Updated Requirements for SMTP Relay through Exchange Online

Yes we ran the report and saw that we might be impacted, and immediately set about changing our Inbound Connectors to use TLS Certificate-based authentication.  We did this in January, but nevertheless it appears that Microsoft still began changes that impacted our Tenant (thank you for the explanation that the changes relate more to Infra, than per Tenant directly, that helps!).   Our Email usage profile, of 1000s of emails with attachments per day, have resulted in it impacting us in a MAJOR way due to our Metadata scrubber suddenly being unable (despite being cleared for TLS Cert authentication-based Relay) to reliably Relay any mail as it has done for years.   

I have searched, searched, and searched for a notifications in Message Center -- there is no post from MS to us about any changes to our Ring of Infrastructure.   Yet we can clearly see that we have been directly-affected by these changes.  It is demonstrable that our Connectors will NOT function if we identify our servers by IP, anymore, we have to have TLD Certificate Identification enabled.  

I will DM you our Tenant GUID, and tickets we have had opened (which have been non-responsive from 365 Support) on this issue we have experienced for about 2 weeks.  It appears to be waning, or reducing, and I see less queueing in our Metadata scrubber on-prem system (which was the main service impacted by this). 

UPDATE: I did not respond to your last question.   If it is genuinely a curiosity, I will explain and walk you through what MS could have done better in terms of notification, and what I would have done differently.   First -- MS needs to more aggressively tie Rings of infra, scheduled for update, to groups of Tenants who have EXO services on that Infra.   Simple.  And they probably already do this, but not for Comms reasons, apparently.  

Obviously this is many Tenants, in some cases, and in other cases -- maybe fewer Tenants (a Venn diagram, of sorts); however, MS by saying they would notify Tenants who have Email configs that might be affected (and then not doing that notification) creates a RISK that could have been mitigated.   It is now obvious we were impacted by MS Infra updates, along with any other Tenants adjacent to us on that same Infra.

Lastly, I would have slated our Metadata scrubbing solution, which at the time of changes did not yet support TLS Certificate Authentication, to no longer route its mail back into our Tenant on its own Connector.  I would have instead routed all Metadata cleaning activity back to Tenant through our on-prem Exchange infra.  That would have avoided this entire mess.  So, I absolutely would have done things differently if MS gave us some kind of individual notice of time of impact!

Microsoft owns its Infrastructure, we are merely Tenants of it, so Microsoft can do whatever the hell it wants without a lot of regard for impact.  It has done so here.  And it should do better.

I support the reasons behind these changes, Spam reduction (and Google, Yahoo, etc are all doing the same) -- but this is MICROSOFT, and Tenant Action Items shouldn't only be relegated to a few Techcommunity posts -- these Infra upgrades have been disruptive enough, to certain Tenants with specific setups (Metadata cleaners, for one) that it should have been mailings and any/all other comms methodologies.  Smoke signals, of items never appearing in our Message Portal, don't count.

PS I DM'ed your requested info.  I hope you find something helpful to at least confirm, on your end, the changes are done and will no longer affect our Tenant.  Good luck, and thanks for the assist.