<Tenant>.onmicrosoft.com added to on-premises Accepted Domains

Steel Contributor

Hello all,

 

I'm working with a customer who has had their Hybrid Configuration in place for years and they do not remember is this happened automatically via the HCW, or if they manually added it.  Anyway, they have both of the 'onmicrosoft' domains added as Accepted Domains, and to the Email Address Policies.  I mean these ones:

  • <Tenant>.mail.onmicrosoft.com (the usual one, and what I see in every other environment I can remember).
  • <Tenant>.onmicrosoft.com (the one I thought was intended for dedicated use in EXO only).

I am not sure if the HCW used to add both domains to the on-premises env. but I do know that the HCW doesn't do that today, and hasn't since I can remember, but I may have missed it in the past.

 

I noted it is also set to Authoritative, so I see it as a potential mail flow issue down the road, where the same address will exist in both locations, but if a message to said address is received on-premises, that message will never properly be sent up to EXO.  This is why my gust says to remove this domain from their env., but then I wonder - why is it there, and so here I am.

 

Has anyone seen this before?  Is anyone more sure than I that it must have been added manually, and do you think it would be best for me to get rid of it?

 

The main risk in removing it that I have thought of is that somebody could have setup depending other stuff that uses one of the @<Tenant>.onmicrosoft.com email addresses, and the depending other stuff will have an issue if these email addresses go away.  I can do Message Tracking logs to determine that (hopefully:) that is).

 

Thanks in advance.

4 Replies

Hi @Jeremy Bradshaw 

 

Not many of my clients are using Exchange Hybrid, but there is one at the moment. We're looking to move them into 365 completely, but covid put a spanner in the works so that's been delayed.

 

The server is Exchange 2010 server, and I can see both the tenant.onmicrosoft.com and tenant.mail.onmicrosoft.com set up as both a accepted and a remote domain

 

Accepted domains

 

hybrid1.png

 

And for remote domains...

 

HidMov_0-1597779784484.png

 

Going to be honest with you - I can't recall if I added in the tenant.onmicrosoft.com one manually or not as it was last year. That said, I wouldn't have added it in unless I had a good reason to do so.

 

Hope this helps in some way,

 

Mark

 

@HidMov  Thanks very much for the info. 

@Jeremy Bradshaw 

 

Hi, I can also confirm that in older hybrid deployments using Exchange 2010 I have seen both the .onmicrosoft.com and mail.onmicrosoft.com domains added as accepted domains on premises.  

 

On more recent hybrids using Exchange 2016, only the mail.onmicrosoft.com domain is present.

Thanks for the info as well. Based on this, and the earlier response, as well as the environment I noticed it in, seems like it was the way previously, either with Exchange 2010, or just earlier HCW versions.

In retrospect, it seems I've been on quite a stretch of Exchange 2013 and newer projects, which I guess is a good thing, but clearly I've lost touch with 2010, at least a little bit.