An existing email gateway is required, whether on-premises or cloud-based. Access to the service is secured via TLS-only connections, and all inbound email must pass through antivirus and anti-spam (AV/AS) security filters.