adrecal
asked on
Office 365 Migrated User from Exch2010 can Send Email External but not receive and can't receive internal/external
Hello guys and girls :-)
I have:
01 ExchangeServer 2010
01 Postfix (blargh)
01 Office 365 subscription.
Everything was flowing well until some users who were created locally and later migrated to Exchange Online were able to send external emails but could not receive external emails (gmail, hotmail ...) or local exchange emails or Postfix emails.
The header:
The following organization has rejected your message: 10.61.1.5. (10.61.1.5 is my local exchange 2010)
Diagnostic information for administrators:
Generating server: mail.postfix.mydomain.com
affectedmail@mydomain.com. br
10.61.1.5 # <10.61.1.5 # 4.4.6 smtp; 554 5.4.6 Hop count exceeded - possible mail loop> # SMTP #
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 7C30B1A8366 for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 18:47:14 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
18:40:53 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 6D1BB1A83EC for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 18:32:12 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
18:25:52 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 57D211A83BC for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 18:17:11 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
18:10:48 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 4C7431A8557 for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 18:02:07 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
17:55:43 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 47A6E1A8594 for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 17:47:02 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
17:40:40 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 3BB1D1A833F for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 17:31:59 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
17:25:38 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 3349B1A85B8 for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 17:16:57 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
17:10:32 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 2F47D1A81A8 for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 17:01:52 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
16:55:28 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 25A951A81E6 for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 16:46:48 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
16:54:58 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 272DC1A8148 for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 16:46:17 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
16:54:27 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 3AE821A8246 for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 16:45:46 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
16:54:26 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id DAF701A850F for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 16:45:45 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
16:54:26 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 8B3DC1A8246 for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 16:45:45 -0200 (BRST)
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
16:54:26 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 48DF91A850F for
<affectedmail@mydomain.com .br>; Mon, 29 Jan 2018 16:45:45 -0200 (BRST)
Received: from myexchange2010.mydomain ([10.61.1.5]) by
myexchange2010.mydomain ([10.61.1.5]) with mapi id 14.03.0361.001; Mon,
29 Jan 2018 16:54:25 -0200
From: teste <teste@mydomain.com.br>
To: regulacao.gns <affectedmail@mydomain.com .br>
Subject: teste
Thread-Topic: teste
Thread-Index: AdOZMpTxBVfKR/kYRrmLVFr9bH Bzew==
Date: Mon, 29 Jan 2018 18:54:25 +0000
Message-ID: <CC265D296F020247BD3AB0373 CDE924A717 E347B@myex change2010 .mydomain>
Accept-Language: pt-BR, en-US
Content-Language: pt-BR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.61.7.194]
Content-Type: multipart/alternative;
boundary="_000_CC265D296F0 20247BD3AB 0373CDE924 A717E347Bm yexchange2 010"
MIME-Version: 1.0
I am getting crazy. :-(
I have:
01 ExchangeServer 2010
01 Postfix (blargh)
01 Office 365 subscription.
Everything was flowing well until some users who were created locally and later migrated to Exchange Online were able to send external emails but could not receive external emails (gmail, hotmail ...) or local exchange emails or Postfix emails.
The header:
The following organization has rejected your message: 10.61.1.5. (10.61.1.5 is my local exchange 2010)
Diagnostic information for administrators:
Generating server: mail.postfix.mydomain.com
affectedmail@mydomain.com.
10.61.1.5 # <10.61.1.5 # 4.4.6 smtp; 554 5.4.6 Hop count exceeded - possible mail loop> # SMTP #
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 7C30B1A8366 for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
18:40:53 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 6D1BB1A83EC for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
18:25:52 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 57D211A83BC for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
18:10:48 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 4C7431A8557 for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
17:55:43 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 47A6E1A8594 for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
17:40:40 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 3BB1D1A833F for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
17:25:38 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 3349B1A85B8 for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
17:10:32 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 2F47D1A81A8 for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
16:55:28 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 25A951A81E6 for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
16:54:58 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 272DC1A8148 for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
16:54:27 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 3AE821A8246 for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
16:54:26 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id DAF701A850F for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
16:54:26 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 8B3DC1A8246 for
<affectedmail@mydomain.com
Received: from mail.postfix.mydomain.com (10.71.1.5) by myexchange2010.mydomain
(10.61.1.5) with Microsoft SMTP Server id 14.3.361.1; Mon, 29 Jan 2018
16:54:26 -0200
Received: from myexchange2010.mydomain (correio.mydomain.com.br
[10.61.1.5]) by mail.postfix.mydomain.com (Postfix) with ESMTP id 48DF91A850F for
<affectedmail@mydomain.com
Received: from myexchange2010.mydomain ([10.61.1.5]) by
myexchange2010.mydomain ([10.61.1.5]) with mapi id 14.03.0361.001; Mon,
29 Jan 2018 16:54:25 -0200
From: teste <teste@mydomain.com.br>
To: regulacao.gns <affectedmail@mydomain.com
Subject: teste
Thread-Topic: teste
Thread-Index: AdOZMpTxBVfKR/kYRrmLVFr9bH
Date: Mon, 29 Jan 2018 18:54:25 +0000
Message-ID: <CC265D296F020247BD3AB0373
Accept-Language: pt-BR, en-US
Content-Language: pt-BR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.61.7.194]
Content-Type: multipart/alternative;
boundary="_000_CC265D296F0
MIME-Version: 1.0
I am getting crazy. :-(
ASKER
Hello Mahesh:
How your mail flow is configured?
