Forum Discussion
Securing mailflow in the hybrid configuration
Hello,
I'm looking for some help. I'm facing the customer's security department. We plan to configure hybrid configuration in our current Exchange 2010 deployment to ensure a smooth migration to Office 365. Everything is pretty clear except for one thing. That is the inbound mail flow from EO to on-prem.
We've set up hybrid using the HCW. After that I was forced to demonstrate to the security department how is the whole solution secured from the outside. Please keep in mind that the EO is still considered as outside. Now I get the point. There is a standard receive connector set up by the HCW which handles the inbound mail flow. I was asked how the connector is secured from receiving emails from the other tenants. Inbound emails except the hybrid have to be handled on the Cisco IronPort boxes. So the question is, how to ensure that the inbound emails can be send only from specific tenant or domain.
Thanks for any tips!
D.
8 Replies
Not sure what you mean here, the outbound connector will be used to redirect *any* messages received for mailboxes still hosted on-prem. This includes both internal mail, sent from O365 mailboxes in the same tenant, and external mail, sent from other O365 tenants or internet users.
Where is your MX pointing at?
Here's the picture.
I'm talking about the red line which shows the SMTP between EO and on-prem. Basicaly We need to set up the receive connector on the Edge servers to not accepts emails from any other tenant exepct our. Is that clear?
