Forum Discussion
Adding email accounts without license
Excellent write up and many thanks as you are the first to address this properly. I can't tell you the amount of searching I've done trying to find a solution.
Now, if you could help with the final step. When validating, I get a successful connection but failed email on my non ms365 email, well it appears so to me as these test logs are much too technical. The ms365 email looks okay.
Any tips on next steps or how to find the error?
I wrote an article in Portuguese detailing this topic a little better:
https://tshooterit.com/office-365-exchange-em-modo-hibrido-para-contas-de-e-mail/
Maybe the answer is there, but, in theory, the problem you report is related to the lack of authoritative CNAME in the DNS for your domain.
As I use Cloudflare as an edge CDN, instead of configuring the CNAME/TXT entries on my hosting server, I needed to configure it in Cloudflare's own DNS configuration.
Check to see if the error you receive is related to the lack of "DMARC", "enterpriseenrollment" or "_domainkey" entries in the DNS configuration or in your hosting server or CDN, if applicable.
Best regards,
NeilsonFaria , So sorry I did not see your reply until now. It appears you promptly replied. Thank you once again.
Great input but all of that stuff is above my paygrade. I think (and hope) that MS will be able to help with this. Ill give that a shot.
NeilsonFaria Hello, thank you for your detailed guide.
I have successfully done the connectors and can receive emails but when I use the non365 emails to send, I can't seem to receive it.
What could be the problem with this?
Hi, jamcosico .
I bet the email is being sent by your legacy SMTP server but is being rejected by the destination server due to reverse domain validation.
Since we configured Office 365 as the "domain manager", your "legacy" server does not have the equivalent DNS entries as Office 365 to ensure that it can also send emails through the same domain (reverse validation).
I recommend, first of all, checking whether, in fact, the emails are going out but being rejected by the destination (no configuration we have made prevents the legacy SMTP from sending emails).
Once you've verified that this is it (and you will), go to the DNS Zone Editor of your legacy server (or CDN, if you use Cloudflare or something) and include all the entries that Office 365 generated.
In the article published at https://tshooterit.com/office-365-exchange-em-modo-hibrido-para-contas-de-e-mail/, I mentioned:
"In the worst case scenario, you will need to copy the DNS entries from Office 365 and paste it into the private domain server's DNS configuration."
I believe that this step needs to be refined in your configuration.
Use the tools at https://mxtoolbox.com/ to validate:
- DMARC: https://mxtoolbox.com/dmarc.aspx (everything has to be green)
- MX: https://mxtoolbox.com/dmarc.aspx (you have to return the hostname/IP of Office 365 and your legacy server)
- PTR: https://mxtoolbox.com/dmarc.aspx (reverse DNS validation has to return your legacy server and Office 365 server).
The solution, invariably, involves correctly configuring DMARC, CNAME, TXT, PTR and other entries and domain validators on your legacy server or edge CDN (Cloudflare, for example).
Big hug.
