SOLVED

Exchange online - 1 tenant - 2 domains - internal emails between the 2 fail

Copper Contributor

I have a tenant with 2 domains. Domain.com and Domain.co.uk. They have mail enabled public folders. The issue refers to all public folders but I am using sales@domain.com as an eample here. 

 

When someone external sends and email to sales@domain.co.uk it is received in the sales public folder which has sales@domain.com associated with it even though sales@domain.co.uk is not listed as an email address is the public folder properties. Im not sure how this is working but this is in fact how we want it to work.

 

However is a staff member send an email from his @domain.com account to sales@domain.co.uk it returns the following error:

 

"Your message to sales@domain .co.uk <mailto:sales@domain.co.uk> couldn't be delivered.
sales wasn't found at domain.co.uk."

 

Can someone help me resolve issue?

 

Thanks

 

 

4 Replies
Im going to (partially) answer my own question here. Simply adding the relevent domain.co.uk email address to the public folder properties made internal delivery of emails work. My questions still remains however is how have emails sent from external senders been delivered to a mail-enabled public folder called "Sales" with an email address of sales@domain.com when they actually sent it to sales@domain.co.uk. Under accepted domains domain.com (default domain) has a domain type of internal relay and domain.co.uk has a domain type of Authoritative.
best response confirmed by Ed Kenworthy (Copper Contributor)
Solution

That's a long standing issue with Public folders - their secondary addresses do not flow to the EOP backend, which has the Directory Based Edge Blocking feature. Well, actually a similar issue with O365 groups exists. In a nutshell, the DBEB feature blocks every message addressed to "unknown" recipient. For "regular" object types, it's not a problem. For PFs however, only the primary SMTP Address is synced, so only this alias is recognized by DBEB.

 

You have two options here:

 

1) Change the domain to Internal relay. This disables the DBEB feature, however might have other implications, so test before committing to it

2) Simply "cycle" the aliases - set the secondary one as Primary, wait for say 30 minutes, switch it again.

 

Now, my memory might be failing me, but I think I recall that the second solution only worked for Groups, sooo in your case I guess there's only one solution. I'll double-check...

Great explanation. Thanks for clearing that one up for me.

1 best response

Accepted Solutions
best response confirmed by Ed Kenworthy (Copper Contributor)
Solution

That's a long standing issue with Public folders - their secondary addresses do not flow to the EOP backend, which has the Directory Based Edge Blocking feature. Well, actually a similar issue with O365 groups exists. In a nutshell, the DBEB feature blocks every message addressed to "unknown" recipient. For "regular" object types, it's not a problem. For PFs however, only the primary SMTP Address is synced, so only this alias is recognized by DBEB.

 

You have two options here:

 

1) Change the domain to Internal relay. This disables the DBEB feature, however might have other implications, so test before committing to it

2) Simply "cycle" the aliases - set the secondary one as Primary, wait for say 30 minutes, switch it again.

 

Now, my memory might be failing me, but I think I recall that the second solution only worked for Groups, sooo in your case I guess there's only one solution. I'll double-check...

View solution in original post