Final Steps

Remove any unwanted SPF records from DNS that are no longer required.

Ensure inbound and outbound firewall rules AND/OR mail server connector rules (e.g. Office 365) where appropriate are locked down to only allow authorized GravityZone Security for Email SMTP servers inbound and outbound.

For on-premise Exchange environments take care of any internal servers that are configured to send outbound directly rather than via Exchange. Ensure Firewall rules continue to allow SMTP traffic outbound from these sources OR ensure they are relayed via Exchange.