may prevent emails from SF from being relayed to Google). SF resources for additional context linked here: Help And Training Community
*Please note that you will need to ensure SMTP relay is active in your Gmail/O365 environment. The following articles can be used as references:
Salesforce IP Addresses to Allow for SMTP Relay:
Please note that you will need to ensure SMTP relay is active in your Gmail/O365 environment. The following articles can be used as references:
-
SMTP relay: Route outgoing non-Gmail messages through Google - Google Workspace Admin Help
-
How to set up a multifunction device or application to send email using Microsoft 365 or Office 365
-
Salesforce IP Addresses to whitelist for SMTP Relay in Google
-
If using Hyperforce, these are the Salesforce list of IP addresses to allow:
-
Email-to-Case
The most common use case in which Virtu supports Salesforce to secure sensitive information is Email-to-Case. Salesforce automatically creates cases and auto-populates case fields when customers send messages and ongoing communications via email are managed within the Case application. This functionality allows users to efficiently resolve customer issues.
Email-to-Case Configuration:
Administrators can access the Email-to-Case Settings by Searching “Email-to-Case” in the Setup page “Quick Find” window, or by navigating to:
- Setup
- Platform Tools
- Feature Settings
- Service
- Email to Case
For the Email-to-Case configuration, the following parameters should be set:
*Please note that the routing address will also need to be configured. This will be used if inbound decryption of messages is required for your deployment as well.
Inbound Emails
For inbound emails that need to be routed to the Virtru Data Protection Gateway for decryption. We recommend the following configuration:
Salesforce & Gmail/O365 Configuration
- Email-to-Case is configured
-
Salesforce Routing Address is configured
- This is configured in the Email-to-Case setup page in Salesforce, which is referenced above
-
Gmail/O365 email address fwd. rule is configured.
- Example scenario: Patient sends email to support@customer.com a fwd rule is configured in your Gmail/O365 inbox which will fwd emails coming to support@customer.com to your Salesforce Email Service Address. This address is typically support@34987434378jhkdfhfieyfi8kjdshd.salesforce.com
Inbound Decrypt Hosted Gateway Configuration
*Please note that all email addresses that are sending email from Salesforce through the Gateway need to be licensed Virtru users
Outbound Emails
For outbound emails that need to be routed to the Virtru Data Protection Gateway for encryption. We recommend the following configuration:
Salesforce & Gmail/O365 Configuration
- SMTP Relay is configured in Salesforce and email is flowing to your Gmail/O365 Environment
- Case Threading is Configured (if required)
- Triggering Compliance Rule(s) is Configured
Outbound Encrypt Hosted Gateway Configuration
*Please note that all email addresses that are sending email from Salesforce through the Gateway need to be licensed Virtru users
Case Threading
Virtru supports Salesforce case threading both via ThreadID and MessageID. If your Salesforce environment is still using ThreadID and hasn’t changed over to MessageID for case threading, please ensure that “Insert Thread ID in the Email Subject” is checked under the Email-to-Case Settings
Administrators can access the Email-to-Case Settings by Searching “Email-to-Case” in the Setup page “Quick Find” window, or by navigating to:
- Setup
- Platform Tools
- Feature Settings
- Service
- Email to Case
If your Salesforce environment has MessageID enabled for case threading, no further action is required.
In some cases where you are not seeing the email replies to your case being threaded properly, you may also need to enable the feature "Enable Case Feed Actions and Feed Items" in the Salesforce Support Settings section. More info can be found here if needed:
Triggering Compliance Rule
In order for the Gmail/O365 compliance rule to trigger based on the key words we’ve configured, we need to ensure that the email from Salesforce contains the keyword(s).
The following optional methods have been tested:
- Option 1: A user manually adds the keyword to the subject line
- Option 2: A Salesforce Administrator can create a custom button in the email object manager page which will add the keyword trigger to the subject line
- Option 3: An administrator/user can create a custom email template with the keyword added to the subject line