Internal > External:
All mails flow from Exchange to Postfix (or direct from Postfix), SMG Spam Filter and internet
External > Internal
Internet, SMG Spam Filter, Postfix, Exchange 2010
where is mx pointing?
- The MX is pointing to Office365 and Postfix;
have you whitelisted on premise exchange sending server ips to exo and vice versa?
- I think "yes". '-'
if you copy original header to mxtoolbox header analyzer, how it goes, or can you post complete header here?
The mxtoolbox printscreen was attached ^^
How your mail flow is configured?
Internal > External:
All mails flow from Exchange to Postfix (or direct from Postfix), SMG Spam Filter and internet
External > Internal
Internet, SMG Spam Filter, Postfix, Exchange 2010
where is mx pointing?
- The MX is pointing to Office365 and Postfix;
have you whitelisted on premise exchange sending server ips to exo and vice versa?
- I think "yes". '-'
if you copy original header to mxtoolbox header analyzer, how it goes, or can you post complete header here?
The mxtoolbox printscreen was attached ^^
This happened to me when I migrated a user There were a few things that I needed to change to make sure that it all Flowed Right:
Of course all of the MX records need to be pointing to either the On-Premise or O365 servers. I have a Mix of both at the moment, so as long as its pointing to the Exchange 2010 or the O365 you should be okay.
- I needed to select the correct Target Domain.
The Target domain that Needed to select was the <tenant>.mail.onmicrosoft. com domain
If the Target Domain was not selected at the time of Migration, you can fix it by making sure the user has the <tenant>.mail.onmicrosoft. com email address and then under the Migrated user on the On-Premise Recipient Configuration in EMC make sure the Migrated User's Routing Email Address is set to the <tenant>.mail.onmicrosoft. com address
- The user that was migrated didn't have the Office 365 Tenant Email address in it.
The Hybrid Configuration Wizard was supposed to modify the Address Policy to add in the <tenant>.mail.onmicrosoft. com email address, though since I have 13 Address Policies, it didn't add them to all of them, So I had to Manually Add <tenant>.mail.onmicrosoft. com to all of the policies.
- The <tenant>.mail.onmicrosoft.
com accepted domain needed to be setup as Internal Relay Domain
in the Hub Transport change the <tenant>.mail.onmicrosoft. com domain from Authoritative to Internal Relay
Of course all of the MX records need to be pointing to either the On-Premise or O365 servers. I have a Mix of both at the moment, so as long as its pointing to the Exchange 2010 or the O365 you should be okay.
ASKER
Scott, the TargetAddress <tenant>.mail.onmicrosoft. com did the trick to one Office365 mailbox. My Office365 user is OK with ProxyAddress and TargetAddress (it works a some days ago) but when a Exchange 2010 user (local, not migrated) send me a email the response is:
BadPrimary; recipient primary SMTP address is missing or invalid ##
My account ProxyAddress:
SMTP:mymail@mydomain.com
smtp:mymail@<tenant>.mail. onmicrosof t.com
My account TargetAddress:
SMTP:mymail@<tenant>.mail. onmicrosof t.com
I think we're almost there '-'
BadPrimary; recipient primary SMTP address is missing or invalid ##
My account ProxyAddress:
SMTP:mymail@mydomain.com
smtp:mymail@<tenant>.mail.
My account TargetAddress:
SMTP:mymail@<tenant>.mail.
I think we're almost there '-'
In the On-Premise EMC - Organization Configuration - Hub Transport - Accepted Domains
Is <tenant>.mail.onmicrosoft. com listed as "Internal Relay Domain"
In the On-Premise EMC - Organization Configuration - Hub Transport - Send Connectors
Do you have a "Outbound to Office 365" connector?
Address space: <tenant>.mail.onmicrosoft. com
Network: Use DNS/MX - If you query your Internal DNS fora MX record for <tenant>.mail.onmicrosoft. com do you get the right info? Something like:
Is <tenant>.mail.onmicrosoft.
