SOLVED

How to use on-premis smtp relay name with office365

Brass Contributor

Hi All,

  We are about to decomission our on-premises Exchange server after moving all our mailboxes to Office 365.

 

We have quite lot of devices and applications are configured with smtp.mydomain.com relay address.

 

So how do i keep the same name and relay emails without changing? 

 

AS

18 Replies

@aussupport 

 

Are you synchronising your AD with Azure AD or are your O365 accounts now cloud only?

 

If you are still syncing using Azure AD Connect, then Microsoft recommended and supported practice is to leave 1 Exchange On-Premises server to manage attributes, and act as the SMTP relay.

 

If you are cloud only now, then you have the following options available to you.

 

https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-dev...

HI Peter,

Yes, Sync AD with Azure AD and Exchange 2010. I am trying to figure out a way to send SMTP traffic to internal and external addresses from multiple programs and devices on premise without having to setup a few hundred accounts in 365 and costing E5 Licences.

Looks like only option is setup with SMTP Relay. My MX is point to Proofpoint and connector is setup for hybrid configuration. I can send internal email but not external.
look like i need to configure the SMTP Relay with them?

As

@aussupport 

 

As you are using hybrid identity, I strongly recommend that you leave a single Exchange server in place to manage attributes and SMTP relay.  This is what Microsoft both recommend and more importantly will support.  If you have have some O365 E1 or E3 licences on your tenant, you qualify for a free Exchange 2016 hybrid licence key, and you can install Exchange 2016 to handle all this for you and retire your older Exchange 2010 server(s).  Definitely the path of least resistance and will keep you in a supported position.

Hi Peter,

Thank you so much. We have E5 licence and where i can see these recommended options and qualification details?

AS

@PeterRising 

 

Hi Peter,

    We have ADFS setup and few service mailboxes so do you have good guid for me to upgrade a  Hybrid Exchange 2010 Server to 2016?

 

As

@aussupport 

 

You need to first ensure that any Exchange 2010 servers that you have in your environment are fully service packed and up to date before you install your Exchange 2016 server and update your hybrid configuration.  

 

You will need to install the prerequisites for Exchange 2016 on your new server which include running the following in PowerShell;

 

Install-WindowsFeature NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS

 

Install the Microsoft Unified Communications Managed Api 4.0 on the Exchange 2016 server from - 

https://www.microsoft.com/en-gb/download/details.aspx?id=34992

 

Install the Microsoft Visual C++ 2013 redistributable (x64) on the Exchange 2016 server from - https://www.microsoft.com/en-gb/download/details.aspx?id=40784

 

Install the .Net 4.7.2 framework onto the Exchange 2016 server from - https://dotnet.microsoft.com/download/dotnet-framework/net472

 

Next, you need to extend your AD schema for the Exchange 2016 attributes.  This is done as follows;

 

Connect to Exchange Online PowerShell as below;

 

$Cred=GET-CREDENTIAL 

$s = NEW-PSSESSION -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $Cred -Authentication Basic -AllowRedirection 

$importresults=import-pssession $s 

 

Export the tenantconfig.xml file by running the following;

 

Get-OrganizationConfig | Export-Clixml -Path TenantConfig.XML

 

Next, prepare the schema as below - setting the folder path to where you saved the xml file.,

 

./Setup.exe /PrepareAD /TenantOrganizationConfig c:\temp\TenantConfig.xml /IAcceptExchangeServerLicenseTerms

 

Then, prepare the domains 

 

./Setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseterms

 

Export the public SSL cert from your Exchange 2010 onto your Exchange 2016 server

 

Then you can run the Exchange server installation setup wizard.  Once complete, logon to the Exchange Admin Centre and import the SSL cert and bind to the required services.  

 

Set the virtual directories and the client access service.

 

Reboot the server.

 

Now you can re-run the hybrid configuration wizard and update your hybrid config for Exchange 2016.

 

Move the arbitration mailbox and other system mailboxes from Exchange 2010 to Exchange 2016.

 

Create receive connector in Exchange 2016 for SMTP relay.  Test thoroughly, then when happen all is working as expected you may decommission your Exchange 2010 servers by removing Exchange 2010 via the control panel.

 

Job done!

@PeterRising 

 

Hi Peter,

 

Thanks for the steps . But i think we need to do some more steps due to Ad Sync server and two adfs servers with this hybrid design?

 

AS

@aussupport 

 

No, ADFS and AD sync is supported in this method.  If you have this setup already then you are good to go.

 

I would consider reviewing your requirement for ADFS however. Ask yourself if you still need it.  You may be able to consider switching to pass-through authentication instead.

@PeterRising 

 

Hi Peter,

 

  We have only one exchange server. Server IP is 192.168..0.10 

smtp1.mydomain.com -->192.168.1.50

smtp2.mydomain.com ---> 192.168.1.50

 

I can see the DNS entries. So where do i see this configuration?

 

as

@aussupport 

 

Sorry, I'm not sure what you are asking here?

@PeterRising 

 

Hi Peter,

 

  I'm going to add the Exchange 2016 and migrate Exchange 2010. But trying to understand the mail flow setup in here. I'm new to the business. 

 

All the devices and applications are set up to below SMTP addresses? ( smtp1.mydomain.com) but this SMTP IP's are different to Exchange server. 

 

Look like SMTP relay using a different way?

 

As

 

 

 

 

 

   

@aussupport 

 

Ah I get you.  When you create your Exchange 2016 server, you will need to create a new receive connector in the Exchange Admin Center.  You will have a similar one in Exchange 2010 for SMTP relay.

 

Once it's set,  you need to switch one of your devices / software over to it to test, and then slowly change everything over to it.

@PeterRising 

 

Hi Peter,

 

  Thanks, But no receive connector with those IP's or SMTP name? I think smtp.mydomain.com is not relaying via Exchange. No edge subscription in exchange 2010? I'm confused.

 

As

@aussupport 

 

Ah OK, you would need to either change your internal DNS record for your SMTP name to be the IP address of the Exchange 2016 server when you were ready.  Alternatively, you could switch the IP addresses and give the new Exchange 2016 server the same IP as the current Exchange 2010 SMTP relay server.  

@PeterRising 

 

HI Peter,

 

  Thank you so much for your information. Yes, I can do that. One more question.

 

How do we set up redundancy for SMTP Relay? We have one Exchange 2016 Server and Windows AD servers in Azure.  So if this server goes down, how we handle the notification emails from our devices and applications?

 

I think allowing on-premise SMTP traffic to AWS is not a good idea. 

As

best response confirmed by aussupport (Brass Contributor)
Solution

@aussupport 

 

My pleasure! :smile:

 

If you want some redundancy, what I normally suggest is to spin up a second Exchange 2016 server and add the same connector.  If you needed to flip over to it, you could change your internal smtp dns entry to point to the IP of the backup.

@PeterRising  Hi Peter,

 

   Are you recommend to set up this Exchange 2016 server in on-premise or Cloud ( AWS)

if it is in AWS, can I use the free Exchange License?

 

As

1 best response

Accepted Solutions
best response confirmed by aussupport (Brass Contributor)
Solution

@aussupport 

 

My pleasure! :smile:

 

If you want some redundancy, what I normally suggest is to spin up a second Exchange 2016 server and add the same connector.  If you needed to flip over to it, you could change your internal smtp dns entry to point to the IP of the backup.

View solution in original post