I am running a hybrid environment with Office 365. All mailboxes are in Exchange Online and I am trying to minimize my Exchange 2013 footprint on-prem. My programs, printers, and devices point to a DNS record that goes to Exchange On-premises server. We have around 5 accepted domains.
Exchange On-premises has two send connector, one pointing to our spam filter/smart host and one to Exchange Online.
The one pointing to Exchange online only applies to when messages are sent to domain.mail.onmicrosoft.com (this is connector created during hybrid config wizard).
The few mailboxes that are on-premises use the other connector that sends through a smarthost.
My question is how can we use EOP for all outgoing emails (no mather which domain we send to)?
i have seen that article and others that is a bit poorly written, at least nothing i can understand well.
What i ended up is the following:
1. In O365 Exchange ECP i edited the connector that is From Organization to O365 to use certificate containing *.domain.com
2. In on-premises exchange ECP, i created a new send connector to use domain-com.onmicrosoft.com as smarthost and also force this connector to use TLS and assigned it the same certificate used for OWA.
Since we have multiple domains, i was afraid using domain-com.onmicrosoft.com wouldn't work, since this is different for each domain. Anyhow, it worked :)