Update 11/13/2023: We added new information on how to know when this change is released to your organization.
Today, we are announcing an update to our requirements for SMTP relay through Exchange ...
Updated Feb 22, 2024
Version 19.0
Blog Post
In item #2 of the "New Requirements" section, the requirements indicate that "the sending host's IP address or certificate domain on the SMTP connection matches your organization's Inbound Connector". However, in item #1 of the "Actions to Take" section, it says that if the Inbound Connector must be updated to use a certificate domain instead of IP addresses.
It's not completely clear: Will we still be able to relay email through Exchange Online based on the IP address or will a certificate be required (assuming the P1 MAIL FROM requirement 1b is satisfied)?
We only use the SMTP relay from on-premises applications, scanners, etc. to internal users (email is not destined for recipients outside our tenant). Unfortunately, most of our applications and devices won't be able to support certificates, so we rely on using dedicated IP addresses to route this specific SMTP traffic through at our firewall.