In searching various Office 365 blogs, knowledge base sites, and community user groups we have seen many posts asking how to relay from your internal Exchange Server to Exchange Online / Office 365 to external internet recipients. There is a ton of confusion out there so we wanted to clear it up. The answer is it is NOT POSSIBLE, we repeat it is NOT POSSIBLE to relay to external internet recipients from your local Exchange Server to Exchange Online / Office 365. It simply is not supported. Many articles out there describe how to relay from your local Exchange Server to FOPE (Forefront Online Protection Engine), it is true this is possible but not with the FOPE that comes with Office 365. You have no ability to add Outbound Servers this is disabled. Some would argue you can use a outbound policies to control this or safe lists but this is NOT the case.
Many articles describe how to setup a hybrid setup of Office 365 and your local Exchange Server with various configurations, some pointing the MX records to your on-premise Exchange Server some pointing your MX records to the FOPE Cloud service. The reality is in either configuration no matter what email from your local Exchange Server to external internet recipients can only route from your on-premise Exchange Server to the internet or to another filtering service but there is no setup to allow this to happen through Office 365 version of FOPE. Even when pointing your MX to the cloud external email from the cloud routes through the cloud, external email from your internal Exchange Server routes through your server to the internet or another relay such as MX Logic, etc. The hybrid model simply describes a solution where you can point at the cloud with your MX to control mailflow to internal recipients, in this config mail to your domain from external senders routes to the cloud and is either delivered to a mailbox in the cloud or sent to your internal Exchange Server. Mail from your internal Exchange Server to a Cloud mailbox is routed to the cloud, and mail sent to an external recipient from your internal Exchange Server is always routed to the internet or through some other smart host or filtering solution. You can configure FOPE and Office 365 so that all mail sent from the cloud rather internal or external is routed through your internal Exchange Server but not the other way around.
Just wanted to make this 100% clear… you can setup a mail relay through Office 365 using the SMTP Service in IIS but NOT through an internal Exchange Server. Additionally the SMTP Service is somewhat limited in that it cannot send on behalf, you must configure the from address on the SMTP service that is the same as the authentication address so mail from the SMTP Service will always come from the same address. To avoid this you could setup multiple SMTP relays on the SMPT Service using different IP addresses so different applications could send from different from addresses. Anyway we hope this clears this question up, anyone that doesn't believe us, try it:)
Recent Comments