Exchange Transport Rule Remove SharePoint Links
Hey everyone, So we recently implemented an Exchange online (M365) transport rule to add a small amount of HTML text at the top of the email, warning the email has come from an outside source, however this appears to have caused an issue with sharePoint links sent from external parties. The image etc are all there, and all the links to Microsoft.com etc are all fine, however the image for the excel/ word doc etc, are now just blank images, without the URL behind. If you remove the transport rule its all fine. The HTML on the transport rule is this <!-- Red Banner --> <table align="left" border="0" cellpadding="0" cellspacing="0" style="width:100%"> <tbody> <tr> <td style="background-color:#ec6137; width:4px"> </td> <td style="width:1187px"> <p><strong> Caution:</strong> This email originated outside of the *******. Be careful of attachments and links. Report suspicious emails to ServiceDesk.</p> </td> </tr> </tbody> </table> <p> </p> There's nothing in there to strip the attachments, but the email is being modified by the HTML warning, so its plausible to see with Exchange would see it as a threat. We do have the safe senders part of Exchange turned on etc. Any thoughts? Ta
Exchange hybrid - Users with on-prem mailboxes are being considered 'unauthenticated'
Overview + Setup Information This issue relates to Exchange, SharePoint Online and Office 365. Here's a quick summary of our setup: We've integrated our on-prem AD with Azure AD via Azure AD Connect. We have hybrid Exchange set up, with some mailboxes hosted on-prem (Exchange Server 2010 SP3) and others hosted on Exchange Online. Inbound mail flow is directed to Exchange Online so that we can use EOP for anti-spam and anti-malware protection. Issue Users with on-prem mailboxes are unable to send emails to distribution groups using the 'Send by Email' functionality in SharePoint Online sites. These users are able to select the distribution group and send the email, however, the message is not received by any of the members of the distribution group. Solution Disabling the 'Require that all senders are authenticated' option in EMC > Distribution Groups > [desired group] > Mail Flow Settings > Message Delivery Restrictions, fixes this issue. As in, members of the group will then receive emails that users with on-prem mailboxes send using the 'Send by Email' button on SharePoint Online. FYI, the equivalent setting on Exchange Online seems to be EAC > Recipients > Groups > [desired group] > Delivery Management > Senders inside and outside my organization. Issue with Solution This is not an acceptable solution as it leaves the door open for external senders to send emails to all the members in our distribution groups. This is problematic for a number of reasons, particularly from a security perspective. Question It seems like either Exchange Online or our on-prem Exchange server is deeming these users (who have on-prem mailboxes) to be unauthenticated/outside the organization - as a reminder, our inbound mail flow goes through Exchange Online. Hence, how can we make Exchange Online/on-prem Exchange consider these users to be authenticated/inside the organization? I am of course also open to trying other solutions that might fix the issue we're having. Any help would be much appreciated.