In the On-Premise EMC - Organization Configuration - Hub Transport - Send Connectors
Do you have a "Outbound to Office 365" connector?
Address space: <tenant>.mail.onmicrosoft.
Network: Use DNS/MX - If you query your Internal DNS fora MX record for <tenant>.mail.onmicrosoft.
C:\Windows\system32>nslookup
Default Server: <AD-Domain>
Address: 10.0.0.10
> set type=MX
> <tenant>.mail.onmicrosoft.com
Server: <AD-Domain>
Address: 10.0.0.10
Non-authoritative answer:
<tenant>.mail.onmicrosoft.com MX preference = 10, mail exchanger = <tenant>-mail-onmicrosoft-com.mail.protection.outlook.com
<tenant>-mail-onmicrosoft-com.mail.protection.outlook.com internet address = 216.32.180.74
<tenant>-mail-onmicrosoft-com.mail.protection.outlook.com internet address = 216.32.181.42
>
ASKER
Scott my domain is:
mydomain.com - my external domain
mydomain-intern.com - my internal domain
My tenant is linked to mydomain.com.
In the On-Premise EMC - Organization Configuration - Hub Transport - Accepted Domains Is <tenant>.mail.onmicrosoft. com listed as "Internal Relay Domain"
- No. There is the acceptedDomain:
mydomain.com - Internal Relay - Default True
mydomain-intern.com - Authoritative - Default False
Mytenant.......com - Authoritative - Default False
In the On-Premise EMC - Organization Configuration - Hub Transport - Send Connectors Do you have a "Outbound to Office 365" connector? Address space: <tenant>.mail.onmicrosoft. com
I have 3 send connectors:
mydomain.com (name) - SMTP - AddressSpace mydomain.com - Cost 1 / Network - route through smart host (IP from my Postfix)
internet (name) - SMTP - AddressSpace * - Cost 1 / Network - route through smart host (IP from my SMG Spam Filter)
SendToEXO (name) - SMTP - AddressSpace <mytenant> - Cost 1 / Network - Use MX / Source Server - my exchange local server
If you query your Internal DNS fora MX record for <tenant>.mail.onmicrosoft. com do you get the right info? Something like:
Yes!! The same otuput.
mydomain.com - my external domain
mydomain-intern.com - my internal domain
My tenant is linked to mydomain.com.
In the On-Premise EMC - Organization Configuration - Hub Transport - Accepted Domains Is <tenant>.mail.onmicrosoft.
- No. There is the acceptedDomain:
mydomain.com - Internal Relay - Default True
mydomain-intern.com - Authoritative - Default False
Mytenant.......com - Authoritative - Default False
In the On-Premise EMC - Organization Configuration - Hub Transport - Send Connectors Do you have a "Outbound to Office 365" connector? Address space: <tenant>.mail.onmicrosoft.
I have 3 send connectors:
mydomain.com (name) - SMTP - AddressSpace mydomain.com - Cost 1 / Network - route through smart host (IP from my Postfix)
internet (name) - SMTP - AddressSpace * - Cost 1 / Network - route through smart host (IP from my SMG Spam Filter)
SendToEXO (name) - SMTP - AddressSpace <mytenant> - Cost 1 / Network - Use MX / Source Server - my exchange local server
If you query your Internal DNS fora MX record for <tenant>.mail.onmicrosoft.
Yes!! The same otuput.
Mytenant.......com - Authoritative - Default Falsethe <tenant>.mail.onmicrosoft.
If its Authoritative then it won't let the mail leave.
ASKER
Scott today the flow is to forward the emails through Postfix to span filter. Changing this option will continue the flow of emails through Postfix?
Are you wanting to Filter the mail from On-Premise to O365?
Think about the Flow. The mail to the O365 user needs to be delivered via the <tenant>.mail.onmicrosoft. com email. So if your On-premise server is saying that mail to that domain is Authoritative, that means the mailbox should reside on that server. Since the O365 does not, it won't leave and cant get to the O365 server.
You would need to setup the MX records to make the mail go from On-Premise -> Postfix -> O365
You would need to tell the Outbound to O365 connector for <tenant>.mail.onmicrosoft. com to use a Smart Host of the Postfix server then the Postfix server would need to know its not Authoritative either and allow the mail to then proceed to the O365 server.
Does that make sense?
Think about the Flow. The mail to the O365 user needs to be delivered via the <tenant>.mail.onmicrosoft.
You would need to setup the MX records to make the mail go from On-Premise -> Postfix -> O365
You would need to tell the Outbound to O365 connector for <tenant>.mail.onmicrosoft.
Does that make sense?
