Forum Discussion

Lefty's avatar
Lefty
Copper Contributor
Dec 30, 2024

Sender Rewrite

Hi,
I'm looking at a scenario where a company has two Microsoft 365 tenants for different divisions in different countries.
The issue is that they need to be able to have external email addresses with the same domain.
Apparently this is a fairly common requirement when a corporate acquisition occurs (though most commonly for a short period until migrations can be done), so it seems it should be possible.
There are various options for incoming email that seem to work such as email forwarding between tenants or an external forwarding service like improvMX (though it seems from what I'm reading there may be some DMARC issues associated with this approach?), the issue is giving outgoing email the correct "from" domain.
Searching on the subject seems to touch on various possibilities, Exchange Edge Transport Server, SRS in Office 365, and even postfix, but it's all a bit unclear what is current, what is built into Microsoft 365 itself (obviously not postfix) or indeed what actually does what I'm looking for.
So I'm hoping to avoid going down too many rabbit holes and dead ends by asking here.

  • Referring to below:

     

    Incoming Email

    1. Email Forwarding Between Tenants: You can set up email forwarding rules to route emails from one tenant to another. This can be done using mail flow rules in Exchange Online.
    2. External Forwarding Services: Services like ImprovMX can forward emails between tenants. However, as you mentioned, there can be DMARC issues, so you'll need to ensure proper SPF, DKIM, and DMARC configurations to avoid email spoofing and delivery issues.

    Outgoing Email

    1. Sender Rewriting Scheme (SRS): SRS can help rewrite the sender's address to ensure that the email appears to come from the correct domain. This is useful for maintaining the correct "from" Domain in outgoing emails.
    1. Exchange Edge Transport Server: This can be used to manage mail flow between different tenants and rewrite email addresses as needed. However, it requires additional infrastructure and management.
    2. Third-Party Solutions: There are third-party email gateways and services that can handle address rewriting and ensure that outgoing emails have the correct "from" Domain.

    Built-In Microsoft 365 Features

    Microsoft 365 has built-in features that can help manage this scenario:

    • Mail Flow Rules: You can create rules in the Exchange admin center to manage how emails are routed and rewritten.
    • Hybrid Configuration: If you have an on-premises Exchange server, you can set up a hybrid configuration to manage mail flow between the on-premises environment and Microsoft 365 tenants.

     

    • Victor_Ivanidze's avatar
      Victor_Ivanidze
      Bronze Contributor

      Could you please explain how exactly I  can rewrite the From address using a transport rule?

    • Lefty's avatar
      Lefty
      Copper Contributor

      Hi,
      Thanks for that. I have a few questions related to what you've posted.

      Sender Rewriting Scheme:

      The online documentation on this is rather vague (perhaps adequate for someone familiar with the Exchange/365 ecosystem, but I'm lower down on the learning curve), so perhaps you could clarify.
      If I have two tenants, with one being a subdomain of the other
      Tenant1: mydomain.com
      Tenant2: sub.mydomain.com
      (at a pinch they could be sub1.mydomain.com and sub2.mydomain.com if that makes a difference)
      Can SRS rewrite emails from Tenant2 so that they appear to come from mydomain.com ?

      If so, is there an idiot's guide to using SRS anywhere?

      Exchange Edge Transport Server:
      I've come across an article that describes the scenario I'm faced with and a solution using the Exchange Edge Transport Server (running in Azure, though that is incidental), so that seems like an option, however what I haven't managed to find out so far is what this would mean in terms of licenses that would need to be purchased.
      In short, if I want to set up an Exchange Edge Transport Server to deal with routing and rewriting emails to and from two 365 Tenants what licenses would be required?

      Third-Party Solutions:
      Any suggestions of ones to look at, or at least a good search string?


      Built-In Microsoft 365 Features:
      At one point Microsoft had cross tenant domain sharing on their public roadmap, which they then removed. Has this been abandoned?

  • JeromeFerreira's avatar
    JeromeFerreira
    Copper Contributor

    This is very interesting. Instead of that opinion how about going down the road with Entra B2C Direct Collaboration? 

Resources