IT Admin

Damian Gardner

<div>
Hello Fox - thank you for your fast help. &nbsp;I read the section on updating the settings - I am assuming I need to do the "internal relay" method, correct? it says "exchange will check for the recipient, and if the recipient does not exist, then it will reject it" - this is what I want, right?<br><br>thanks for your help
</div>


<div>
yes I do believe that is one of your issues....set it as an internal relay. &nbsp;
</div>


<div>
very good - let me do that and see what happens. &nbsp;thanks and i'll revert back soon.
</div>


<div>
Ok - so I'm having trouble on how to specify the "scenario" for the O365 connector - I've basically want email coming IN to our alias domain to be delivered to one of our mailboxes on our Exchange Online - no different from our primary domain addresses, except that its a secondary alias domain we also accept inbound. &nbsp;So -<br><br>1st question in the connector is who is the FROM and who is the TO: &nbsp;<br><br>Choices: &nbsp;A) Office 365, B) your org's email server, C) partner org, D) Internet<br><br>Would this be "Office 365 to Partner"?<br><br><br>If so, it asks :<br><br>How do you want to route email messages?<br><br>Specify one or more smart hosts to which Office 365 will deliver email messages. A smart host is an alternative server and can be identified by using a fully qualified domain name (FQDN) or an IP address.&nbsp;<a href="http://technet.microsoft.com/en-US/library/ms.exch.eac.ConnectorSpecifySmarthosts(EXCHG.150).aspx?v=15.20.3000.22&amp;l=1&amp;s=BPOS_S_E15_0" rel="ugc">Learn more</a>Specify one or more smart hosts to which Office 365 will deliver email messages. A smart host is an alternative server and can be identified by using a fully qualified domain name (FQDN) or an IP address. Learn more<br><table><tbody><tr><td>Use the MX record associated with the partner's domainSelect to send messages to the MX record destination for the targeted recipients.</td></tr><tr><td>Route email through these smart hosts</td></tr></tbody></table><br>Is it "Use MX record associated..." ?<br><br><br>Then it asks about TLS - should I restrict to "only TLS"?<br><br><br>Here's the summary of this - your thoughts?<br><br><table><tbody><tr><td>New connector</td></tr></tbody></table>Confirm your settings<br>Before we validate this connector for you, make sure these are the settings you want to configure.<br><br>Mail flow scenario<br>From:&nbsp;Office 365<br>To:&nbsp;Partner organization<br><br>Name<br>France Connector<br><br>Description<br>France for eu.laco.com<br><br>Status<br>Turn it on after saving<br><br>When to use the connector<br>Use only for email sent to these domains: eu.laco.com<br><br>Routing method<br>Use the MX record associated with the partner’s domain.<br><br>Security restrictions<br>None<br><br><br>Thanks Fox<br><br>&nbsp;
</div>


<div>
I tested that previous one I described, and it fauiled. &nbsp;so I changed it to this - maybe this is now correct? &nbsp;(I'm testing it now):<br><br>Mimecast to O365<br>Mail flow scenario<br>From:&nbsp;Partner organization<br>To:&nbsp;Office 365<br><br>Description<br>None<br><br><br>Status<br>On<br><a href="https://outlook.office365.com/ecp/Connectors/ViewInboundConnectorDetails.aspx?reqId=1589681723665&amp;isNarrow=t&amp;id=c277a080-2e1e-4e3b-98c0-d668918f9017#" rel="ugc nofollow">Turn it off</a><br><br>How to identify your partner organization<br>Identify the partner organization by verifying that messages are coming from these domains: *<br><br><br>Security restrictions<br>Reject messages if they aren’t encrypted using Transport Layer Security ‎(TLS)‎.<br>Reject messages if they don’t come from within these IP address ranges: 63.128.21.0/24,216.205.24.0/24,205.139.111.0/24,205.139.110.0/24,207.211.30.0/24,207.211.31.0/25<br><br><br><br><br>
</div>


<div>
and it failed. &nbsp;I don't know why this is so difficult to grasp.&nbsp;&nbsp;
</div>


<div>
Your scenario doesnt sound uncommon at all - in fact it is very similar to a merger\acquisition scenario where the acquired organization wants to keep their legacy addresses as aliases in Exchange online.<br><br>From what i've read, mailboxes for your french division are already in your O365, correct? And you have set them up to have aliases of @eu.company.com?<br><br>Here are what i've done before for similar (acquisition) scenarios:<ul><li>Added the new domain @eu.company.com into O365 domains and kept it as an authoritative domain. You only need to change it as internal relay IF you still have mailboxes for these uses using the same domain in a different email environment (i.e.: different exchange organization or even different O365 tenant)</li><li>&nbsp;The MX record does need to be as you mentioned ("eu-company-com.mail.protection.outlook.com") if mail is coming straight into O365.</li></ul><br>Since you have email going to mimecast first then you MX record should point to mimecast. The question is - from Mimecast, where are you pointing the email to be routed to for this domain? I am not familiar with the setup of Mimecast but it should be pointed to go to "eu-company-com.mail.protection.outlook.com" and not "company-com.mail.protection.outlook.com".<br><br>What i can suggest to make sure all is working as expected - change the public MX record for this domain to point directly to O365 ("eu-company-com.mail.protection.outlook.com") and see if the email gets delivered. If it does, then it is the way Mimecast is routing the emails that's causing the issue.
</div>


