Update 11/13/2023: We added new information on how to know when this change is released to your organization.
Today, we are announcing an update to our requirements for SMTP relay through Exchange ...
Updated Feb 22, 2024
Version 19.0
Blog Post
Carolyn_Liu
Microsoft
Microsoft
>>If we use certificate authentication (1.a) in the connector then the P1 or P2 sender domains can be anything (accepted domains, non-accepted organisation domains and sub-domains, non-owned organisation domains etc.) and the recipient domains can be anything as well?
>>The key point here is that the certificate domain defined in the connector must match that defined in the certificate of the SMTP relay server e.g. tenantroot.com = tenantroot.com, as long as this matches then the sender and recipient domains can be anything?
[A] Correct. But this only applies on email routing, there are many other criteria, such as SPF< DKIM, DMARC, etc. need to be considered but not in the scope of the discussion.
>>If we use IP authentication in the connector then the P1 or P2 sender domains can be anything (accepted domains, non-accepted organisation domains and sub-domains, non-owned organisation domains etc.) as long as the recipient domain is an accepted domain?
[A] Correct.
>>Will this still be the case under the New Configuration?
[A] Correct.
>>Also, would it be possible to be more explicit on some the terminology used at the top of this blog e.g. "belongs to your organization", does this mean an explicit domain as defined under your O365 domains or could it be a sub-domain of one of these even though it's not explicitly defined in O365 domains?
[A] must be accepted domain in O365. I will clarify in the blog.