Forum Discussion
Would an internal relay domain work without Active Directory trust
Hi, I manage an Exchange environment and we are merging with a new company. The requirement is for a new domain to be setup and hosted by ourselves. All users will have this domain but a handful of ...
You can achieve this by setting up contacts in the source domain with a targetaddress attribute of the target primary SMTP address, or you can do it by configuring the domains as internal relay. I'd recommend dedicated send/receive connectors as you can customise the delivery and look of the messages a bit more, and you will have to have one if you go down the internal relay domain path otherwise you'll get stuck in a mail loop as the MX record will point to the target Exchange organisation. Generally when we see organisations do this they are pretty quick to get the networks linked, so once that's done you can configure the connectors to route traffic that way. As you say SPF/DMARC have to be correct, be careful if you are using DKIM, and make sure whatever message hygiene service you are using is configured appropriately as well.
Thanks Dan. Without that link in place would the connectors in theory work ok over the internet? Once we plug the two together we can then flip these to be private.
I have been testing the forwarding scenarios and having mixed results depending on where the forward is set at gateway or exchange level. Have seen failures when forwarding from Exchange when the originating sending domain has a dmarc policy set to reject.
Appreciate the reply!
- If the domains are set up as "internal relay" or "authoritative" (depending on the scenario) and the send connectors are in place, it should work OK. Are you able to provide more info on why the messages failed authentication?
