question

Jred-0971 avatar image
0 Votes"
Jred-0971 asked Jred-0971 answered

365 connector dropping email

We have Microsoft 365 mail setup with a connector for a third party SMTP server (postfix) which sends email from @ourdomain.com.au to @ourdomain.com.au and @externaldomains.com.
SPF, DKIM and DMARC are all set to allow mail from M365 and the third party server.

Email from the third party server to external domains is working fine and I can see mail (via message trace) going through our M365 servers.
Email sent to our M365 accounts however, is dropped completely, that is no trace results and no NDRs sent back to the third party server.
If I try sending a simple email from the third party server, via telnet commands, the emails are delivered to our internal accounts. This is making it super hard to troubleshoot

I found the following comment here and suspect this is related but not sure where to start looking.
This depends on the connector settings of the Office 365 tenant you are sending messages to. Office 365 allows mail admins to route messages with certain criteria to an internal SMTP service or a smart host. For those messages, Office 365 may think they have been routed to another server successfully. Actually the messages might be lost by a smart host, or the smart host doesn't support to return NDR. You can try to trace the email in Office 365 to find the routing path. Meanwhile, check the connectors, transport rules configured in the corresponding Exchange Online admin center.

Thanks in advance!

office-exchange-server-mailflow
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

HAve you verified Office 365 is accepting the messages?

0 Votes 0 ·

Hi Andy,

Some email from the third party server is being accepted. Telnet mail comes through no problem. When email from the app is generated it will send separate emails to each recipient, mail that is sent;
from my.name@ourdomain.com.au to my.name@external.com.au is accepted and I can see it in the trace logs in M365.
from my.name@ourdomain.com.au to my.name@ourdomain.com.au just vanishes.

I cannot find anything in M365 indicating that it is being accepted. Where should I be looking other than "Message trace"?

0 Votes 0 ·
Jred-0971 avatar image
0 Votes"
Jred-0971 answered

So it turns out (as I always suspected) that the issue was with the third party application setup and the emails were not leaving their server.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

KyleXu-MSFT avatar image
0 Votes"
KyleXu-MSFT answered Jred-0971 commented

@Jred-0971

How do you send email from the SMTP server? Does it relay email from Exchange online? If so, I would suggest you update setting with the Option 1 . This method bypasses most spam checks for email sent to people in your organization.

Email sent to our M365 accounts however, is dropped completely, that is no trace results and no NDRs sent back to the third party server.
If I try sending a simple email from the third party server, via telnet commands, the emails are delivered to our internal accounts.

What is the difference between those two emails?

You can also have a check whether those emails were quarantined on Office 365 , so, there not NDR generate.


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@KyleXu-MSFT

Email is sent to our smart host "tenant.mail.protection.outlook.com" using Option 3. I am unsure if the App is able to use SMTP Auth (I have asked the developers but have received no response as yet)

The only difference between the emails generated (per instance) is the recipient address.

Emails are not being quarantined. I can find no record of them (the ones sent to the M365 accounts) in M365 at all.

0 Votes 0 ·