I have a tenant with 2 domains. Domain.com and Domain.co.uk. They have mail enabled public folders. The issue refers to all public folders but I am using email@example.com as an eample here.
When someone external sends and email to firstname.lastname@example.org it is received in the sales public folder which has email@example.com associated with it even though firstname.lastname@example.org is not listed as an email address is the public folder properties. Im not sure how this is working but this is in fact how we want it to work.
However is a staff member send an email from his @domain.com account to email@example.com it returns the following error:
"Your message to sales@domain .co.uk <mailto:firstname.lastname@example.org> couldn't be delivered. sales wasn't found at domain.co.uk."
Im going to (partially) answer my own question here. Simply adding the relevent domain.co.uk email address to the public folder properties made internal delivery of emails work. My questions still remains however is how have emails sent from external senders been delivered to a mail-enabled public folder called "Sales" with an email address of email@example.com when they actually sent it to firstname.lastname@example.org. Under accepted domains domain.com (default domain) has a domain type of internal relay and domain.co.uk has a domain type of Authoritative.
That's a long standing issue with Public folders - their secondary addresses do not flow to the EOP backend, which has the Directory Based Edge Blocking feature. Well, actually a similar issue with O365 groups exists. In a nutshell, the DBEB feature blocks every message addressed to "unknown" recipient. For "regular" object types, it's not a problem. For PFs however, only the primary SMTP Address is synced, so only this alias is recognized by DBEB.
You have two options here:
1) Change the domain to Internal relay. This disables the DBEB feature, however might have other implications, so test before committing to it
2) Simply "cycle" the aliases - set the secondary one as Primary, wait for say 30 minutes, switch it again.
Now, my memory might be failing me, but I think I recall that the second solution only worked for Groups, sooo in your case I guess there's only one solution. I'll double-check...
Best Response confirmed by
Ed Kenworthy (Occasional Contributor)