Accepting Relays from O365

J

jlpeifer

Verified User
Joined
Jun 6, 2006
Messages
107
I'm trying to set up an O365 Exchange connector to relay email to my DA server. Part of the process of setting up the connector relay on O365 is to validate (using tools in the O365 Exchange Admin center) an email account on the DA server for the domain being configured. The email account and associated domain exist on the DA server; however, I'm not able to successfully validate.

The validation process is two-steps:
1. Check for connectivity to DA email server
2. Send test email

I've obscured some info in the details below for security reasons. foobar.com and [email protected] are placeholders for an actual domain and email box associated with that domain set up on my DA server.

Step 1 succeeds! Here's the log info provided by O365
250-hosting.foobar.com
Hello mail-dm6nam12lp2174.outbound.protection.outlook.com [104.47.59.174]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPE_CONNECT
250-AUTH PLAIN LOGIN
250 HELP
Click to expand...

Step 2 (Send test email) fails... and I don't understand why.
Detailed log

Timestamp:11/9/2021 11:47:30 AM
EventId:RECEIVE
Source:SMTP
MessageSubject:Test email for connector validation
MessageId:<[email protected]>
Recipients:[email protected]
RecipientCount:1
RecipientStatus:
SourceContext:08D9A2962EF26E34;2021-11-09T11:47:29.511Z;0
Sender:[email protected]
EventData:ProxyHop1:SJ0PR03CA0090.outlook.office365.com(2603:10b6:a03:331::35), MimeParts:Att/Emb/MPt:0/0/1, MessageValue:MediumHigh, Replication:BL3PR10MB5489, InboundTlsDetails:TLS=SP_PROT_TLS1_2_SERVER TLSCipher=CALG_AES_256 TLSKeyLength=256 TLSKeyExAlg=CALG_ECDH_EPHEM, CorrelationId:f0d7df0b-f015-4506-93bc-08d9a376b55b, FirstForestHop:BN0PR10MB5503.namprd10.prod.outlook.com, FromEntity:Internet, DeliveryPriority:Normal, OriginalFromAddress:<>, AccountForest:NAMPR10A008.PROD.OUTLOOK.COM

Timestamp:11/9/2021 11:47:30 AM
EventId:RECIPIENTINFO
Source:RESOLVER
MessageSubject:Test email for connector validation
MessageId:<[email protected]>
Recipients:[email protected]
RecipientCount:1
RecipientStatus:UserMailbox.Forwardable.Resolver.CreateRecipientItems.40
SourceContext:
Sender:[email protected]
EventData:SenderVerdict:NotFound.OneOff.Sender.10, DeliveryPriority:Normal, OriginalFromAddress:<>, AccountForest:NAMPR10A008.PROD.OUTLOOK.COM

Timestamp:11/9/2021 11:47:32 AM
EventId:AGENTINFO
Source:AGENT
MessageSubject:Test email for connector validation
MessageId:<[email protected]>
Recipients:[email protected]
RecipientCount:1
RecipientStatus:
SourceContext:CatContentConversion
Sender:[email protected]
EventData:AMA:EV|engine=A|v=0|sig=202111091034|name=|file=|hash=|phash=, AMA:EV|engine=M|v=0|sig=1.353.694.0|name=|file=|hash=|phash=, TRA:ETRI|MsgType=|Ex=|IsKnown=|FipsStatus=|AttchUns=|ceErr=|Synth=ON, CFA:AS|sfv=NotSpam|rsk=Low|scl=0|bcl=0|score=|sfs=(4505002)(3230221)(823300339)(823320095)(903200)(820075)(20180801173)(3231647)(944501753)(88885190)(15022040)(15041020)(15015020)(2019022201238)(7699085)(740010)(76000231)(76304075)(930200077)(6201001)|sfp=0|fprx=|mlc=|mlv=|list=1|di=|rd=|h=SJ0PR10MB5661.namprd10.prod.outlook.com|ctry=|cltctry=|lang=|cip=|dir=Originating|alat=0|mlat=3|rlat=3|asf=, CFA:LTC|RPLHCFR=51|RPLSLR=0|RPLAPR=51|RPLMR=52|RPL=154|RSP=369, PCFA:SUM|hctfp=e8ecbbdb-bdd9-415c-b897-56c933bbfcc6, SFA:SUM|SFV=SKI|IPV=NLI|SRV=|SCL=-1|SCORE=0|LIST=0|DI=|RD=|H=SJ0PR10MB5661.namprd10.prod.outlook.com|CIP=|SFP=0|ASF=0|CTRY=|CLTCTRY=IPV6|LANG=en|LAT=0|LAT=0|LAT=0|FPR=A8C2707E.E93100B.89F093CD.D44EEEC9.20067|DIR=OUT, PCFA:SUM|URLRW=0, CompCost:C|ETR=105|SFA=0, DeliveryPriority:Normal, OriginalFromAddress:<>, AccountForest:NAMPR10A008.PROD.OUTLOOK.COM

Timestamp:11/9/2021 11:47:33 AM
EventId:SEND
Source:HTTP
MessageSubject:Test email for connector validation
MessageId:<[email protected]>
Recipients:[email protected]
RecipientCount:1
RecipientStatus:250 2.0.0 OK
SourceContext:
Sender:[email protected]
EventData:MsgRecipCount:1, IncludeInSla:True, ProcessedRC:1, ExpirationTimeV2:11/10/2021 11:47:29 AM, ExpirationStartTimeReason:OriginalSubmit, ExpirationIntervalReason:OriginalSubmit, DeliveredViaHttps:P2PDeliver, HttpRequestId:957332cc-c54e-4063-837e-181ab6e1c210, MailboxDatabaseGuid:b2baaa7f-8f89-41f6-ada8-1c570a6b56aa, ResourceForest:namprd10.prod.outlook.com, DeliveryPriority:Normal, OriginalFromAddress:<>, AccountForest:NAMPR10A008.PROD.OUTLOOK.COM, E2ELatency:4.116
Click to expand...

Can anyone help me understand why Step 2 of this validation fails?

Thanks,
Joe
 
UPDATE: I have partially resolved this issue and report back once I have all the wrinkles ironed out.
 
I was able to create a connector in O365 Exchange that successfully passed email to my DA server.

The problem I was having in my original post happened because I had created a mailbox on O365 that matched the DA mailbox I was trying to verify. So instead of verification tests being forwarded to my DA server, they were instead being sent to the mailbox of the same name on the O365 platform. To resolve this I created a new, unique email account on the DA server (rubbish@foobar.com) and had O365 successfully verify against that new mailbox.

What I'm learning is that with O365 set as the MX for the domain, inbound mail directed to any @foobar.com address that doesn't exist on the O365 platform itself gets passed along to the DA server.

I'm left with one question if anyone else is following this thread and wants to chime in... is there any way to determine whether email being passed to my DA server (via the O365 connector) is first being subjected to Microsoft's Exchange Online Protection (spam filtering) prior to being relayed?
 
I had a familiar error, the problem was, that the domain must be set to InternalRelay, and I had Authoritative, so Exchange was trying to deliver the email locally not to the on-premise server...
 
You must log in or register to reply here.
Back
Top