Getting NDR from O365 to On-premises after adding custom domain

%3CLINGO-SUB%20id%3D%22lingo-sub-2166007%22%20slang%3D%22en-US%22%3EGetting%20NDR%20from%20O365%20to%20On-premises%20after%20adding%20custom%20domain%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2166007%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20are%20planning%20to%20do%20a%20hybrid%20migration%20using%20Exchange%20hybrid%20wizard.%20but%20I%20faced%20a%20really%20strange%20issue.%26nbsp%3B%3C%2FP%3E%3CP%3EAt%20the%20moment%2C%20I%20just%20wanted%20to%20add%20and%20verify%20the%20custom%20domain.%3C%2FP%3E%3CP%3Elater%20on%2C%20I%20will%26nbsp%3Bsync%20the%20users%20with%20Azure%20AD%20Connect%2C%20configure%20EHW%20and%20migrate%20the%20mailboxes.%20At%20the%20end%2C%20I%20will%20switch%20the%20MX%20records%20from%20pointing%20to%20exchange%20to%20O365.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETherefore%20I've%20done%20the%20following%3A%26nbsp%3B%3C%2FP%3E%3COL%3E%3CLI%3Eadded%20the%20custom%20domain%20to%20O365%20tenant.%3C%2FLI%3E%3CLI%3Eadded%20the%20TXT%20record%20to%20the%26nbsp%3B%3CSPAN%3Edomain%20registrar.%26nbsp%3B%3C%2FSPAN%3E%3C%2FLI%3E%3CLI%3Everified%20the%20domain.%3C%2FLI%3E%3CLI%3EI%20got%20the%20page%20%22%26nbsp%3B%3CSTRONG%3EHow%20do%20you%20want%20to%20connect%20your%20domain%3F%3C%2FSTRONG%3E%20%22%20normally%20I%20select%20%22%20%3CSTRONG%3EAdd%20Your%20own%20DNS%20records%3C%2FSTRONG%3E%20%22%20but%20this%20time%20I%20selected%20%22%20%3CSTRONG%3ESkip%20and%20do%20this%20later%3C%2FSTRONG%3E%22%3C%2FLI%3E%3CLI%3Ethe%20domain%20showed%20green%20icon%3C%2FLI%3E%3C%2FOL%3E%3CP%3EUsers%20started%20getting%20NDR%20messages%20which%20is%20strange%20still%20nothing%20is%20configured%20even%20Azure%20AD%20Connect%20not%20installed%2C%20no%20changes%20on%20exchange%20configuration%2C%20the%20hybrid%20wizard%20not%20installed%2Fconfigured.%20Just%20added%20the%20custom%20domain%20and%20verified%20with%20TXT%20record.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20was%20able%20to%20solve%20the%20problem%20by%20clearing%20autocomplete%20or%20typing%20the%20email%20manually.%20Also%20I%20updated%20the%20address%20list%20from%20on-premises%20EAC%20and%20removed%20the%20custom%20domain%20from%20O365.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20wondering%20why%20this%20happened%20%3F%3C%2FP%3E%3CP%3Eis%20%22%26nbsp%3BSkip%20and%20do%20this%20later%20%22%20caused%20the%20issue%20(which%20I%20doubt)%20or%20it%20was%20just%20a%20coincidence%20that%20something%20not%20related%20to%20custom%20domain%20thing%20caused%20the%20issue.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EReported%20Error%26nbsp%3B%3C%2FP%3E%3CTABLE%20width%3D%22100%25%22%3E%3CTBODY%3E%3CTR%3E%3CTD%3E%3CP%3E%3CEM%3E550%205.1.10%20RESOLVER.ADR.RecipientNotFound%3B%20Recipient%20%3CA%20href%3D%22mailto%3Aabdu%40almeer.com.bh%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EXXX%40XXX.com%3C%2FA%3E%20not%20found%20by%20SMTP%20address%20lookup%3C%2FEM%3E%3C%2FP%3E%3C%2FTD%3E%3C%2FTR%3E%3C%2FTBODY%3E%3C%2FTABLE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2166007%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Ehybrid%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMigration%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2166294%22%20slang%3D%22en-US%22%3ERe%3A%20Getting%20NDR%20from%20O365%20to%20On-premises%20after%20adding%20custom%20domain%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2166294%22%20slang%3D%22en-US%22%3E%3CP%3EWhen%20you%20verify%20a%20domain%20in%20O365%2C%20it%20becomes%20*authoritative*%20by%20default%2C%20so%20messages%20will%20be%20delivered%20only%20to%20cloud%20recipients.%20What%20you%20want%20to%20do%20is%20configure%20it%20as%20*Internal%20relay*%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fmail-flow-best-practices%2Fmanage-accepted-domains%2Fmanage-accepted-domains%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fmail-flow-best-practices%2Fmanage-accepted-domains%2Fmanage-accepted-domains%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

We are planning to do a hybrid migration using Exchange hybrid wizard. but I faced a really strange issue. 

At the moment, I just wanted to add and verify the custom domain.

later on, I will sync the users with Azure AD Connect, configure EHW and migrate the mailboxes. At the end, I will switch the MX records from pointing to exchange to O365.

 

Therefore I've done the following: 

  1. added the custom domain to O365 tenant.
  2. added the TXT record to the domain registrar. 
  3. verified the domain.
  4. I got the page " How do you want to connect your domain? " normally I select " Add Your own DNS records " but this time I selected " Skip and do this later"
  5. the domain showed green icon

Users started getting NDR messages which is strange still nothing is configured even Azure AD Connect not installed, no changes on exchange configuration, the hybrid wizard not installed/configured. Just added the custom domain and verified with TXT record. 

 

I was able to solve the problem by clearing autocomplete or typing the email manually. Also I updated the address list from on-premises EAC and removed the custom domain from O365.

 

I'm wondering why this happened ?

is " Skip and do this later " caused the issue (which I doubt) or it was just a coincidence that something not related to custom domain thing caused the issue.

 

 

Reported Error 

550 5.1.10 RESOLVER.ADR.RecipientNotFound; Recipient XXX@XXX.com not found by SMTP address lookup

 

 

Thanks 

2 Replies

When you verify a domain in O365, it becomes *authoritative* by default, so messages will be delivered only to cloud recipients. What you want to do is configure it as *Internal relay*: https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/manage-accepted-domains/manage-ac...

I believe I did a hybrid last year without any issue. is this something new.
Anyway thanks for the clarification. I will configure it as internal relay and check.