Mail Flow issues in Hybrid deployment between exchange 2003 and exchange online

I'm having trouble sending emails from my on-premises exchange server to a cloud based user.  Messages are being sent from my Exchange 2003 server and are getting stuck on the Exchange 2010 hybrid server with the Hub Transport Role installed.  The message will sit in the "dnsconnectordelivery" queue and won't go anywhere.
 
I can send emails from the cloud based mailbox to an on-premises mailbox, but have the above issue when replying.
 
I've gone throught the deployment assistant a few times and I am trying to accomplish the following:
1. Staged migration from existing exchange 2003 server to Exchnage Online cloud-based service
2. I do not require SSO
3. All inbound mail for both on-premises and exchange online mailboxes is routed through my on-premises organization
4. All mail between on-premises and exchnage online will be routed via a Hybrid Hub Transport server
5. All mail sent to external recipients from Exchange Online mailboxes will be routed directly to the internet
 
I'm wondering if this could be an issue with the Exchange Certificates used on both hybrid servers (the deployment assistant is lacking some explanation and seems to contradict itselt).
 
Thanks,
Jason
stoltzhelpdeskAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

PadamdeepCommented:
What is the last error you see in the DnsConnectorDelivery queue?
Increase the Verbose logging on Send Connector and see where is it failing.

Lets start with above 2 first and I'll tell you what to do next.

~ Singh
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
stoltzhelpdeskAuthor Commented:
@Padamdeep

Thanks for the reply.  
The last error/delivery report is "554 5.4.4 SMTPSEND.DNS.NonExistentDomain"

Below is some additional information that may help...

I used the hybrid configuration wizard with Exchange 2010 sp2.

The domains I'm currently using follow the examples below...

mycomp.mail.onmicrosoft.com  -  "Hosted"
 
mycomp.microsoftonline.com    -  "Hosted"
 
mycomp.onmicrosoft.com         -  "Hosted"

mycompany.com                       -  "Shared"

So my issue is that we are using an abbreviated version of our domain in office 365, "mycomp" as opposed to "mycompany".  

I do see the public MX record for mycomp.mail.onmicrosoft.com, but how can I create that internally (or do I)?  Do I need to create a new internal DNS zone for onmicrosoft.com and place the MX record (mycomp.mail.onmicrosoft.com) there?  Will that work?

Also, if I try to send an email from my personal email (Gmail) to user@mycomp.mail.onmicrosoft.com, i receive a "relay access denied" non deliverable.  I've found the following article that may help, but wanted to see if you agree and what domains I would need to use when following the below article.

http://www.cgoosen.com/2011/07/moving-from-bpos-to-office365-550-5-4-1-relay-access-denied/

** UPDATE

I created an internal DNS zone for onmicrosoft.com.  I added a MX record for mycomp.mail.onmicrosoft.com that points to mycomp-mail-onmicrosoft-com.mail.eo.outlook.com.

Unfortunately after waiting for DNS to replicate, I still have messages getting stuck on the Hybrid 2010 sp2 server.  

I was also wondering if the SPF/TXT record could have anything to do with this (I haven't created yet, and wasn't 100% clear on how to use it)

Thanks!
0
stoltzhelpdeskAuthor Commented:
After enabling verbose logging on the send connector to office 365, I was able to see that DNS was resolving to an IP address, but was just timing out or not receiving a response from the other end.
 
I figured this may just be a firewall issue and created a policy to allow SMTP traffic from my Hub Transport server to any of the Microsoft Datacenters that were listed in the Office 365 documentation (I had already allowed SMTP traffic in, but not out).
 
Once I configured the firewall, I manually selected "retry" on the message stuck in the queue and it went through immediately.  I've now been able to test mail flow in every direction with full success!

Thanks for pointing me in the right direction Singh!
0
stoltzhelpdeskAuthor Commented:
Thanks again for leading me to the answer!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.