When SEG cannot reach the email server directly due to network restrictions, the traffic from SEG is routed through the outbound proxy. The outbound proxy is accessible from SEG, and in turn the SEG can reach the email server.

If SEG is configured to proxy the EWS requests, then the outbound proxy configuration is also applicable to the EWS traffic. The following procedure describes the steps to enable the outbound proxy between the SEG and the email server.


  1. Log in to the SEG server.
  2. Navigate to the proxy-config.json file and edit the file using any text editor.
    Note: For the Windows deployment, the proxy-config.json file is at the <SEG_Install_Dir>\config folder and for SEG on UAG deployment, the file is at the /opt/vmware/docker/seg/container/config folder.
  3. In the JSON file, update the emailProxy field with all the details. The following table lists the description of each field shown in the sample entry.
    "emailProxy" : {
    "enabled" : true,
    "host" : "http(s)://example.email.proxy.host:port",
    "user" : "example_user",
    "password" : "example_password.plaintext"
    Field Value or Default value Description

    Value - Boolean flag

    Default value - false

    Set this value to true to enable the outbound proxy for the email traffic.
    host Specify the FQDN of the proxy in the protocol://host:port format. The protocol can be http or https and the host can be the hostname or IP address of the proxy server.
    user Specify a user name if the proxy needs authentication.
    Note: Only basic authentication is supported.
    password Specify a password if the proxy needs authentication. Enter the plain text password with the .plaintext suffix.

    For example, if xyz_abc is the password, then provide xyz_abc.plaintext as the value.

    Upon restart, SEG reads the configuration and overwrites the file with the encrypted password text.

  4. Save the changes and restart the SEG service.