<div>
thanks for your help guys. &nbsp;its all working now - turned out to be several problems altogether causing the alias domain to not work, including not having them in our 3rd-party email filter service, and not having the domain added to our Microsoft 365 tenant as an "accepted domain". &nbsp;Thanks for your help and I'll dole out the points.
</div>


<div>
<div class="content wysiwyg-content">
Office 365 / Exchange Online is rejecting our new, secondary alias domain we've added for our European division in France. &nbsp;We've brought our French counterparts onboard our primary domain in Office 365 - but they need their old domain they have had to still continue to accept emails to their new accounts. &nbsp;So our main account is COMPANY.COM, and we've added EU.COMPANY.COM as an &quot;accepted domain&quot; in our Office 365 tenant &quot;domains&quot; setup screen. &nbsp;the domain passed the required DNS health checks, with 1 exception - Office 365 says &quot;eu-company-com.mail.prote<wbr />ction.outl<wbr />ook.com&quot; should be the MX record, but all our email must go through our 3rd-party Mimecast spam filter first, before reaching our Exchange Online. &nbsp;So I changed the MX record AFTER setting it up in the tenant account - and email IS routing thru our Mimecast filter as expected, and then being sent to Exchange Online. &nbsp;But once it reaches there, it is rejected with the following:<br />
<br />
This is a delivery failure notification message indicating that an email you addressed to email address :<br />
-- omagnin@eu.company.com<br />
<br />
could not be delivered. The problem appears to be :<br />
-- Recipient email server rejected the message<br />
<br />
Additional information follows :<br />
-- 5.4.14 Hop count exceeded - possible mail loop ATTR34 [SN1NAM02FT033.eop-nam02.p<wbr />rod.protec<wbr />tion.outlo<wbr />ok.com]<br />
<br />
This condition occurred after 1 attempt(s) to deliver over a period of 0 hour(s).<br />
<br />
If you sent the email to multiple recipients, you will receive one of these messages for each one which failed delivery, &nbsp;otherwise they have been sent.<br />
&nbsp;<br />
<br />
Not sure what the issue is now. &nbsp;Any help is much appreciated in resolving this before Monday.<br />
<br />
Thank you,<br />
Damian
</div>
</div>


Office 365 / Exchange Online is rejecting our new, secondary alias domain we've added for our European division in France.  We've brought our French counterparts onboard our primary domain in Office 365 - but they need their old domain they have had to still continue to accept emails to their new accounts.  So our main account is COMPANY.COM, and we've added EU.COMPANY.COM as an "accepted domain" in our Office 365 tenant "domains" setup screen.  the domain passed the required DNS health checks, with 1 exception - Office 365 says "eu-company-com.mail.protection.outlook.com" should be the MX record, but all our email must go through our 3rd-party Mimecast spam filter first, before reaching our Exchange Online.  So I changed the MX record AFTER setting it up in the tenant account - and email IS routing thru our Mimecast filter as expected, and then being sent to Exchange Online.  But once it reaches there, it is rejected with the following:

This is a delivery failure notification message indicating that an email you addressed to email address :
-- omagnin@eu.company.com

could not be delivered. The problem appears to be :
-- Recipient email server rejected the message

Additional information follows :
-- 5.4.14 Hop count exceeded - possible mail loop ATTR34 [SN1NAM02FT033.eop-nam02.prod.protection.outlook.com]

This condition occurred after 1 attempt(s) to deliver over a period of 0 hour(s).

If you sent the email to multiple recipients, you will receive one of these messages for each one which failed delivery,  otherwise they have been sent.
 

Not sure what the issue is now.  Any help is much appreciated in resolving this before Monday.

Thank you,
Damian

Office 365 / Exchange Online is rejecting our new, secondary alias domain we've added for our European division in France

Microsoft Office is an integrated suite of applications that includes Outlook, Word, Excel, Access, PowerPoint, Visio and InfoPath, along with a number of tools to assist in making the individual components work together. Coding within and between the projects is done in Visual Basic for Applications, known as VBA.

Microsoft Office

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.

Exchange

Office 365 is a group of software plus services subscriptions that provides productivity software and related services to its subscribers. Office 365 allows the use of Microsoft Office apps on Windows and OS X, provides storage space on Microsoft's cloud storage service OneDrive, and grants 60 Skype minutes per month. Office 365 includes e-mail and social networking services through hosted versions of Exchange Server, Skype for Business Server, SharePoint and Office Online, integration with Yammer, as well as access to the Office software. All of Office 365's components can be managed and configured through an online portal; users can be added manually, imported from a CSV file, or Office 365 can be set up for single sign-on with a local Active Directory using Active Directory Federation Services.

Microsoft 365

Within Internet message handling services (MHS), a message transfer agent or mail transfer agent (MTA) or mail relay is software that transfers electronic mail messages from one computer to another using a client–server application architecture. A MTA implements both the client (sending) and server (receiving) portions of the Simple Mail Transfer Protocol (SMTP). The terms mail server, mail exchanger, and MX host may also refer to a computer performing the MTA function. The Domain Name System (DNS) associates a mail server to a domain with mail exchanger (MX) resource records containing the domain name of a host providing MTA services.

Email Servers

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.