• ExchangeMaster

Hybrid/EOP Send Connector Requirements

Updated: Apr 20, 2021

I haven't received an alert or email about this from Microsoft as yet, so I'm whipping up a quick post in case I'm not the only one.

Starting on 05-Jul-2017, customers with hybrid Exchange deployments (or EOP) won't be able to relay mail through Exchange Online / EOP, unless their configured send connector(s) meet the requirements set forth in a recent Exchange team blog post and a corresponding support KB.

The KB is more clear, but the short version is that you should configure your hybrid/EOP send connector(s) to authenticate via TLS certificate(s). As the KB points out, you can meet a base level of functionality simply by registering the domain(s) in question within Office 365.

However, you probably use relay today in ways which aren't supported by default in O365, such as sending NDRs, forwarding via rules, or sending from domains which you haven't added to O365. After July 5th, these scenarios will require TLS certificate authentication. Both the KB and the post include the procedure for configuring your connector(s), along with links to procedures for installing your certificate(s) and setting up mail relay.

91 views0 comments

Recent Posts

See All

Quick post, this time. I've discovered recently that a Microsoft DLP policy which includes a rule to scan for credit card numbers, will "pass" an email which includes card numbers separated from corre

Recently I needed a quick script to set the two-letter O365 country codes, while my only source for the setting was the three-letter codes in a given AD forest. This presented a problem, because O365