Home

Office 365 Directory Based Edge Blocking support for on-premises Mail Enabled Public Folders

%3CLINGO-SUB%20id%3D%22lingo-sub-74218%22%20slang%3D%22en-US%22%3EOffice%20365%20Directory%20Based%20Edge%20Blocking%20support%20for%20on-premises%20Mail%20Enabled%20Public%20Folders%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-74218%22%20slang%3D%22en-US%22%3E%3CP%3EUntil%20now%2C%20our%20on-premises%20customers%20who%20use%26nbsp%3B%20%3CA%20href%3D%22https%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Flibrary%2Faa997560(v%3Dexchg.150).aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EMail%20Enabled%20Public%20Folders%3C%2FA%3E%20(MEPF)%20could%20not%20use%20services%20like%20%3CA%20href%3D%22https%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Flibrary%2Fdn600322(v%3Dexchg.150).aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EDirectory%20Based%20Edge%20Blocking%3C%2FA%3E%20(DBEB).%20If%20DBEB%20is%20enabled%2C%20any%20mails%20sent%20to%20Mail%20Enabled%20Public%20Folders%20(MEPF)%20will%20be%20dropped%20at%20the%20service%20network%20perimeter.%20This%20is%20because%2C%20DBEB%20queries%20Azure%20Active%20Directory%20(AAD)%20to%20find%20out%20if%20a%20given%20mail%20address%20is%20valid%20or%20not.%20Because%20Mail%20Enabled%20Public%20Folders%20(MEPF)%20are%20not%20synced%20to%20Azure%20Active%20Directory%2C%20all%20MEPF%20address%20are%20considered%20as%20invalid%20by%20DBEB.%20Sender%20of%20the%20mail%20to%20MEPF%20would%20receive%20following%20NDR%3A%3C%2FP%3E%0A%3CBLOCKQUOTE%3E%0A%3CP%3E%3CI%3E%E2%80%98550%205.4.1%20%5B%3CSAMPLEMEPF%3E%40%3CRECIPIENT_DOMAIN%3E%5D%3A%20Recipient%20address%20rejected%3A%20Access%20denied%E2%80%99.%3C%2FRECIPIENT_DOMAIN%3E%3C%2FSAMPLEMEPF%3E%3C%2FI%3E%3C%2FP%3E%0A%3C%2FBLOCKQUOTE%3E%0A%3CP%3ETo%20resolve%20this%20issue%2C%20in%20the%20latest%20Azure%20AD%20Connect%20tool%20update%2C%20we%20are%20introducing%20an%20option%20to%20synchronize%20MEPFs%20from%20on-premises%20AD%20to%20AAD.%20Admins%20can%20do%20this%20through%20the%20newly%20introduced%20option%20%E2%80%93%20%E2%80%98Exchange%20Mail%20Public%20Folders%E2%80%99%20in%20Optional%20Features%20page%20of%20Custom%20installation%20during%20Azure%20AD%20Connect%20tool%20installation%2Fupgrade.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F15227iB1C45C78C806C31C%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22Slide1.PNG%22%20title%3D%22Slide1.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ERead%20about%20it%20on%20the%20%3CA%20href%3D%22https%3A%2F%2Fblogs.technet.microsoft.com%2Fexchange%2F2017%2F05%2F19%2Foffice-365-directory-based-edge-blocking-support-for-on-premises-mail-enabled-public-folders%2F%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EExchange%20blog%3C%2FA%3E.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-74218%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%20Online%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Community Manager

Until now, our on-premises customers who use  Mail Enabled Public Folders (MEPF) could not use services like Directory Based Edge Blocking (DBEB). If DBEB is enabled, any mails sent to Mail Enabled Public Folders (MEPF) will be dropped at the service network perimeter. This is because, DBEB queries Azure Active Directory (AAD) to find out if a given mail address is valid or not. Because Mail Enabled Public Folders (MEPF) are not synced to Azure Active Directory, all MEPF address are considered as invalid by DBEB. Sender of the mail to MEPF would receive following NDR:

‘550 5.4.1 [<sampleMEPF>@<recipient_domain>]: Recipient address rejected: Access denied’.

To resolve this issue, in the latest Azure AD Connect tool update, we are introducing an option to synchronize MEPFs from on-premises AD to AAD. Admins can do this through the newly introduced option – ‘Exchange Mail Public Folders’ in Optional Features page of Custom installation during Azure AD Connect tool installation/upgrade.

 

Slide1.PNG

 

Read about it on the Exchange blog.

Related Conversations
General folder automatically created
AI_birder in Microsoft Teams on
4 Replies
Dont see any Contact in Teams
nicb in Microsoft Teams on
2 Replies
Using Flow to send out automatic emails on a weekly basis
sokva in Office 365 on
2 Replies