Approvals for distribution lists not working for Office 365 users in Hybrid mode

Occasional Contributor

We use dynamic distribution lists on-prem. After activating Hybrid mode, we have created contacts for these in Exchange Online and they work just fine now for Office 365 users. However, there are a few DLs which are moderated. Therefore we have enabled TNEF on both sides, created contacts for the System and Approval Assistant mailboxes in Exchange Online and set RequireSenderAuthenticationEnabled = $true for those two mailboxes as well. But we still cannot get approval to work, answer mails bounce for Office 365 with the following NDR:


Delivery has failed to these recipients or groups:
SystemMailbox (SystemMailbox{bb558c35-97f1-4cb9-8ff7-xxxxxxxxxxx}
Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery.
The following organization rejected your message:


What else do I need to set to make this work?

0 Replies