11-20-2018 08:27 AM
11-20-2018 08:27 AM
I'm having challenges understanding why e-mails won't relay between internal user mailboxes using xxx.mail.protection.outlook.com from an on-premises IIS SMTP server to O365. We have a connector setup to allow mail from the external IP, the smart host points to the xxx.mail.protection.outlook.com on port 25 and is set to anonymous authentication and TLS encryption. I can submit e-mails through the relay from mailboxes on the domain to external recipients, and I can even submit e-mails through the relay on the domain from users without mailboxes to other users with mailboxes on the same domain. But what I cannot do is submit e-mails from a user with a mailbox to another user with a mailbox on the same domain. So for example, firstname.lastname@example.org to email@example.com assuming both users have mailboxes. This always goes to badmail with the following response: smtp;554 5.2.0 STOREDRV.Submission.Exception:SendAsDeniedException.MapiExceptionSendAsDenied; Failed to process message due to a permanent exception with message Cannot submit message. We need to allow messages to be routed between users, DL's, etc. on the same domain through the relay. Hopefully I'm just missing a piece of the puzzle here.
Thanks in advance.
11-20-2018 10:33 AM
So if I got this right, you have mailboxes both in ExO and in some other system on-premises? IIS SMTP relay is hardly the best tool to use in such scenarios, but without knowing the specifics we cannot give you more detailed recommendations. In any case, you can resolve this issue by adding Send As permissions for any of the accounts that already have mailboxes.
In a nutshell, they recently introduced some changes recently that make SMTP submitted messages behave pretty much like any other messages, thus if the mailbox already exists you will need Send As permissions to use that address. As part of those changes, you should also ensure that the sender address complies with RFC5322. More details here: https://support.microsoft.com/en-us/help/4458479/improvements-in-smtp-authenticated-submission-clien...
11-20-2018 11:35 AM