SMTP relay between local Exchange has internet connection with the Public O365

on exchange onpremise server create receive connector which will accept emails only from those servers IP address with permissions as anonymous users

From those server what interface you have to send emails? and where those emails should go? the domain in O365?

U need interface on servers where you can specify exchange onpremise server IP and 25 port with message and recipient email address and then exchange will forward that email to O365

May be you can use PowerShell cmdlets to send emails
https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/send-mailmessage?view=powershell-6

Dear Mahesh,
thank you for your reply,
the local servers use IP rang 10.10.10.0/24 and my exchange local "on-premise IP is 10.10.20.0/24 and this Exchange assign with one Public IP address : 109.x.x.x,
For the new On-premes Exchange local server , Shall I need to create new Mx or SPF records?
Kindly find the following answer for your question:
From those server what interface you have to send emails? and where those emails should go? the domain in O365?
 The local servers we need just to type the local SMTP Exchange new server and the new Exchange will send this request to the O365 .

thanks in advanced,

you don't need MX as you are not receiving emails on this exchange server, correct?

if you will receive emails on exchange server, you do need MX and public IP etc

if source exchange accepted domain is different from exchange online accepted smtp domain, you can simply create one SPF record for onpremise exchange and exchange will forward emails to O365 by DNS MX lookup method

However if source and target SMTP domain is same, you need connector between o365 and exchange onpremise created at O365 side which can accept emails from onpremise exchange server public IP address

Thank you for your rely,
Kindly find the answer of your questions:
1- you don't need MX as you are not receiving emails on this exchange server, correct? Yes correct

2- if source exchange accepted domain is different from exchange online accepted smtp domain, you can simply create one SPF record for onpremise exchange and exchange will forward emails to O365 by DNS MX lookup method : my existing environment we have different name from the local domain and O365 : My Local domain name is Mydomain.local , and the public domain is Mydomain.com.lb , SO what the SPF I need to create and when I need to create ? on my local DNS or on my Public O365 domain ?

3-  if source and target SMTP domain is same, you need connector between o365 and exchange onpremise created at O365 side which can accept emails from onpremise exchange server public IP address
Is this your solution? the local Domain is different name from the Public Domain

thank in advanced,

so you have domain.local which is not available on internet,  in that case 1st create receive connector with onpremise exchange server which accepts emails from those servers as stated in 1st comment and simply create one connector in O365

follow Part 2: Configure mail to flow from your email server to Office 365 from below article

https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-to-route-mail

Thank you Mr.Mahesh, I will follow this steps and update you,
Kindly shall we need to creat SPF DS record in DNS?

Best Regards,

No, in this case SPF records are not required since your exchange public IP will be added to o365 connector as whitelisted IP and  it will accept emails from exchange server without SPF

also when you create receive connector to accept emails from those servers, check anonymous users as permissions group and also select externally secured connector

Dear Mahesh,

thank you for your reply,
when I cresting send connector to the Smart host the name for the smart host must be the Domain name or the MX record name ?
Best regards,

Sir , Also after I sent mail test from my on-premes exchange server to the O365 I got the following error:


550 5.7.606 Access denied, banned sending IP [109.127.89.74]. To request removal from this list please visit https://sender.office.com/ and follow the directions. For more information please go to  http://go.microsoft.com/fwlink/?LinkID=526655 (AS16012609) [HE1EUR01FT044.eop-EUR01.prod.protection.outlook.com]

Best regards,

when I cresting send connector to the Smart host the name for the smart host must be the Domain name or the MX record name ?

U don't need special send connector at onpremise network, default send connector to internet is sufficient pointing to *

109.127.89.74 - Is this your onpremise exchange public IP?

did you created connector at o365 as stated in link? and if above public Ip is added as being exchange server IP

Dear Mahesh,
kind;y fond the following answer:
1- 109.127.89.74 - Is this your on premise exchange public IP? yes this public IP address that I use for my internet connectivity due my On-premise exchange server has private.

2- dod you create connector on o365 as stated in link? and if above Public IP address as being exchange server IP ? Yes I create connector on my O365 and I listed this Public IP address , the connector that I have created is from organization to the O365

Kindly any solution please ?

