asked on
External users cannot send emails to Office 365 groups. receive bounce back saying: Your message can't be delivered because delivery to this address is restricted.
Hello Experts. In our env, we have Exchange 2013 CU21 in a hybrid configuration with Office 365. We also leverage Azure AD Connect to sync our AD with Azure AD, so we are fully in a hybrid scenario, when centralized mailflow. My issue is, I create an office 365 group from Exchange online portal, and select 'Let people outside the organization send email to the group', people from outside the organization still cannot send emails to the group, or any office 365 group for that matter. I've noticed in the Office 365 portal, when i select the office 365 group, i see the option: Allow outside senders --- set to OFF, when i try to change it to ON, it gives an error saying it cannot be done, and if the group has been recently created, please try again. although it has been more then a few days since the Office 365 group was created. People from outside the organization receive a bounce back when they try to email the group saying: Your message can't be delivered because delivery to this address is restricted.
Is anyone else facing this issue, please let me know how this can be resolved. the Office 365 group is successfully being written back to our on-prem AD, and our on-prem Email filtering solution, the email makes it through to our organization but gets rejected...i believe by Office 365.
Is anyone else facing this issue, please let me know how this can be resolved. the Office 365 group is successfully being written back to our on-prem AD, and our on-prem Email filtering solution, the email makes it through to our organization but gets rejected...i believe by Office 365.
Microsoft OfficeExchangeMicrosoft 365Active Directory
Last Comment
Mahesh
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
NewGuy,
connect to powershell on o365 and run the following against that distribution group
Set-DistributionGroup 'emailaddressofthedistribu
connect to powershell on o365 and run the following against that distribution group
Set-DistributionGroup 'emailaddressofthedistribu
Above command needs to be done from onpremise exchange shell I believe since you are getting error while allowing external sender
This is because when group write backed to onpremise AD, it turned into AD synced object which don't allow you to alter settings from cloud shell I believe
This is because when group write backed to onpremise AD, it turned into AD synced object which don't allow you to alter settings from cloud shell I believe
Using your Exchange Admin Center (on premises):
Remove the group
Create the group again, assign group membership again with only you and another IT team member.
Make sure in Delivery Management, "Senders inside and outside of my organization" is selected.
Make sure the desire email address is correct and is included on your email/spam filter.
Test emailing the group from within the organization first... then test from the outside (outlook.com, google.com, etc.) If you still get the error post it here. If not, go back to the group and add members in groups of 2 or 3, test and repeat until you find a failing group or success after all members are in. Just to remove the possibility of a loop somewhere!!!
Remove the group
Create the group again, assign group membership again with only you and another IT team member.
Make sure in Delivery Management, "Senders inside and outside of my organization" is selected.
Make sure the desire email address is correct and is included on your email/spam filter.
Test emailing the group from within the organization first... then test from the outside (outlook.com, google.com, etc.) If you still get the error post it here. If not, go back to the group and add members in groups of 2 or 3, test and repeat until you find a failing group or success after all members are in. Just to remove the possibility of a loop somewhere!!!
@Mahesh- If he created the DL directly on O365 the commands run against the dL in fact will work via powershell connected to o365.
If the dl was created on prem and synced to o365 he would have to edit the settings of the dl from on prem.
If the dl was created on prem and synced to o365 he would have to edit the settings of the dl from on prem.
he enabled group write back in O365
But obvious, groups are replicated to on premise and became synced identities
But obvious, groups are replicated to on premise and became synced identities
When you try to use both O365 and on-premises you run into situations such as this.