Exchange 2007 *SMTP SmartHost* Comcast Migration to Office365 Nightmare

We have an in-house Exchange 2007 server (on SBS2008) and to our surprise, as of yesterday, Comcast decommissioned almost all their SMTP/Mail servers and migrated to MS Office365.  So they gave us an "" username, password and new SMTP settings.  When I enter them in the smarthost config I get a bounce-back almost immediately.  I've been searching for approx 24hrs straight and can't seem to find any solution.  Below is the NDR.  BTW, already tried the uncheck, "require all senders are authenticated" in Distribution Group "all users" and still the same error of not having permissions.  The first part of the NDR makes me think it's an Exchange issue, then it goes onto saying that the Office365 server rejected the email.  I've been on the phone with Office365 support and they're not sure what the story is.

Any help would be awesome.
Thanks so much.
Delivery has failed to these recipients or distribution lists:
Your message wasn't delivered because of security policies. Microsoft Exchange will not try to redeliver this message for you. Please provide the following diagnostic text to your system administrator.

The following organization rejected your message:

Diagnostic information for administrators:

Generating server: SERVER.ERB.local #550 5.7.60 SMTP; Client does not have permissions to send as this sender [] ##

Original message headers:

Received: from SERVER.ERB.local ([fe80::3d0c:2ce5:3688:1188]) by
 SERVER.ERB.local ([fe80::3d0c:2ce5:3688:1188%10]) with mapi; Wed, 20 Dec
 2017 18:57:21 -0500
From: Mike Smith <>
To: "" <>
Date: Wed, 20 Dec 2017 18:57:20 -0500
Subject: test
Thread-Topic: test
Thread-Index: AQHTee5GiET2M8gnGkCoOAhaxo+vRA==
Message-ID: <1884674F137AAF4EBCA3A374FABE759E039FC2D03A00@SERVER.ERB.local>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
x-tm-as-product-ver: SMEX-
x-tm-as-result: No--5.927900-5.000000-31
x-tm-as-user-approved-sender: No
x-tm-as-user-blocked-sender: No
Content-Type: multipart/alternative;
MIME-Version: 1.0
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

yo_beeDirector of Information TechnologyCommented:
Have you tried by passing the SmartHost and sending straight out?

If not I would try that.
XChangingITAuthor Commented:
I haven't tried that yet but I think the... "Your message wasn't delivered because of security policies. Microsoft Exchange will not try to redeliver this message for you. " would still be an issue.
yo_beeDirector of Information TechnologyCommented:
Not sure if you have credential you need to setup a smarthost and seems to be the cause.

Do you need a smarthost ?
IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.

XChangingITAuthor Commented:
The SmartHost config goes thru fine with our credentials from Office365.  I just want to be able to send mail.  We recieve it fine.
yo_beeDirector of Information TechnologyCommented:
XChangingITAuthor Commented:
Hi thanks for the quick reply.  Actually the Office 365 guy came across that article.  Admittedly I never created a relay thru IIS so the devil could be in those details but it seems as if they want you to put your company domain as an alternate on the Office365 server.  Would that mean add every user name in the company as an alias on under the Office 365 user?  Keep in mind we only have 1 user on Office365 and thats the one we use for SMTP authentication.

this is the line I'm referring to...

For example, if the account that you’re relaying from is and you want to relay through (an Office 365 user), you have to add as an alternate email address to
yo_beeDirector of Information TechnologyCommented:
It does look like you do need an account on O365 for each mailbox.  

I would try bypassing the SmartHost and have it route out directly as I stated.
XChangingITAuthor Commented:
LVL 24, My previous comment still stands tho, not sure if I was clear in my explanation but we have 60 exchange users and one on Office365 its saying IMO that we should create an alternate email for all 60 users in the one user of Office 365?  Not sure if Im even reading that correctly.  What are ur thoughts?  

...and what about using a SmartHost would make it any different than a direct connection?

XChangingITAuthor Commented:
I just figured it out.

for anyone else who is curious, this was the solution that worked for me.

thanks for the help

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
XChangingITAuthor Commented:
thanks for your help!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.