Good to hear.
Check other settings:
- certificate should be valid (some recipient domains check if its valid)
- offering client certificate currently is not a good idea, eg no connection to/from office365 can be esteblished
- keep an eye on your delivery queue, it should not rise
- depending on SSLv3 and fips en- or disabled the cipher suites differ
- if you use enforced tls connections, use openssl to check the negotiated ciphers - if they are weak think of other communication routes
I'm sure i missed something, but its a good start
Thomas