question

pavankumar-6152 avatar image
0 Votes"
pavankumar-6152 asked LucasLiu-MSFT commented

Hybrid Mail flow not working

hi,

i have setup a hybrid to migrate to office 365 with centralized mail flow. But we are unable to recevie an email from office 365 mailbox to on-prem server for internal and external emails. we have opened our firewall for 25 port from anywhere over the internet and we are not seeing any traffic coming in on FW.
i am little confused with the current environment.

  1. we have a domain (abc.com - MX record) where all the external emails come in and go out.

  2. we have a owa, ews, autodiscover (owa.abc.com) for external access/URL.

From where exactly we have to open 25 - abc.com or owa.abc.com.

if we give FQDN in HCW as Abc.com then there is a email comng to on-prem exchange from office 365 for internal mailboxes, but if the email is sent to external like gmail.com or outlook.com it is failing with the error.
Error : 550 5.7.367 Remote server returned not permitted to relay -> 550 Relaying denied.

Thanks
Pavan.



office-exchange-server-administrationoffice-exchange-online-itprooffice-exchange-server-mailflowoffice-exchange-server-connectivityoffice-exchange-hybrid-itpro
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

LucasLiu-MSFT avatar image
0 Votes"
LucasLiu-MSFT answered LucasLiu-MSFT commented

Hi @pavankumar-6152 ,
Could you send email from on-premises Exchange server to external recipient normally?

  1. noticed that the on-premses Exchange server could not receive the mail sent by O365 internally or externally initially, and then you set abc.com as the FQDN in HCW. So how do you set up HCW to run in your current environment? Please make sure that the FQDN set in your HCW is your on-premises Exchange server.

2.About external url. According to my knowledge, external url of autodiscover only could set up in Exchange 2010, and normally it is empty by default and does not need to be set. Other External urls are usually set to https://fqdn/<service>.

3.Please log in to Microsoft 365 admin center -> Settings -> Domains. Check if you have successfully added your on-premises Domain to Office 365.

4.In addition to Port 25, please make sure that you opened the URL, IP and Port required by Office 365.
Please refer to: Office 365 URLs and IP address ranges

In addition, if possible, please share the complete NDR message with us. Pay attention to covering your personal information.



If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



· 6
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @LucasLiu-MSFT ,

iYes, i can send external emails from on-prem exchange servers to external (gmail.com or outlook.com).

  1. yes, On-prem server are unable to receive the emails sent from O365. we have a dedicated server where HCW is running with the Hybrid Agent with mail flow as centralized. So i need to set the FQDN name as a Exchange server (you mean server name like - Servername.domain.com) or i have to use a domain name which our MX record is pointing too.

  2. Okay. these are in place.

  3. This is done.

  4. This is done


Question : does the o365 will look for DNS when it send an email to on-prem exchange servers in Hybrid Mail Flow.?

Thanks
Pavan.



0 Votes 0 ·

Hi @pavankumar-6152 ,
Confirm here, the only issue in your current environment are errors when O365 mailboxes are sent to external recipients.

Regarding your question. No need to query DNS records. In the hybrid environment, the mail between on-premises Exchange and Exchange online is equivalent to internal sending, which is sent through the connector created by HCW. In addition, since you failed to send mail, this has nothing to do with your organization's MX records.

Please check whether the configuration of the connector automatically created by HCW in Exchange online is correct.

Please try to send a test email and check the message trace in Exchange online admin center, check if there are more related error messages. In addition, besides the error information provided above, is there any more information in the NDR you received?



If the response is helpful, please click "Accept Answer" and upvote it.


0 Votes 0 ·

hi Lucas,

This is what i get it when i send email from o365 to on-prem.
Sending from o365 to on-prem mailbox.
Diagnostic information for administrators:

Generating server: DM6HRG7318.namprd2.prod.outlook.com
Receiving server: DM6HRG7318.namprd2.prod.outlook.com
Total retry attempts: 7

usermilbox@domain.com
5/12/2021 8:45:49 PM - Server at DM6HRG7318.namprd2.prod.outlook.com returned '550 5.4.316 Message expired, connection refused(Socket error code 10061)'
5/12/2021 8:40:06 PM - Server at 11.167.19.267 (11.167.19.267) returned '450 4.4.316 Connection refused [Message=Socket error code 10061] [LastAttemptedServerName=DOMAIN.COM] [LastAttemptedIP=11.167.19.267:25] [DM3HCCYFT004.eop-LKT02.prod.protection.outlook.com](Socket error code 10061)'

Sending from o365 to external.
Reported error: 550 5.7.367 Remote server returned not permitted to relay -> 550 Relaying denied.
DSN generated by: BLAQR09MB6642.namprd2.prod.outlook.com
Remote server: Requested

0 Votes 0 ·
Show more comments

Hi @pavankumar-6152 ,
I am writing here to confirm with you how thing going now?



If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


0 Votes 0 ·