ASKER
Scott look at my nslookup:
Pointing to my internal dns:
I still dont change anything on connectors
C:\>nslookup
Servidor PadrÒo: google-public-dns-a.google.com
Address: 8.8.8.8
> set q=mx
> mydomain.com
Servidor: google-public-dns-a.google.com
Address: 8.8.8.8
Não é resposta autoritativa:
mydomain.com MX preference = 1, mail exchanger = my-domain-com.mail.protection.outlook.com
mydomain.com MX preference = 5, mail exchanger = mail.mydomain.com >>>>>> this is the postfix
Pointing to my internal dns:
C:\>nslookup
Servidor PadrÒo: MyPDC
Address: PDC IP
> set q=mx
> <tenant>.onmicrosoft.com
Servidor: myPDC
Address: PDC IP
Não é resposta autoritativa:
<tenant>.onmicrosoft.com MX preference = 0, mail exchanger = mydomain.mail.protection.outlook.com
mydomain.mail.protection.outlook.com internet address = externalIP
mydomain.mail.protection.outlook.com internet address = externalIP
I still dont change anything on connectors
mydomain.com MX preference = 1, mail exchanger = my-domain-com.mail.protection.outloo k.com
mydomain.com MX preference = 5, mail exchanger = mail.mydomain.com >>>>>> this is the postfix
In an Ideal world, the MX 5 Postfix record will never be used. Its only there in case MX 1 is not available. So if it was meant to do front end filtering, then its never going to hit that server unless O365 server is down.
You still need to change the <tenant>.mail.onmicrosoft.
for exchange 2010 to o365 why you need postfix in between?
U just need to change tenant.mail.onmicrosoft.co m to internal relay as informed by Scott and then email from exchange to O365 should directly reach to O365 via OnPrem to O365 send connector provided that tenant.mail.onmicrosoft.co m is stamped as targetaddress on migrated user properties with onpremise exchange (Mail enabled user - MEU)
Also you have mentioned that O365 user is unable to get emails from gmail, yahoo etc?
This should not be an problem as long as MX with higher precedence is pointing to O365 and user Primary SMTP address in cloud is
%user%@domain.com where domain.com is primary SMTP domain at cloud
U just need to change tenant.mail.onmicrosoft.co
Also you have mentioned that O365 user is unable to get emails from gmail, yahoo etc?
This should not be an problem as long as MX with higher precedence is pointing to O365 and user Primary SMTP address in cloud is
%user%@domain.com where domain.com is primary SMTP domain at cloud
ASKER
Mahesh i need postfix between Exch2010/Office365 temporally because another IT Analyst (he loves linux...) configures anti-spam/firewall this way. And license from anti-spam/firewall is over and don't have a way to change the flow.
Flow today:
Firewall/Antispam
postfix
exchange/office365
Flow someday (i hope)
Firewall/Antispam
exchange/office365
Flow today:
Firewall/Antispam
postfix
exchange/office365
Flow someday (i hope)
Firewall/Antispam
exchange/office365
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
O365 is already having built-in Microsoft protection gateway which takes care of antispaming or any other security aspects
When mail enter to O365 MX and if user is on-premise, the mail is internal for exchange and should reach directly to exchange through o365 backend firewall only
Postfix would be required only for outgoing communication from OnPrem exchange to internet domains (except onmicrosoft domain for which you already have another connector) so that you can utilize postfix functionality for outbound emails from exchange
When mail enter to O365 MX and if user is on-premise, the mail is internal for exchange and should reach directly to exchange through o365 backend firewall only
Postfix would be required only for outgoing communication from OnPrem exchange to internet domains (except onmicrosoft domain for which you already have another connector) so that you can utilize postfix functionality for outbound emails from exchange
I have several domains that are Mixed in terms of where the MX Points to. Some are to O365 and some are to our On-Premise Filtering and Exchange server. So for External to Internal its not a issues of where the MX Points as long as it gets to one or the other exchange/office365 and they know how to get to each other.
If his IT Analyst wants the postfix in the mix and does not want to use the MS outlook Protection thats part of the Office 365 License thats fine, he just needs to be sure the domains are setup as Internal Relay and the systems know how to get the email to the server that is hosting the mailbox.
If his IT Analyst wants the postfix in the mix and does not want to use the MS outlook Protection thats part of the Office 365 License thats fine, he just needs to be sure the domains are setup as Internal Relay and the systems know how to get the email to the server that is hosting the mailbox.
ASKER
My external DNS provider proceed with this resolution and accomplish the goal.
where is mx pointing?
have you whitelisted on premise exchange sending server ips to exo and vice versa?
if you copy original header to mxtoolbox header analyzer, how it goes,
or can you post complete header here?