Forum Discussion
Exchange Onpremises Transport Rule
Hi All, I am trying to create a transport rule in Onpremise Exchange environment, so that the rule applies to only recipients whose hosted in Onprem Exchange environment and not in office365. So...
Where is your MX record is pointed to O365 or your Ex on-premises ?
It is pointed to our proofpoint servers which ultimately routes those mails into our Onprem Exchange.
- So, based on your email routing configuration every email whether from on-prem or from O365 needs to route to on-prem through Proofpoint servers and then go out to the external recipients. that mean that on-premises transport rules will continue to evaluate messages sent to or from mailboxes housed in Office 365 and your on-premises and o365 mailboxes will be considered as inside the organization.
- In that case, how would i restrict the rule to trigger for only Onprem mailboxes?
- If you're concerned about messages sent FROM on-prem mailboxes, you want the SenderADAttributeContainsWords condition. If instead it is messages sent TO on-prem mailboxes, you want the RecipientADAttributeContainsWords condition. There's one more problem - these conditions only support certain properties, and RecipientType/RecipientTypeDetails are not on the list of supported properties.
To get around this, I have used a PowerShell script which is run by a Scheduled Task, and sets a CustomAttribute(1-15) to a value based on whether the mailbox is on-prem or in EXO. For me, I've chosen to set CustomAttribute11 to 'EXO' when the RecipientTypeDetails is -LIKE 'Remote*Mailbox', or 'On-premises' when that is not the case. Then my transport rule uses CustomAttribute11 as the Sender/Recipient property contain the word(s) we specify with either of those aforementioned Transport Rule conditions.
I like to schedule tasks on an Exchange server, running those tasks as Local System. You can assign RBAC roles to your Exchange server's computer account, or add it to one of the pre-canned role groups, like Recipient Management, then it can do the stuff in your script (like Set-Mailbox <id> -CustomAttribute11 'On-premises', or Set-RemoteMailbox <id> -CustomAttribute11 'EXO').
Hope this helps. Again - if you know any good ways to tackle the UsedVersionBuckets issue, please do share.