Thanks in advanced,

OK, it seems that that public IP is blocked by O365

follow instructions in below link
https://docs.microsoft.com/en-in/office365/SecurityCompliance/use-the-delist-portal-to-remove-yourself-from-the-office-365-blocked-senders-lis

Dear Mahesh,
I did the above instruction , now when I have sent mail by Use Cmmand line I got the following error:
" 250 2.6.0 <c40ac5f9-c8bc-4c6c-addb-5c1f7b5aa9be@VE1EUR01FT032.eop-EUR01.prod.protection.outlook.com> [InternalId=15560666516107, Hostname=AM6P192MB0472.EURP192.PROD.OUTLOOK.COM] 8642 bytes in 0.192, 43.764 KB/sec Queued mail for delivery
451 4.7.0 Timeout waiting for client input [VE1EUR01FT032.eop-EUR01.prod.protection.outlook.com]

and in the Exchange mail quie I found the following message:
Recipients:  Mydomain.com.lb;2;2;A matching connector cannot be found to route the external recipient;16;<No Matching Connector>;0

Regards

from command line where you email is relayed, on onpremise exchange?

what interface u have on those servers to send email?

your onpremise servers should send email to onpremise exchange

onpremise exchange will forward them to internet / O365

I did the test send mail from my onpremise  exchange the mail must relayed from our local server to the the O365 ,
and I used the local interface for the server exchange onpremise and the local onpremise exchange I need to send mail to o365

I check my public IP address are listed black as attached photo , how I can do to make de-listed ?

you need to communicate with black list provider to unlist your IP address

Dear Mahesh,
we have only one interface on the onpremes exchange server to received from the local server and send to the internet O365

Best regards,

do you think the black list will stop of to send mail ?
Also, do you have some tools of instructor to make de-list our Public IP due the ISP said he can't do that !

Regards,

check below thread
https://whatismyipaddress.com/blacklist-removal

It should help

Dear Mahesh,
as your experience , can I register my Public IP address on an trust DNS organization and they will handle to protect and remove my Public IP address from the black list ?

Best regards,

Basically you need to follow instructions on black list provider site to unlist your IP
OR
U can contact O365 support to help with
OR
instead of maintaining exchange and sending email to O365, better you can use smart host solution such as sendgrid and send your emails to there server and they will send it to O365

OR

configure your exchange server to forward emails to sendgrid and sendgrid will take care of further

Smart host service will accept your email even your IP address is blacklisted

thank you for your reply,

kindly how we can get and configure our exchange server to forward emails to sendgrid and sendgrid will take care of further?

thanks in advanced,

I think the two solution we can canfigure :

how to make this solution " instead of maintaining exchange and sending email to O365, better you can use smart host solution such as sendgrid and send your emails to there server and they will send it to O365 "

Best regards,

refer sendgrid web site and you should look for SMTP API with sendgrid

Basically you need to register account with sendgrid, then generate API key and username
API key is nothing but your smart host authentication password

Then create send connector on exchange server towards internet (* OR your o365 domain) with sendgrid smart host and it will do the job

OR

U can define sendgrid api key and password with your onpremise servers which need to sed emails to O365 and send emails directly to sendgrid

thank you for your suggestion,
In our case which solution is more suitable to do it ?

Best regards,

smtp providers hide your IP from recipients and save you from being blacklisted, if you don't want to manage hassle of IP blacklisting, use smart host services

There are many in market which actually provides you service free of charge for specific amount of emails and it can operate without exchange servers

If your quantity is high, it will charge you little

This way you don't need to maintain exchange server only for email relaying purposes

Look at below article:
Its not exactly what you want, but you can get idea about smart host services
https://www.experts-exchange.com/articles/32747/Azure-SMTP-Restrictions-Resolution-with-SMTP-Relay-Services.html

Dear Mahesh
We have change our Public IP address and now the public is clear but we are still facing the same issue , we can't sent mail throght the our relay exchange ,  and when I did the send mail thog CMD , I got the follwoing message:

250 2.6.0 <790ded7d-c448-446b-b842-b49bee863364@DB5EUR01FT004.eop-EUR01.prod.protection.outlook.com> [InternalId=773094118295, Hostname=AM6P192MB0471.EURP192.PROD.OUTLOOK.COM] 8444 bytes in 0.188, 43.851 KB/sec Queued mail for delivery

On Our exchange I did send connector with MX-record and received connection , and also I created connector on O365

Kindly your support please ,

Dear Mahesh,

Now I can send mail to other domain such as Gmail, but I can't send mail to our Domain O365 !

Kindly what is that issues?

Best regards,

What error you are facing?

You are sending emails to O365 email address through smart host?

the following message I received when I sent to the an account on O365:

250 2.6.0 <c8eba59c-b890-46cd-b415-699bb19dc237@VE1EUR01FT056.eop-EUR01.prod.protection.outlook.com> [InternalId=12983686142132, Hostname=AM0P192MB0467.EURP192.PROD.OUTLOOK.COM] 8560 bytes in 0.209, 39.900 KB/sec Queued mail for delivery

You are sending emails to O365 email address through smart host? No I used MX-Record send connector

Best regards,

kindly any solution please ?

regards,

I can do one to one session to get it through but don't want to do it for free as it will take time to identify issues and get resolution

ok , what shall we can do ?

Dear Mahesh,
how we can open session in payment ?
Best regards,

I dropped you message regarding live session timings, pl reply on message

I reply are you available now ?