?
Solved

Mail Flow issues in Hybrid deployment between exchange 2003 and exchange online

Posted on 2012-03-28
4
Medium Priority
?
2,042 Views
Last Modified: 2012-03-29
I'm having trouble sending emails from my on-premises exchange server to a cloud based user.  Messages are being sent from my Exchange 2003 server and are getting stuck on the Exchange 2010 hybrid server with the Hub Transport Role installed.  The message will sit in the "dnsconnectordelivery" queue and won't go anywhere.
 
I can send emails from the cloud based mailbox to an on-premises mailbox, but have the above issue when replying.
 
I've gone throught the deployment assistant a few times and I am trying to accomplish the following:
1. Staged migration from existing exchange 2003 server to Exchnage Online cloud-based service
2. I do not require SSO
3. All inbound mail for both on-premises and exchange online mailboxes is routed through my on-premises organization
4. All mail between on-premises and exchnage online will be routed via a Hybrid Hub Transport server
5. All mail sent to external recipients from Exchange Online mailboxes will be routed directly to the internet
 
I'm wondering if this could be an issue with the Exchange Certificates used on both hybrid servers (the deployment assistant is lacking some explanation and seems to contradict itselt).
 
Thanks,
Jason
0
Comment
Question by:stoltzhelpdesk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 3

Accepted Solution

by:
Padamdeep earned 2000 total points
ID: 37780252
What is the last error you see in the DnsConnectorDelivery queue?
Increase the Verbose logging on Send Connector and see where is it failing.

Lets start with above 2 first and I'll tell you what to do next.

~ Singh
0
 

Author Comment

by:stoltzhelpdesk
ID: 37783424
@Padamdeep

Thanks for the reply.  
The last error/delivery report is "554 5.4.4 SMTPSEND.DNS.NonExistentDomain"

Below is some additional information that may help...

I used the hybrid configuration wizard with Exchange 2010 sp2.

The domains I'm currently using follow the examples below...

mycomp.mail.onmicrosoft.com  -  "Hosted"
 
mycomp.microsoftonline.com    -  "Hosted"
 
mycomp.onmicrosoft.com         -  "Hosted"

mycompany.com                       -  "Shared"

So my issue is that we are using an abbreviated version of our domain in office 365, "mycomp" as opposed to "mycompany".  

I do see the public MX record for mycomp.mail.onmicrosoft.com, but how can I create that internally (or do I)?  Do I need to create a new internal DNS zone for onmicrosoft.com and place the MX record (mycomp.mail.onmicrosoft.com) there?  Will that work?

Also, if I try to send an email from my personal email (Gmail) to user@mycomp.mail.onmicrosoft.com, i receive a "relay access denied" non deliverable.  I've found the following article that may help, but wanted to see if you agree and what domains I would need to use when following the below article.

http://www.cgoosen.com/2011/07/moving-from-bpos-to-office365-550-5-4-1-relay-access-denied/

** UPDATE

I created an internal DNS zone for onmicrosoft.com.  I added a MX record for mycomp.mail.onmicrosoft.com that points to mycomp-mail-onmicrosoft-com.mail.eo.outlook.com.

Unfortunately after waiting for DNS to replicate, I still have messages getting stuck on the Hybrid 2010 sp2 server.  

I was also wondering if the SPF/TXT record could have anything to do with this (I haven't created yet, and wasn't 100% clear on how to use it)

Thanks!
0
 

Author Comment

by:stoltzhelpdesk
ID: 37783958
After enabling verbose logging on the send connector to office 365, I was able to see that DNS was resolving to an IP address, but was just timing out or not receiving a response from the other end.
 
I figured this may just be a firewall issue and created a policy to allow SMTP traffic from my Hub Transport server to any of the Microsoft Datacenters that were listed in the Office 365 documentation (I had already allowed SMTP traffic in, but not out).
 
Once I configured the firewall, I manually selected "retry" on the message stuck in the queue and it went through immediately.  I've now been able to test mail flow in every direction with full success!

Thanks for pointing me in the right direction Singh!
0
 

Author Closing Comment

by:stoltzhelpdesk
ID: 37784065
Thanks again for leading me to the answer!
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My attempt to use PowerShell and other great resources found online to simplify the deployment of Office 365 ProPlus client components to any workstation that needs it, regardless of existing Office components that may be needing attention.
Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question